Lucene search
K

246 matches found

Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.6 views

CVE-2025-38221

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out of bounds punch offset Punching a hole with a start offset that exceeds maxend is not permitted and will result in a negative length in the truncateinodepartialfolio function while truncating the page cache,...

7.1CVSS6.1AI score0.00138EPSS
Exploits0
OSV
OSV
added 2025/07/04 1:37 p.m.3 views

CVE-2025-38214 fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fbsetvar to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in fbsetvar fails to allocate memory for fbvideomode, later it may lead to a null-ptr dereference in fbvideomodetovar, as the fbinfo is registere...

5.5CVSS6.2AI score0.00153EPSS
Exploits0References14
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.3 views

CVE-2025-38213

Removed by vendor...

7.3AI score
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.4 views

CVE-2025-38212

In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, 0 0: https://lore.kernel.org/all/[email protected]/ idrforeach is protected by rwsem, but thi...

7.8CVSS5.8AI score0.00153EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.8 views

CVE-2025-38208

In the Linux kernel, the following vulnerability has been resolved: smb: client: add NULL check in automountfullpath page is checked for null in buildpathfromdentryoptionalprefix when tcon-originfullpath is not set. However, the check is missing when it is set. Add a check to prevent a potential...

5.5CVSS5.3AI score0.00146EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.4 views

CVE-2025-38209

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: remove tag set when second admin queue config fails Commit 104d0e2f6222 "nvme-fabrics: reset admin connection for secure concatenation" modified nvmetcpsetupctrl to call nvmetcpconfigureadminqueue twice. The first call...

7.8CVSS6.1AI score0.00144EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.4 views

CVE-2025-38207

In the Linux kernel, the following vulnerability has been resolved: mm: fix uprobe pte be overwritten when expanding vma Patch series "Fix uprobe pte be overwritten when expanding vma". This patch of 4: We encountered a BUG alert triggered by Syzkaller as follows: BUG: Bad rss-counter state...

5.5CVSS5.2AI score0.00131EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.3 views

CVE-2025-38206

In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayedfree The double free could happen in the following path. exfatcreateupcasetable exfatcreateupcasetable : return error exfatfreeupcasetable : free -volutbl exfatloaddefaultupcasetable : return erro...

7.8CVSS5.7AI score0.00156EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.3 views

CVE-2025-38197

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dellrbu: Fix list usage Pass the correct list head to listforeachentry when looping through the packet list. Without this patch, reading the packet data via sysfs will show the data incorrectly because it starts at...

5.5CVSS5.5AI score0.00156EPSS
Exploits0
OSV
OSV
added 2025/07/04 1:37 p.m.6 views

CVE-2025-38193 net_sched: sch_sfq: reject invalid perturb period

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that SFQ perturbperiod has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl-perturbperio...

5.5CVSS6.2AI score0.00161EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.4 views

CVE-2025-38190

In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we account skb-truesize to sk-skwmemalloc by atmaccounttx. It is expected to be reverted by atmpopraw later called by vcc-dev-ops-sendvcc, skb. However, vccsendms...

5.5CVSS5.3AI score0.00164EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.6 views

CVE-2025-38187

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in r535gsprpcpush The RPC container is released after being passed to r535gsprpcsend. When sending the initial fragment of a large RPC and passing the caller's RPC container, the container will b...

7.8CVSS5.7AI score0.00145EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.5 views

CVE-2025-38185

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendmsg copies data passed from userspace to skb and passes it to vcc-dev-ops-send. atmtcpcsend accesses skb-data as struct atmtcphdr afte...

5.5CVSS5.3AI score0.00161EPSS
Exploits0
NVD
NVD
added 2025/07/03 9:15 a.m.5 views

CVE-2025-38143

In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add NULL check in wledconfigure devmkasprintf returns NULL when memory allocation fails. Currently, wledconfigure does not check for this case, which results in a NULL pointer dereference. Add NULL check after...

5.5CVSS0.00166EPSS
Exploits0References9
OSV
OSV
added 2025/07/03 8:36 a.m.5 views

CVE-2025-38172 erofs: avoid using multiple devices with different type

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. erofsinitdevice has already guaranteed that if the primary is a file-backed device, extra devic...

7.8CVSS6AI score0.00143EPSS
Exploits0References6
CVE
CVE
added 2025/07/03 8:35 a.m.84 views

CVE-2025-38123

CVE-2025-38123 affects the Linux kernel in Azure Linux 3.0 environments, where the t7xx NAPI RX polling path could use an invalid netdev after dellink-triggered disconnects, causing a NULL pointer dereference and kernel panic during skb processing. The issue arises when the driver processes napi_...

5.5CVSS7AI score0.00155EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2025/07/03 7:44 a.m.4 views

CVE-2025-38095

In the Linux kernel, the following vulnerability has been resolved: dma-buf: insert memory barrier before updating numfences smpstoremb inserts memory barrier after storing operation. It is different with what the comment is originally aiming so Null pointer dereference can be happened if memory...

5.5CVSS5.5AI score0.00167EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/03 7:44 a.m.4 views

CVE-2025-38094

In the Linux kernel, the following vulnerability has been resolved: net: cadence: macb: Fix a possible deadlock in macbhalttx. There is a situation where after THALT is set high, TGO stays high as well. Because jiffies are never updated, as we are in a context with interrupts disabled, we never...

5.5CVSS5.5AI score0.00126EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/06/30 7:29 a.m.6 views

CVE-2025-38089

In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVCGARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the client sends a kernel RPC server a specially crafted packet. If decoding the RPC reply fails in such a w...

5.5CVSS5.5AI score0.00271EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/06/20 4:9 p.m.2 views

CVE-2025-38029

In the Linux kernel, the following vulnerability has been resolved: kasan: avoid sleepable page allocation from atomic context applytopterange enters the lazy MMU mode and then invokes kasanpopulatevmallocpte callback on each page table walk iteration. However, the callback can go into sleep when...

7CVSS6.9AI score0.0014EPSS
Exploits0References4
Rows per page
Query Builder