Lucene search
K

238 matches found

Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.4 views

CVE-2025-38310

In the Linux kernel, the following vulnerability has been resolved: seg6: Fix validation of nexthop addresses The kernel currently validates that the length of the provided nexthop address does not exceed the specified length. This can lead to the kernel reading uninitialized memory if user space...

5.5CVSS5.5AI score0.00137EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.5 views

CVE-2025-38308

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw Search result of avsdaifindpathtemplate shall be verified before being used. As 'template' is already known when avshwconstraintsinit is fired, drop the search entirel...

5.5CVSS5.4AI score0.0012EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.3 views

CVE-2025-38305

In the Linux kernel, the following vulnerability has been resolved: ptp: remove ptp-nvclocks check logic in ptpvclockinuse There is no disagreement that we should check both ptp-isvirtualclock and ptp-nvclocks to check if the ptp virtual clock is in use. However, when we acquire ptp-nvclocksmux t...

5.5CVSS5.5AI score0.00145EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.4 views

CVE-2025-38304

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eirgetservicedata The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIRSERVICEDATA...

5.5CVSS5.4AI score0.00145EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.9 views

CVE-2025-38301

In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmpnvmem: unbreak driver after cleanup Commit 29be47fcd6a0 "nvmem: zynqmpnvmem: zynqmpnvmemprobe cleanup" changed the driver to expect the device pointer to be passed as the "context", but in nvmem the context parameter...

5.5CVSS5.2AI score0.00143EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.5 views

CVE-2025-38295

In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smpprocessorid with rawsmpprocessorid in mesonddrpmucreate The Amlogic DDR PMU driver mesonddrpmucreate function incorrectly uses smpprocessorid, which assumes disabled preemption. This leads to kernel...

7.8CVSS6.1AI score0.00153EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.5 views

CVE-2025-38293

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar-arvifs list In current WLAN recovery code flow, ath11kcorehalt only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an...

5.5CVSS6.1AI score0.00176EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.4 views

CVE-2025-38294

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix NULL access in assign channel context handler Currently, when ath12kmacassignviftovdev fails, the radio handle ar gets accessed from the link VIF handle arvif for debug logging, This is incorrect. In the fail...

5.5CVSS5.3AI score0.00137EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.3 views

CVE-2025-38292

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12kdprxmsducoalesce, rxcb is fetched from skb and boolean iscontinuation is part of rxcb. Currently, after freeing the skb, the rxcb-iscontinuation accessed again which is wrong...

7.1CVSS5.7AI score0.00153EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.3 views

CVE-2025-38290

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix node corruption in ar-arvifs list In current WLAN recovery code flow, ath12kcorehalt only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an...

5.5CVSS6AI score0.0013EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.5 views

CVE-2025-38284

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: configure manual DAC mode via PCI config API only To support 36-bit DMA, configure chip proprietary bit via PCI config API or chip DBI interface. However, the PCI device mmap isn't set yet and the DBI is also...

5.5CVSS5.3AI score0.00137EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.4 views

CVE-2025-38282

In the Linux kernel, the following vulnerability has been resolved: kernfs: Relax constraint in draining guard The active reference lifecycle provides the break/unbreak mechanism but the active reference is not truly active after unbreak -- callers don't use it afterwards but it's important for...

5.5CVSS5.3AI score0.00156EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:41 a.m.4 views

CVE-2025-38279

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: 10 PID: 2315...

7.8CVSS5.7AI score0.00162EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:41 a.m.5 views

CVE-2025-38271

In the Linux kernel, the following vulnerability has been resolved: net: prevent a NULL deref in rtnlcreatelink At the time rtnlcreatelink is running, dev-netdevops is NULL, we must not use netdevlockops or risk a NULL deref if CONFIGNETSHAPER is defined. Use netifsetgroup instead of devsetgroup...

5.5CVSS5.4AI score0.00137EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:41 a.m.3 views

CVE-2025-38270

In the Linux kernel, the following vulnerability has been resolved: net: drv: netdevsim: don't napicomplete from netpoll netdevsim supports netpoll. Make sure we don't call napicomplete from it, since it may not be scheduled. Breno reports hitting a warning in napicompletedone: WARNING: CPU: 14...

7.8CVSS6.1AI score0.00162EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:37 a.m.4 views

CVE-2025-38265

In the Linux kernel, the following vulnerability has been resolved: serial: jsm: fix NPE during jsmuartportinit No device was set which caused serialbasectrladd to crash. BUG: kernel NULL pointer dereference, address: 0000000000000050 Oops: Oops: 0000 1 PREEMPT SMP NOPTI CPU: 16 UID: 0 PID: 368...

5.5CVSS5.4AI score0.00155EPSS
Exploits0
NVD
NVD
added 2025/07/09 11:15 a.m.5 views

CVE-2025-38249

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3 In sndusbgetaudioformatuac3, the length value returned from sndusbctlmsg is used directly for memory allocation without validation. This length is controlled by...

7.1CVSS0.00153EPSS
Exploits0References10
CVE
CVE
added 2025/07/04 1:37 p.m.83 views

CVE-2025-38229

CVE-2025-38229 – Linux kernel (cxusb/dvb-usb I2C path) – concrete details : The issue arises in the I2C transfer path for cxusb-based DVB devices. When a usb_bulk_msg() write succeeds but rlen > 0, the subsequent read may still occur; however, if the write fails and rlen is 1, the read path is...

5.5CVSS6.3AI score0.0015EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2025/07/04 1:37 p.m.6 views

CVE-2025-38221

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out of bounds punch offset Punching a hole with a start offset that exceeds maxend is not permitted and will result in a negative length in the truncateinodepartialfolio function while truncating the page cache,...

7.1CVSS6.1AI score0.00138EPSS
Exploits0
OSV
OSV
added 2025/07/04 1:37 p.m.4 views

CVE-2025-38214 fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fbsetvar to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in fbsetvar fails to allocate memory for fbvideomode, later it may lead to a null-ptr dereference in fbvideomodetovar, as the fbinfo is registere...

5.5CVSS6.2AI score0.00153EPSS
Exploits0References14
Rows per page
Query Builder