Lucene search
K

1534 matches found

NVD
NVD
added 2025/07/04 2:15 p.m.6 views

CVE-2025-38188

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...

5.5CVSS0.00145EPSS
Exploits0References3
NVD
NVD
added 2025/07/04 2:15 p.m.5 views

CVE-2025-38182

In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...

7.8CVSS0.00156EPSS
Exploits0References4
OSV
OSV
added 2025/07/04 2:15 p.m.4 views

AZL-64731 CVE-2025-38182 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...

7.8CVSS5.6AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2025/07/04 2:15 p.m.3 views

UBUNTU-CVE-2025-38182

In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...

7.8CVSS6.2AI score0.00156EPSS
Exploits0References29
Cvelist
Cvelist
added 2025/07/04 1:13 p.m.13 views

CVE-2025-46733 REE userspace code can panic TAs, leading to fTPM PCR reset and data disclosure

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that...

7.9CVSS0.0014EPSS
Exploits0References2
NVD
NVD
added 2025/07/03 9:15 a.m.4 views

CVE-2025-38151

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...

5.5CVSS0.00147EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/07/03 8:35 a.m.11 views

CVE-2025-38151 RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...

0.00147EPSS
Exploits0References5
CVE
CVE
added 2025/07/03 8:35 a.m.80 views

CVE-2025-38151

Technical details about CVE-2025-38151 are not publicly provided in the supplied documents; no explicit information on affected kernel versions, root cause, impact, or patch is included. Monitor for updates.

5.5CVSS7AI score0.00147EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/07/03 8:35 a.m.4 views

CVE-2025-38151 RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...

5.5CVSS6.3AI score0.00147EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2025/06/30 6:29 p.m.9 views

USN-7606-1: Linux kernel (OEM) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

8.8CVSS7.4AI score0.23278EPSS
Exploits0
NVD
NVD
added 2025/06/30 8:15 a.m.5 views

CVE-2025-38090

In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...

5.5CVSS0.0015EPSS
Exploits0References10
OSV
OSV
added 2025/06/30 8:15 a.m.9 views

UBUNTU-CVE-2025-38090

In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...

5.5CVSS6.1AI score0.0015EPSS
Exploits0References42
Cvelist
Cvelist
added 2025/06/30 7:29 a.m.7 views

CVE-2025-38090 drivers/rapidio/rio_cm.c: prevent possible heap overwrite

In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...

0.0015EPSS
Exploits0References8
OSV
OSV
added 2025/06/30 7:29 a.m.3 views

CVE-2025-38090 drivers/rapidio/rio_cm.c: prevent possible heap overwrite

In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...

5.5CVSS6.5AI score0.0015EPSS
Exploits0References13
CVE
CVE
added 2025/06/30 7:29 a.m.84 views

CVE-2025-38090

CVE-2025-38090 concerns the Linux kernel: a heap overwrite could occur in drivers/rapidio/rio_cm.c due to incomplete validation in riocm_ch_send() when handling rio_ch_hdr data during RIO_CM_CHAN_SEND. The issue arises because cm_chan_msg_send() allocates space and checks userspace data size, but...

5.5CVSS6.5AI score0.0015EPSS
Exploits0References10Affected Software1
SUSE CVE
SUSE CVE
added 2025/06/19 3:38 a.m.6 views

SUSE CVE-2022-50228

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVMSETVCPUEVENTS even if having at least...

5.5CVSS6.3AI score0.00219EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2025/06/19 3:14 a.m.1 views

SUSE CVE-2025-38074

In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...

5.5CVSS7.8AI score0.00161EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2025/06/19 12:0 a.m.3 views

PT-2025-27957

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, where a vulnerability has been resolved related to the ublk component. This involves sanitizing arguments from userspace when adding a device and...

7.8CVSS6.6AI score0.00156EPSS
Exploits0
OSV
OSV
added 2025/06/18 11:4 a.m.9 views

CVE-2022-50228 KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVMSETVCPUEVENTS even if having at least...

5.5CVSS5.9AI score0.00219EPSS
Exploits0References12
OSV
OSV
added 2025/06/18 11:3 a.m.5 views

CVE-2022-50215 scsi: sg: Allow waiting for commands to complete on removed device

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...

5.5CVSS6AI score0.00194EPSS
Exploits0References12
Rows per page
Query Builder