Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.1 views

CVE-2025-71110

In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in deferfree before accessing freed memory When CONFIGSLUBTINY is enabled, kfreenolock calls kasanslabfree before deferfree. On ARM64 with MTE Memory Tagging Extension, kasanslabfree poisons the memory an...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.2 views

CVE-2025-71139

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area Bug description When I tested kexec with the latest kernel, I ran into the following warning: 40.712410 ------------ cut here ------------ 40.712576 WARNING: CPU: 2 PID:...

5.5CVSS5.8AI score0.00102EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.5 views

CVE-2025-71124

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preemptpreparepostamble after error check Move the call to preemptpreparepostamble after verifying that preemptpostambleptr is valid. If preemptpostambleptr is NULL, dereferencing it in preemptpreparepostamble...

5.5CVSS5.7AI score0.00137EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.2 views

CVE-2025-71135

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix possible null-pointer dereferences in raid5storegroupthreadcnt The variable mddev-private is first assigned to conf and then checked: conf = mddev-private; if !conf ... If conf is NULL, then mddev-private is also...

5.5CVSS5.9AI score0.0015EPSS
Exploits0References23
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.3 views

CVE-2025-71133

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...

7.1CVSS5.9AI score0.00153EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.3 views

CVE-2025-71141

In the Linux kernel, the following vulnerability has been resolved: drm/tilcdc: Fix removal actions in case of failed probe The drmkmshelperpollfini and drmatomichelpershutdown helpers should only be called when the device has been successfully registered. Currently, these functions are called...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.2 views

CVE-2025-71115

In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.3 views

CVE-2025-71138

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add missing NULL pointer check for pingpong interface It is checked almost always in dpuencoderphyswbsetupctl, but in a single place the check is missing. Also use convenient locals instead of physenc- where availabl...

5.5CVSS5.9AI score0.00116EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.5 views

CVE-2025-71140

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block, causing the context...

5.8AI score0.00171EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.6 views

CVE-2025-71116

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.3 views

CVE-2025-71118

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if startnode is NULL Although commit 0c9992315e73 "ACPICA: Avoid walking the ACPI Namespace if it is not there" fixed the situation when both startnode and acpigblrootnode are NULL, the Linux...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.3 views

CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.3 views

CVE-2025-71127

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames to non-broadcast address Beacon frames are required to be sent to the broadcast address, see IEEE Std 802.11-2020, 11.1.3.1 "The Address 1 field of the Beacon .. frame shall be set to the...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References32
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.1 views

CVE-2025-71142

In the Linux kernel, the following vulnerability has been resolved: cpuset: fix warning when disabling remote partition A warning was triggered as follows: WARNING: kernel/cgroup/cpuset.c:1651 at remotepartitiondisable+0xf7/0x110 RIP: 0010:remotepartitiondisable+0xf7/0x110 RSP:...

5.5CVSS5.8AI score0.00102EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/01/14 3:15 p.m.4 views

CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2026/01/14 3:15 p.m.3 views

CVE-2025-71107

In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fsputsuper finishes Xfstests generic/335, generic/336 sometimes crash with the following message: F2FS-fs dm-0: detect filesystem reference count leak during umount, type: 9, count: ...

5.5CVSS5.7AI score0.00159EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2026/01/14 3:15 p.m.3 views

CVE-2025-71105

In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------ cut here ------------ kmemcache of name 'f2fsxattrentry-7:7' alread...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2026/01/14 3:15 p.m.3 views

CVE-2025-71104

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the expiration to "now" if the target expiration is in the past...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2026/01/14 3:15 p.m.3 views

CVE-2025-56226

Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the mpegl3encode.c file...

5.3CVSS5.9AI score0.00312EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/01/14 3:15 p.m.4 views

CVE-2025-71103

In the Linux kernel, the following vulnerability has been resolved: drm/msm: adreno: fix deferencing ifpcreglist when not declared On plaforms with an a7xx GPU not supporting IFPC, the ifpcreglist if still deferenced in a7xxpatchpwrupreglist which causes a kernel crash: Unable to handle kernel NU...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/14 3:15 p.m.4 views

CVE-2025-71106

In the Linux kernel, the following vulnerability has been resolved: fs: PM: Fix reverse check in filesystemsfreezecallback The freezeallptr check in filesystemsfreezecallback introduced by commit a3f8f8662771 "power: always freeze efivarfs" is reverse which quite confusingly causes all file syste...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/14 3:15 p.m.5 views

CVE-2025-71102

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2026/01/14 3:15 p.m.2 views

CVE-2025-71109

In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 "MIPS: Tracing: Reduce the overhead of dynamic Function Tracer", the macro UASMiLAmostly has been used, and this macro can...

5.5CVSS5.9AI score0.00171EPSS
Exploits0References23
UbuntuCve
UbuntuCve
added 2026/01/14 12:16 p.m.3 views

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

5.1CVSS6AI score0.00203EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/13 11:16 p.m.2 views

CVE-2026-0716

A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended bounds. This can cause unintended memory exposure or a crash...

4.8CVSS5.8AI score0.00257EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/13 11:16 p.m.13 views

CVE-2023-54335

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system...

9.8CVSS5.9AI score0.04962EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/01/13 7:16 p.m.5 views

CVE-2026-22791

openCryptoki is a PKCS11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKMECDHAESKEYWRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key...

6.6CVSS6.1AI score0.00237EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/01/13 6:16 p.m.5 views

CVE-2026-21265

Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes...

6.4CVSS6.1AI score0.00965EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.5 views

CVE-2025-71099

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix potential UAF in xeoaaddconfigioctl In xeoaaddconfigioctl, we accessed oaconfig-id after dropping metricslock. Since this lock protects the lifetime of oaconfig, an attacker could guess the id and call...

7.8CVSS5.7AI score0.00115EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.3 views

CVE-2025-68806

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

5.8AI score0.00168EPSS
Exploits0References26
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.5 views

CVE-2025-71079

In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfcunregisterdevice and rfkillfopwrite A deadlock can occur between nfcunregisterdevice and rfkillfopwrite due to lock ordering inversion between devicelock and rfkillglobalmutex. The problematic lo...

5.5CVSS5.6AI score0.00089EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.3 views

CVE-2025-71092

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix OOB write in bnxtrecopyerrstats Commit ef56081d1864 "RDMA/bnxtre: RoCE related hardware counters update" added three new counters and placed them after BNXTREOUTOFSEQERR. BNXTREOUTOFSEQERR acts as a boundary mark...

7.8CVSS5.7AI score0.00112EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.4 views

CVE-2025-71091

In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.8 views

CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

5.8AI score0.00166EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.1 views

CVE-2025-68821

In the Linux kernel, the following vulnerability has been resolved: fuse: fix readahead reclaim deadlock Commit e26ee4efbc79 "fuse: allocate ff-releaseargs only if release is needed" skips allocating ff-releaseargs if the server does not implement open. However in doing so, fusepreparerelease now...

5.8AI score0.00173EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.2 views

CVE-2025-68811

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

5.9AI score0.00166EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.2 views

CVE-2025-68808

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local pointers upon transfer of memory ownership vidtvchannelsiinit creates a temporary list program, service, event and ownership of the memory itself is transferred to the PAT/SDT/EIT tables through...

5.7AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.5 views

CVE-2025-68807

In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbtenabledefault and IO submission When wbtenabledefault is moved out of queue freezing in elevatorchange, it can cause the wbt inflight counter to become negative -1, leading to hung tasks in the writebac...

5.7AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.2 views

CVE-2025-71074

In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffsepfileopen can race with removal, ending up with file-privatedata pointing to freed object. There is a total count of opened files on functionfs both ep0 and dynamic ones and when it hits...

4.7CVSS5.7AI score0.00094EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.5 views

CVE-2025-68812

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00027EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.6 views

CVE-2025-68805

In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to...

5.7AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.3 views

CVE-2025-68810

In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVMMEMGUESTMEMFD on an existing memslot Reject attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding, as KVM doesn't support toggling KVMMEMGUESTMEMFD on...

5.9AI score0.00166EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.5 views

CVE-2025-68798

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc-eventsidx can become NULL in a subtle race condition with NMI-throttle-x86pmustop. Check event for NULL in amdpmuenableall before enable to avoid a GPF. Th...

5.9AI score0.00168EPSS
Exploits0References26
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.3 views

CVE-2025-71075

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asdpciremove function fails to synchronize with pending tasklets before freeing the asdha structure, leading to a potential use-after-free vulnerability. When a device...

7.8CVSS5.9AI score0.00126EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.4 views

CVE-2025-71077

In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2getpcrallocation does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds values coming from external I/O cause on only limited harm...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.8 views

CVE-2025-68813

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...

6AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.5 views

CVE-2025-71093

In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000tbishouldaccept In e1000tbishouldaccept we read the last byte of the frame via 'datalength - 1' to evaluate the TBI workaround. If the descriptor- reported length is zero or larger than the actual RX buffer...

7.1CVSS6AI score0.00117EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.3 views

CVE-2025-71088

In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflowdataready+0x40b/0x7c0 net/mptcp/subflow.c:15...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References23
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.3 views

CVE-2025-71084

In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multicast GID table reference If the CM ID is destroyed while the CM event for multicast creating is still queued the cancelworksync will prevent the work from running which also prevents destroying the...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.4 views

CVE-2025-71072

In the Linux kernel, the following vulnerability has been resolved: shmem: fix recovery on rename failures mapletree insertions can fail if we are seriously short on memory; simpleoffsetrename does not recover well if it runs into that. The same goes for simpleoffsetrenameexchange. Moreover,...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References24
Total number of security vulnerabilities68528