669 matches found
CVE-2025-38371 drm/v3d: Disable interrupts before resetting the GPU
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Disable interrupts before resetting the GPU Currently, an interrupt can be triggered during a GPU reset, which can lead to GPU hangs and NULL pointer dereference in an interrupt context as shown in the following trace:...
CVE-2025-38370 btrfs: fix failure to rebuild free space tree using multiple transactions
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix failure to rebuild free space tree using multiple transactions If we are rebuilding a free space tree, while modifying the free space tree we may need to allocate a new metadata block group. If we end up using multiple...
CVE-2025-38362
The CVE-2025-38362 issue is in the Linux kernel’s DRM AMD display path. The function get_first_active_display() could return NULL when the display list is empty, and mod_hdcp_hdcp1_enable_encryption() did not check this return value, risking a NULL pointer dereference in mod_hdcp_hdcp2_enable_enc...
ROS-20250721-01
The vulnerability of the iorwinitfile function of the iouring/rw.c module of the asynchronous I/O interface of the kernel of the of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to affect the...
CVE-2025-38351 KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALLFLUSHVIRTUALADDRESSLIST and HVCALLFLUSHVIRTUALADDRESSLISTEX allow a guest to request...
CVE-2025-38327
In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never...
CVE-2025-38347 f2fs: fix to do sanity check on ino and xnid
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 0 "echo 0...
CVE-2025-38327 fgraph: Do not enable function_graph tracer when setting funcgraph-args
In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never...
CVE-2025-38302
Technical details about CVE-2025-38302 are not publicly provided in the connected documents. The Linux kernel fix is described at a high level; no vendor/product/version mappings or exploit details are included here. Monitor for updates from vendors/security advisories.
CVE-2025-38282 kernfs: Relax constraint in draining guard
In the Linux kernel, the following vulnerability has been resolved: kernfs: Relax constraint in draining guard The active reference lifecycle provides the break/unbreak mechanism but the active reference is not truly active after unbreak -- callers don't use it afterwards but it's important for...
CVE-2025-38277 mtd: nand: ecc-mxic: Fix use of uninitialized variable ret
In the Linux kernel, the following vulnerability has been resolved: mtd: nand: ecc-mxic: Fix use of uninitialized variable ret If ctx-steps is zero, the loop processing ECC steps is skipped, and the variable ret remains uninitialized. It is later checked and returned, which leads to undefined...
CVE-2025-27027
A user with vpuser credentials that opens an SSH connection to the device, gets a restricted shell rbash that allows only a small list of allowed commands. This vulnerability enables the user to get a full-featured Linux shell, bypassing the rbash restrictions...
CVE-2025-38209 nvme-tcp: remove tag set when second admin queue config fails
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: remove tag set when second admin queue config fails Commit 104d0e2f6222 "nvme-fabrics: reset admin connection for secure concatenation" modified nvmetcpsetupctrl to call nvmetcpconfigureadminqueue twice. The first call...
CVE-2025-38196 io_uring/rsrc: validate buffer count with offset for cloning
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: validate buffer count with offset for cloning syzbot reports that it can trigger a WARNON for kmalloc attempt that's too big: WARNING: CPU: 0 PID: 6488 at mm/slub.c:5024 kvmallocnodenoprof+0x520/0x640 mm/slub.c:5024...
CVE-2025-38188
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...
CVE-2025-38185
CVE-2025-38185 (Linux kernel) : The vulnerability in the ATM subsystem (atm/atmtcp.c) arises from freeing an skb with an invalid length in atmtcp_c_send(). The code checks skb->len == 0 but does not fully guard against using skb->data as an atmtcp_hdr when len is non-zero, and when len == 0...
CVE-2025-38177 sch_hfsc: make hfsc_qlen_notify() idempotent
In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...
Photon OS 4.0: Spdlog PHSA-2025-4.0-0826
An update of the spdlog package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0826. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2025-38170
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...
CVE-2025-38136
In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Reorder clock handling and power management in probe Reorder the initialization sequence in usbhsprobe to enable runtime PM before accessing registers, preventing potential crashes due to uninitialized clocks...