CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2025/08/18 5:12 a.m.•3 views

CVE-2025-38525

A flaw was found in the Linux kernel’s Remote Execution RPC RxRPC implementation, where the rxrpcassessMTUsize function is invoked with interrupts disabled during the handling of an incoming call. This function queries the IP layer for route MTU information, but the IP layer internally uses...

7CVSS6.3AI score0.00027EPSS

Exploits0References4

NVD•added 2025/08/16 12:15 p.m.•3 views

CVE-2025-38525

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...

5.5CVSS0.00027EPSS

Exploits0References2

OSV•added 2025/08/16 12:15 p.m.•0 views

UBUNTU-CVE-2025-38525

5.5CVSS5.7AI score0.00027EPSS

Exploits0References11

CVE•added 2025/08/16 11:12 a.m.•16 views

CVE-2025-38525

CVE-2025-38525 concerns the Linux kernel RXRPC path. The vulnerability arises when accepting an incoming RXRPC call: rxrpc_assess_MTU_size() traverses to the IP layer to determine MTU while interrupts are disabled, and the IP layer may call local_bh_enable(), which can trigger a warning if IRQs a...

5.5CVSS6.7AI score0.00027EPSS

Exploits0References2Affected Software1

OSV•added 2025/08/16 11:12 a.m.•4 views

CVE-2025-38525 rxrpc: Fix irq-disabled in local_bh_enable()

5.5CVSS6.6AI score0.00027EPSS

Exploits0References5

SUSE CVE•added 2024/12/03 12:31 a.m.•2 views

SUSE CVE-2024-36615

FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread...

6.5CVSS6.8AI score0.00094EPSS

Exploits0References4

NVD•added 2024/11/29 7:15 p.m.•20 views

CVE-2024-36615

5.9CVSS0.00094EPSS

Exploits0References3

OSV•added 2024/11/29 7:15 p.m.•1 views

DEBIAN-CVE-2024-36615

5.9CVSS6.1AI score0.00094EPSS

Exploits0References1

CVE•added 2024/11/29 12:0 a.m.•57 views

CVE-2024-36615

The CVE-2024-36615 entry concerns FFmpeg n7.0: a race condition in the VP9 decoder that can cause a data race if video encoding parameters are exported, with side data attached in the decoder thread while read in the output thread. Connected sources (Debian DLA-4440 and OpenSUSE/SUSE advisories) ...

5.9CVSS6.7AI score0.00094EPSS

Exploits0References3Affected Software1

OSV•added 2024/10/21 6:15 p.m.•0 views

UBUNTU-CVE-2024-49864

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix a race between socket set up and I/O thread creation In rxrpcopensocket, it sets up the socket and then sets up the I/O thread that will handle it. This is a problem, however, as there's a gap between the two phases in...

4.7CVSS6.1AI score0.00007EPSS

Exploits0References21

Positive Technologies•added 2022/11/12 12:0 a.m.•2 views

PT-2022-36767 · Git +1 · Fluent-Bit

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 8 crash type. The crash state involves functions such as output thread, step callback, and flb task...

6.9AI score

Exploits0References2

OSV•added 2022/05/27 4:23 a.m.•7 views

OPENSUSE-SU-2022:0148-1 Security update for varnish

This update for varnish fixes the following issues: varnish was updated to release 7.1.0 boo1195188 CVE-2022-23959 VCL: It is now possible to assign a BLOB value to a BODY variable, in addition to STRING as before. VMOD: New STRING strftimeTIME time, STRING format function for UTC formatting...

9.1CVSS7.9AI score0.00957EPSS

Exploits0References6