Lucene search
+L

238 matches found

CVE
CVE
added 2025/05/20 4:1 p.m.122 views

CVE-2025-37947

CVE-2025-37947 affects ksmbd (Linux kernel SMBv3 server). Root cause: ksmbd_vfs_stream_write() could perform an out-of-bounds write when *pos >= v_len due to missing bounds check; patch adds a check to ensure *pos

7.8CVSS6.5AI score0.00204EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2025/05/20 4:1 p.m.6 views

CVE-2025-37947

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating pos ksmbdvfsstreamwrite did not validate whether the write offset pos was within the bounds of the existing stream data length vlen. If pos was greater than or equal to vle...

7.8CVSS5.7AI score0.00204EPSS
Exploits1
CVE
CVE
added 2025/05/20 3:58 p.m.71 views

CVE-2025-37942

CVE-2025-37942 is described in connected advisories as a Linux kernel issue within the HID: pidff path. The root cause reported is “Make sure to fetch pool before checking SIMULTANEOUS_MAX,” indicating a logic/fence-check or data handling problem in pool management related to HID: pidff. Affected...

6.7AI score0.00012EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/20 3:22 p.m.7 views

CVE-2025-37936

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBSENABLE loaded for guest with vCPU's value. When generating the MSRIA32PEBSENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PEBSENABLE value...

5.5CVSS5.6AI score0.0016EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/20 3:21 p.m.5 views

CVE-2025-37923

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in traceseqtobuffer syzbot reported this bug: ================================================================== BUG: KASAN: slab-out-of-bounds in traceseqtobuffer kernel/trace/trace.c:1830 inline BUG: KASA...

7.8CVSS6AI score0.00183EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/20 3:21 p.m.4 views

CVE-2025-37919

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fix NULL pointer deref in acpi2ssettdmslot Update chip data using devgetdrvdatadev-parent to fix NULL pointer deref in acpi2ssettdmslot...

5.5CVSS5.6AI score0.00157EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/20 3:21 p.m.7 views

CVE-2025-37920

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...

4.7CVSS5.3AI score0.00119EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/20 3:21 p.m.9 views

CVE-2025-37916

In the Linux kernel, the following vulnerability has been resolved: pdscore: remove write-after-free of clientid A use-after-free error popped up in stress testing: Mon Apr 21 21:21:33 2025 BUG: KFENCE: use-after-free write in pdscauxbusdevdel+0xef/0x160 pdscore Mon Apr 21 21:21:33 2025...

7.8CVSS6.2AI score0.00172EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/20 3:21 p.m.7 views

CVE-2025-37911

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix out-of-bound memcpy during ethtool -w When retrieving the FW coredump using ethtool, it can sometimes cause memory corruption: BUG: KFENCE: memory corruption in bnxtgetcoredump+0x3ef/0x670 bnxten Corrupted memory at...

5.5CVSS6.3AI score0.0016EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/20 3:21 p.m.10 views

CVE-2025-37909

In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the skb to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor preven...

5.5CVSS5.7AI score0.00168EPSS
Exploits0
OSV
OSV
added 2025/05/20 3:21 p.m.9 views

CVE-2025-37908 mm, slab: clean up slab->obj_exts always

In the Linux kernel, the following vulnerability has been resolved: mm, slab: clean up slab-objexts always When memory allocation profiling is disabled at runtime or due to an error, shutdownmemprofiling is called: slab-objexts which previously allocated remains. It won't be cleared by...

7.8CVSS6.5AI score0.00166EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/05/20 3:21 p.m.6 views

CVE-2025-37898

In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix module loading without patchable function entries getstubssize assumes that there must always be at least one patchable function entry, which is not always the case modules that export data but no code,...

5.5CVSS5.7AI score0.0014EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/20 3:21 p.m.6 views

CVE-2025-37894

In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...

5.5CVSS5.6AI score0.00157EPSS
Exploits0
NVD
NVD
added 2025/05/09 7:16 a.m.17 views

CVE-2025-37871

In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sccount directly if fail to queue dlrecall A deadlock warning occurred when invoking nfs4putstid following a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist nfs4anylockblockers breakleas...

5.5CVSS0.00247EPSS
Exploits0References9
NVD
NVD
added 2025/05/09 7:16 a.m.8 views

CVE-2025-37876

In the Linux kernel, the following vulnerability has been resolved: netfs: Only create /proc/fs/netfs with CONFIGPROCFS When testing a special config: CONFIGNETFSSUPPORTS=y CONFIGPROCFS=n The system crashes with something like: 3.766197 ------------ cut here ------------ 3.766484 kernel BUG at...

5.5CVSS0.00226EPSS
Exploits0References3
NVD
NVD
added 2025/05/09 7:16 a.m.17 views

CVE-2025-37841

In the Linux kernel, the following vulnerability has been resolved: pm: cpupower: bench: Prevent NULL dereference on malloc failure If malloc returns NULL due to low memory, 'config' pointer can be NULL. Add a check to prevent NULL dereference...

5.5CVSS0.00243EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2025/05/08 6:26 a.m.6 views

CVE-2025-37831

In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in applesoccpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. applesoccpufreqgetrate does not check for this case, which results in a...

5.5CVSS5.6AI score0.00154EPSS
Exploits0
OSV
OSV
added 2025/05/08 6:26 a.m.7 views

CVE-2025-37828 scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/05/08 6:26 a.m.5 views

CVE-2025-37822

In the Linux kernel, the following vulnerability has been resolved: riscv: uprobes: Add missing fence.i after building the XOL buffer The XOL execute out-of-line buffer is used to single-step the replaced instructions for uprobes. The RISC-V port was missing a proper fence.i i$ flushing after...

7.8CVSS6.1AI score0.00211EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/08 6:26 a.m.6 views

CVE-2025-37821

In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...

5.5CVSS5.8AI score0.00152EPSS
Exploits0
Rows per page
Query Builder