238 matches found
CVE-2025-37947
CVE-2025-37947 affects ksmbd (Linux kernel SMBv3 server). Root cause: ksmbd_vfs_stream_write() could perform an out-of-bounds write when *pos >= v_len due to missing bounds check; patch adds a check to ensure *pos
CVE-2025-37947
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating pos ksmbdvfsstreamwrite did not validate whether the write offset pos was within the bounds of the existing stream data length vlen. If pos was greater than or equal to vle...
CVE-2025-37942
CVE-2025-37942 is described in connected advisories as a Linux kernel issue within the HID: pidff path. The root cause reported is “Make sure to fetch pool before checking SIMULTANEOUS_MAX,” indicating a logic/fence-check or data handling problem in pool management related to HID: pidff. Affected...
CVE-2025-37936
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBSENABLE loaded for guest with vCPU's value. When generating the MSRIA32PEBSENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PEBSENABLE value...
CVE-2025-37923
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in traceseqtobuffer syzbot reported this bug: ================================================================== BUG: KASAN: slab-out-of-bounds in traceseqtobuffer kernel/trace/trace.c:1830 inline BUG: KASA...
CVE-2025-37919
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fix NULL pointer deref in acpi2ssettdmslot Update chip data using devgetdrvdatadev-parent to fix NULL pointer deref in acpi2ssettdmslot...
CVE-2025-37920
In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...
CVE-2025-37916
In the Linux kernel, the following vulnerability has been resolved: pdscore: remove write-after-free of clientid A use-after-free error popped up in stress testing: Mon Apr 21 21:21:33 2025 BUG: KFENCE: use-after-free write in pdscauxbusdevdel+0xef/0x160 pdscore Mon Apr 21 21:21:33 2025...
CVE-2025-37911
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix out-of-bound memcpy during ethtool -w When retrieving the FW coredump using ethtool, it can sometimes cause memory corruption: BUG: KFENCE: memory corruption in bnxtgetcoredump+0x3ef/0x670 bnxten Corrupted memory at...
CVE-2025-37909
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the skb to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor preven...
CVE-2025-37908 mm, slab: clean up slab->obj_exts always
In the Linux kernel, the following vulnerability has been resolved: mm, slab: clean up slab-objexts always When memory allocation profiling is disabled at runtime or due to an error, shutdownmemprofiling is called: slab-objexts which previously allocated remains. It won't be cleared by...
CVE-2025-37898
In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix module loading without patchable function entries getstubssize assumes that there must always be at least one patchable function entry, which is not always the case modules that export data but no code,...
CVE-2025-37894
In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...
CVE-2025-37871
In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sccount directly if fail to queue dlrecall A deadlock warning occurred when invoking nfs4putstid following a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist nfs4anylockblockers breakleas...
CVE-2025-37876
In the Linux kernel, the following vulnerability has been resolved: netfs: Only create /proc/fs/netfs with CONFIGPROCFS When testing a special config: CONFIGNETFSSUPPORTS=y CONFIGPROCFS=n The system crashes with something like: 3.766197 ------------ cut here ------------ 3.766484 kernel BUG at...
CVE-2025-37841
In the Linux kernel, the following vulnerability has been resolved: pm: cpupower: bench: Prevent NULL dereference on malloc failure If malloc returns NULL due to low memory, 'config' pointer can be NULL. Add a check to prevent NULL dereference...
CVE-2025-37831
In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in applesoccpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. applesoccpufreqgetrate does not check for this case, which results in a...
CVE-2025-37828 scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...
CVE-2025-37822
In the Linux kernel, the following vulnerability has been resolved: riscv: uprobes: Add missing fence.i after building the XOL buffer The XOL execute out-of-line buffer is used to single-step the replaced instructions for uprobes. The RISC-V port was missing a proper fence.i i$ flushing after...
CVE-2025-37821
In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...