Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/12/16 6:16 p.m.•2 views

CVE-2023-53900

Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload filtering...

8.8CVSS5.9AI score0.00265EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2025/12/16 6:16 p.m.•3 views

CVE-2025-68142

PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. Versions prior to 10.16.1 have a ReDOS bug found within the figure caption extension pymdownx.blocks.caption. In systems that take unchecked user content, this could cause long hanges when processing the data if a...

6.9CVSS5.8AI score0.00356EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2025/12/16 5:16 p.m.•6 views

CVE-2025-59935

GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.21, an unauthenticated user can store an XSS payload through the inventory endpoint. Users should upgrade to 10.0.21 to receive a patch...

6.5CVSS5.9AI score0.00241EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•6 views

CVE-2025-68287

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fix race condition between concurrent dwc3removerequests call paths This patch addresses a race condition caused by unsynchronized execution of multiple call paths invoking dwc3removerequests, leading to premature...

6AI score0.00194EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•5 views

CVE-2025-68289

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: feem: Fix memory leak in eemunwrap The existing code did not handle the failure case of usbepqueue in the command path, potentially leading to memory leaks. Improve error handling to free all allocated resources on...

5.9AI score0.00173EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•2 views

CVE-2025-68314

In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure lastfence is always updated Update lastfence in the vm-bind path instead of kernel managed path. lastfence is used to wait for work to finish in vmbind contexts but not used for kernel managed contexts. This...

5.7AI score0.00145EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•1 views

CVE-2025-68297

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash in processv2sparseread for encrypted directories The crash in processv2sparseread for fscrypt-encrypted directories has been reported. Issue takes place for Ceph msgr2 protocol in secure mode. It can be reproduced...

5.9AI score0.00176EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•1 views

CVE-2025-68298

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Avoid btusbmtkclaimisointf NULL deref In btusbmtksetup, we set btmtkdata-isopktintf to: usbifnumtoifdata-udev, MTKISOIFNUM That function can return NULL in some cases. Even when it returns NULL, though...

5.9AI score0.00155EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68316

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

5.7AI score0.00158EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•2 views

CVE-2025-68305

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

5.9AI score0.00156EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•4 views

CVE-2025-68303

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punitipc: fix memory corruption This passes the address of the pointer "&punitipcdev" when the intent was to pass the pointer itself "punitipcdev" without the ampersand. This means that the:...

5.7AI score0.00161EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•2 views

CVE-2025-68312

In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...

5.9AI score0.00165EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68309

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

5.7AI score0.00145EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•4 views

CVE-2025-68284

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handleauthsessionkey The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes when decrypting the...

5.9AI score0.00173EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•2 views

CVE-2025-68318

In the Linux kernel, the following vulnerability has been resolved: clk: thead: th1520-ap: set all AXI clocks to CLKISCRITICAL The AXI crossbar of TH1520 has no proper timeout handling, which means gating AXI clocks can easily lead to bus timeout and thus system hang. Set all AXI clock gates to...

5.7AI score0.00158EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•6 views

CVE-2025-68283

In the Linux kernel, the following vulnerability has been resolved: libceph: replace BUGON with bounds check for map-maxosd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against map-maxosd. idryomov: drop BUGON in cephgetprimaryaffinity, minor cosmet...

5.9AI score0.00168EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•2 views

CVE-2025-68321

In the Linux kernel, the following vulnerability has been resolved: pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx ...

5.9AI score0.00176EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•2 views

CVE-2025-68310

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pcicfgaccesslock when executing the s390 variant of PCI error recovery: Acquire just devicelock instead of pcidevlock as...

5.8AI score0.0016EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68313

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly signaling success...

5.7AI score0.00155EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68286

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP monitors connected. BUG...

5.9AI score0.00173EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•1 views

CVE-2025-68317

In the Linux kernel, the following vulnerability has been resolved: iouring/zctx: check chained notif contexts Send zc only links ubufinfo for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion...

5.7AI score0.00169EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•1 views

CVE-2025-68311

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...

5.7AI score0.00155EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68294

In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...

5.8AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•4 views

CVE-2025-68282

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: udc: fix use-after-free in usbgadgetstatework A race condition during gadget teardown can lead to a use-after-free in usbgadgetstatework, as reported by KASAN: BUG: KASAN: invalid-access in sysfsnotify+0x2c/0xd0...

5.9AI score0.00173EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68299

In the Linux kernel, the following vulnerability has been resolved: afs: Fix delayed allocation of a cell's anonymous key The allocation of a cell's anonymous key is done in a background thread along with other cell setup such as doing a DNS upcall. In the reported bug, this is triggered by...

5.7AI score0.00176EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•1 views

CVE-2025-68304

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: lookup hciconn on RX path on protocol side The hdev lock/lookup/unlock/use pattern in the packet RX path doesn't ensure hciconn is not concurrently modified/deleted. This locking appears to be leftover from...

5.8AI score0.00145EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•4 views

CVE-2025-68307

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

5.9AI score0.00161EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68322

In the Linux kernel, the following vulnerability has been resolved: parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: Starting network: udhcpc: started, v1.36.1 Backtrace: unwindonce+0x1c/0x5c...

5.7AI score0.00169EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•5 views

CVE-2025-68288

In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the 'ioctlsg01' test from Linux Test Project LTP. The following bytes were mainly observed: 0x53425355. When USB storage devices incorrect...

6.5AI score0.00173EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•2 views

CVE-2025-68285

In the Linux kernel, the following vulnerability has been resolved: libceph: fix potential use-after-free in havemonandosdmap The wait loop in cephopensession can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both cephmonchandlemap and handleonem...

5.9AI score0.00173EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68295

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds will end up setting @ctx-domainname, so it needs to be freed before leaving...

5.8AI score0.00173EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•4 views

CVE-2025-68291

In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a similar issue for the bare TCP and fixed in commit 499350a5a6e7 "tcp:...

5.7AI score0.00175EPSS
Exploits0References17
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68290

In the Linux kernel, the following vulnerability has been resolved: most: usb: fix double free on late probe failure The MOST subsystem has a non-standard registration function which frees the interface on registration failures and on deregistration. This unsurprisingly leads to bugs in the MOST...

5.7AI score0.00173EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•5 views

CVE-2025-68302

In the Linux kernel, the following vulnerability has been resolved: net: sxgbe: fix potential NULL dereference in sxgberx Currently, when skb is null, the driver prints an error and then dereferences skb on the next line. To fix this, let's add a 'break' after the error message to switch to...

5.8AI score0.00161EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•7 views

CVE-2025-68308

In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...

5.8AI score0.00161EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•1 views

CVE-2025-68315

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in freenidlist As reported, on-disk footer.ino and footer.nid is the same and out-of-range, let's add sanity check on f2fsallocnid to detect any potential corruption in freenidlist...

5.7AI score0.00171EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•4 views

CVE-2025-68296

In the Linux kernel, the following vulnerability has been resolved: drm, fbcon, vgaswitcheroo: Avoid race condition in fbcon setup Protect vgaswitcherooclientfbset with console lock. Avoids OOB access in fbconremapall. Without holding the console lock the call races with switching outputs. VGA...

5.9AI score0.00171EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68306

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface When performing reset tests and encountering abnormal card drop issues that lead to a kernel crash, it is necessary to perform a null check before...

5.9AI score0.00162EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•4 views

CVE-2025-68319

In the Linux kernel, the following vulnerability has been resolved: netconsole: Acquire sumutex before navigating configs hierarchy There is a race between operations that iterate over the userdata cgchildren list and concurrent add/remove of userdata items through configfs. The updateuserdata...

5.7AI score0.00148EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•8 views

CVE-2025-68301

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix fragment overflow handling in RX path The atlantic driver can receive packets with more than MAXSKBFRAGS 17 fragments when handling large multi-descriptor packets. This causes an out-of-bounds write in...

6.3AI score0.00161EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68292

In the Linux kernel, the following vulnerability has been resolved: mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed, leading to kernel memory disclosure to userspace 2. Folios are not marke...

5.7AI score0.00176EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•4 views

CVE-2025-68293

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix NULL pointer deference when splitting folio Commit c010d47f107f "mm: thp: split huge page to any lower order pages" introduced an early check on the folio's order via mapping-flags before proceeding with the...

5.8AI score0.00173EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•3 views

CVE-2025-68320

In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix sleeping in atomic context The following warning was seen when we try to connect using ssh to the device. BUG: sleeping function called from invalid context at kernel/locking/mutex.c:575 inatomic: 1, irqsdisabled: 0,...

5.7AI score0.00171EPSS
Exploits0References21
UbuntuCve
UbuntuCve
•added 2025/12/16 4:16 p.m.•2 views

CVE-2025-68300

In the Linux kernel, the following vulnerability has been resolved: fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra reference...

5.9AI score0.00155EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68257

In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...

5.7AI score0.0018EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•4 views

CVE-2025-68253

In the Linux kernel, the following vulnerability has been resolved: mm: don't spin in addstackrecord when gfp flags don't allow syzbot was able to find the following path: addstackrecordtolist mm/pageowner.c:182 inline incstackrecordcount mm/pageowner.c:214 inline setpageowner+0x2c3/0x4a0...

5.7AI score0.00158EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•4 views

CVE-2025-68240

In the Linux kernel, the following vulnerability has been resolved: nilfs2: avoid having an active sctimer before freeing sci Because kthreadstop did not stop sctask properly and returned -EINTR, the sctimer was not properly closed, ultimately causing the problem 1 reported by syzbot when freeing...

5.7AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68243

In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...

5.7AI score0.00096EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•8 views

CVE-2025-68244

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915vmapinww, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor, ...

5.9AI score0.00161EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68250

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

5.7AI score0.00158EPSS
Exploits0References9
Total number of security vulnerabilities68528