Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-71078

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-68800

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

5.7AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-68820

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

5.9AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-71101

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. These functions parse ACPI...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-68815

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Remove drr class from the active list if it changes to strict Whenever a user issues an ets qdisc change command, transforming a drr class into a strict one, the ets code isn't checking whether that class was in t...

5.9AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•2 views

CVE-2025-71098

In the Linux kernel, the following vulnerability has been resolved: ip6gre: make ip6greheader robust Over the years, syzbot found many ways to crash the kernel in ip6greheader 1. This involves team or bonding drivers ability to dynamically change their dev-neededheadroom and/or dev-hardheaderlen ...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-68794

In the Linux kernel, the following vulnerability has been resolved: iomap: adjust read range correctly for non-block-aligned positions iomapadjustreadrange assumes that the position and length passed in are block-aligned. This is not always the case however, as shown in the syzbot generated case...

5.9AI score0.00168EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-71097

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fibtableflush is called to flush all the routes that are using the dead nexthop. The...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-68822

In the Linux kernel, the following vulnerability has been resolved: Input: alps - fix use-after-free bugs caused by dev3registerwork The dev3registerwork delayed work item is initialized within alpsreconnect and scheduled upon receipt of the first bare PS/2 packet from an external PS/2 device...

5.9AI score0.00166EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•6 views

CVE-2025-71094

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device can return an invalid address = PHYMAXADDR, which causes a warning in...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•5 views

CVE-2025-71071

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can potentially lead to a use-after-free in case...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References26
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-71080

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6getpcpuroute under PREEMPTRT On PREEMPTRT kernels, after rt6getpcpuroute returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute and successful...

5.5CVSS6AI score0.00119EPSS
Exploits0References13
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-71069

In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesystems with corrupted directory depth values that get runtime-clamped to MAXDIRHASHDEPTH. When RENAMEWHITEOUT operations are performed on such...

5.8AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•8 views

CVE-2025-71096

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•2 views

CVE-2025-68819

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...

5.9AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•5 views

CVE-2025-71083

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, e.g. because it has been evicted. When devcoredump tries to read the contents of all BOs for...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-68790

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix double unregister of HCAPORTS component Clear hcadevcomcomp in device's private data after unregistering it in LAG teardown. Otherwise a slightly lagging second pass through mlx5unloadone might try to unregister it...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•9 views

CVE-2025-68793

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix a job-pasid access race in gpu recovery Avoid a possible UAF in GPU recovery due to a race between the sched timeout callback and the tdr work queue. The gpu recovery function calls drmschedstop and later...

5.7AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•5 views

CVE-2025-68801

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix neighbour use-after-free We sometimes observe use-after-free when dereferencing a neighbour 1. The problem seems to be that the driver stores a pointer to the neighbour, but without holding a reference ...

5.7AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-68802

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Limit numsyncs to prevent oversized allocations The exec and vmbind ioctl allow userspace to specify an arbitrary numsyncs value. Without bounds checking, a very large numsyncs can force an excessively large allocation,...

5.7AI score0.00166EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-68797

In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...

5.7AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-68791

In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...

5.7AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•1 views

CVE-2025-68799

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...

5.7AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-71070

In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLKREFCOUNTINIT. Befo...

5.8AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•6 views

CVE-2025-71086

In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-71088

In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflowdataready+0x40b/0x7c0 net/mptcp/subflow.c:15...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•2 views

CVE-2025-71095

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix the crash issue for zero copy XDPTX action There is a crash issue when running zero copy XDPTX action, the crash log is shown below. 216.122464 Unable to handle kernel paging request at virtual address...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References26
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•5 views

CVE-2025-68809

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

5.7AI score0.00168EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-71073

In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd - disable pending work before freeing device lkkbdinterrupt schedules lk-tq via schedulework, and the work handler lkkbdreinit dereferences the lkkbd structure and its serio/inputdev fields. lkkbddisconnect and error...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-71068

In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-71100

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cutxfilldesc TID getting from ieee80211gettid might be out of range of array size of staentry-tids, so check TID is less than MAXTIDCOUNT. Othwerwise, UBSAN warn: UBSAN:...

7.8CVSS5.9AI score0.00119EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-68817

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdtreeconnectput under concurrency Under high concurrency, A tree-connection object tcon is freed on a disconnect path while another path still holds a reference and later executes put/write on it...

7.8CVSS6.6AI score0.00159EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•6 views

CVE-2025-71076

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-71090

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfsdfile reference leak in nfsd4addrdaccesstowrdeleg nfsd4addrdaccesstowrdeleg unconditionally overwrites fp-fifdsORDONLY with a newly acquired nfsdfile. However, if the client already has a SHAREACCESSREAD open from a...

5.5CVSS5.8AI score0.001EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-71065

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi-cprwsem -- fsreclaim -- sbinternal2 Possible unsafe locking scenario: CPU0 CPU1 ----...

5.7AI score0.00168EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•5 views

CVE-2025-71081

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the setsync callback fails during DAI probe. Make sure to drop the referen...

5.5CVSS5.7AI score0.00111EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•2 views

CVE-2025-68814

In the Linux kernel, the following vulnerability has been resolved: iouring: fix filename leak in ioopenatprep ioopenatprep allocates a struct filename using getname. However, for the condition of the file being installed in the fixed file table as well as having OCLOEXEC flag set, the function...

5.8AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•5 views

CVE-2025-71067

In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read bootblock when mounting When mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a dummy blocksize before attempting to read the bootblock. The issue can...

5.7AI score0.00168EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-71087

In the Linux kernel, the following vulnerability has been resolved: iavf: fix off-by-one issues in iavfconfigrssreg There are off-by-one bugs when configuring RSS hash key and lookup table, causing out-of-bounds reads to memory 1 and out-of-bounds writes to device registers. Before commit...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•8 views

CVE-2025-68803

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...

5.9AI score0.00173EPSS
Exploits0References28
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•3 views

CVE-2025-68823

In the Linux kernel, the following vulnerability has been resolved: ublk: fix deadlock when reading partition table When one processsuch as udev opens ublk block device e.g., to read the partition table via bdevopen, a deadlock1 can occur: 1. bdevopen grabs disk-openmutex 2. The process issues re...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References16
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•5 views

CVE-2025-68796

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating zero-sized extent in extent cache As syzbot reported: F2FS-fs loop0: updateextenttreerange: extent len is zero, type: 0, extent 0, 0, 0, age 0, 0 ------------ cut here ------------ kernel BUG at...

5.7AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-68816

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...

6AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•5 views

CVE-2025-68795

In the Linux kernel, the following vulnerability has been resolved: ethtool: Avoid overflowing userspace buffer on stats query The ethtool -S command operates across three ioctl calls: ETHTOOLGSSETINFO for the size, ETHTOOLGSTRINGS for the names, and ETHTOOLGSTATS for the values. If the number of...

6.2AI score0.00191EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•8 views

CVE-2025-71085

In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-71064

In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the numtqps in the vf driver to apply for resources Currently, hdev-htqp is allocated using hdev-numtqps, and kinfo-tqp is allocated using kinfo-numtqps. However, kinfo-numtqps is set to minnewtqps, hdev-numtqps;...

5.7AI score0.00173EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•4 views

CVE-2025-71092

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix OOB write in bnxtrecopyerrstats Commit ef56081d1864 "RDMA/bnxtre: RoCE related hardware counters update" added three new counters and placed them after BNXTREOUTOFSEQERR. BNXTREOUTOFSEQERR acts as a boundary mark...

7.8CVSS5.7AI score0.00112EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•9 views

CVE-2025-71089

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

7.8CVSS6AI score0.00145EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•5 views

CVE-2025-71091

In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2026/01/13 4:16 p.m.•6 views

CVE-2025-71093

In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000tbishouldaccept In e1000tbishouldaccept we read the last byte of the frame via 'datalength - 1' to evaluate the TBI workaround. If the descriptor- reported length is zero or larger than the actual RX buffer...

7.1CVSS6AI score0.00117EPSS
Exploits0References36
Total number of security vulnerabilities68528