Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68265

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...

5.9AI score0.00178EPSS
Exploits0References24
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68261

In the Linux kernel, the following vulnerability has been resolved: ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function ext4destroyinlinedatanolock changes the inode data layout by clearing EXT4INODEINLINEDATA and...

6AI score0.0018EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68263

In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...

9.8CVSS5.8AI score0.00378EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68262

In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. The issue happens because zstdstreams per-CPU contexts are freed in...

5.7AI score0.00169EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68252

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix dmabuf object leak in fastrpcmaplookup In fastrpcmaplookup, dmabufget is called to obtain a reference to the dmabuf for comparison purposes. However, this reference is never released when the function returns,...

5.7AI score0.00171EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68281

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdcacontrol" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdcaparsefunction API. This patch...

5.7AI score0.00158EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•0 views

CVE-2025-68242

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The...

5.7AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•6 views

CVE-2025-68248

In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...

5.7AI score0.00158EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•4 views

CVE-2025-68239

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

5.7AI score0.00164EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68247

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Plug potential memory leak in dotimercreate When posix timer creation is set to allocate a given timer ID and the access to the user space value faults, the function terminates without freeing the already allocated...

5.7AI score0.00145EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68246

In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket...

5.8AI score0.00156EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68251

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loops due to corrupted subpage compact indexes Robert reported an infinite loop observed by two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters in...

5.7AI score0.00169EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68258

In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...

5.7AI score0.0018EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•5 views

CVE-2025-68249

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

5.7AI score0.00176EPSS
Exploits0References38
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68245

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: fix incorrect refcount handling causing incorrect cleanup commit efa95b01da18 "netpoll: fix use after free" incorrectly ignored the refcount and prematurely set dev-npinfo to NULL during netpoll cleanup, leading to...

5.9AI score0.00168EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68259

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or select INTn instruction, discard the exception and retry the instruction if the code stream is changed...

5.9AI score0.00161EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68264

In the Linux kernel, the following vulnerability has been resolved: ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when ext4updateinlinedata/ext4createinlinedata use it. Although ext4getmaxinlinesize reads the...

5.9AI score0.0018EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68241

In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmission path calls: sittunnelxmit - updateorcreatefnhe, which lead to fnheremoveoldest being called to delete entries exceeding...

5.9AI score0.00165EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•4 views

CVE-2025-68266

In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes"...

5.7AI score0.00161EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•4 views

CVE-2025-68260

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix race condition on deathlist Rust Binder contains the following unsafe operation: // SAFETY: A NodeDeath is never inserted into the death list // of any node other than its owner, so it is either in this // death...

5.7AI score0.00185EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68256

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in rtwgetie parser The Information Element IE parser rtwgetie trusted the length byte of each IE without validating that the IE body len bytes after the 2-byte header fits inside the...

5.9AI score0.00176EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•2 views

CVE-2025-68255

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...

6.1AI score0.00198EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 3:15 p.m.•3 views

CVE-2025-68254

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates ESR IE handling in OnBeacon accessed p + 1 + ielen and p + 2 + ielen without verifying that these offsets lie within the received...

6AI score0.00176EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-40362

In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...

5.7AI score0.00199EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-40360

In the Linux kernel, the following vulnerability has been resolved: drm/sysfb: Do not dereference NULL pointer in plane reset The plane state in drmgemresetshadowplane can be NULL. Do not deref that pointer, but forward NULL to the other plane-reset helpers. Clears plane-state to NULL. v2: - fix...

5.9AI score0.00173EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•2 views

CVE-2025-68213

In the Linux kernel, the following vulnerability has been resolved: idpf: fix possible vportconfig NULL pointer deref in remove Attempting to remove the driver will cause a crash in cases where the vport failed to initialize. Following trace is from an instance where the driver failed during an...

5.9AI score0.00173EPSS
Exploits0References21
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-68188

In the Linux kernel, the following vulnerability has been resolved: tcp: use dstdevrcu in tcpfastopenactivedisableofocheck Use RCU to avoid a pair of atomic operations and a potential UAF on dstdev-flags...

5.7AI score0.00166EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•2 views

CVE-2025-68187

In the Linux kernel, the following vulnerability has been resolved: net: mdio: Check regmap pointer returned by devicenodetoregmap The call to devicenodetoregmap in airohamdioprobe can return an ERRPTR if regmap initialization fails. Currently, the driver stores the pointer without validation,...

5.8AI score0.00155EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•2 views

CVE-2025-68176

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops...

5.7AI score0.00173EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•4 views

CVE-2025-40347

In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix the deadlock of enetcmdiolock After applying the workaround for err050089, the LS1028A platform experiences RCU stalls on RT kernel. This issue is caused by the recursive acquisition of the read lock enetcmdiolock...

5.7AI score0.00168EPSS
Exploits0References21
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•5 views

CVE-2025-40351

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported issue in hfsplusdeletecat: 70.682285 T9333 ===================================================== 70.682943 T9333 BUG: KMSAN: uninit-value in...

5.7AI score0.00177EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-68211

In the Linux kernel, the following vulnerability has been resolved: ksm: use range-walk function to jump over holes in scangetnextrmapitem Currently, scangetnextrmapitem walks every page address in a VMA to locate mergeable pages. This becomes highly inefficient when scanning large virtual memory...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-40346

In the Linux kernel, the following vulnerability has been resolved: archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of PTRERRORZERO in topologyparsecpucapacity which causes the code to proceed with NULL clock pointers. The current logic uses !PTRERRORZEROcpuc...

5.8AI score0.00173EPSS
Exploits0References38
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-68171

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported 1 the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfdvalidatestate+0x65/0x70 Call Trace: fpuclearuserstates+0x9c/0x100...

5.7AI score0.00168EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•10 views

CVE-2025-68218

In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: fix lockdep WARN due to partition scan work Blktests test cases nvme/014, 057 and 058 fail occasionally due to a lockdep WARN. As reported in the Closes tag URL, the WARN indicates that a deadlock can happen due t...

5.9AI score0.00168EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•2 views

CVE-2025-68224

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.9AI score0.00032EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•1 views

CVE-2025-40356

In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix DMA-API usage Use DMA-API dmamapsingle call for getting the DMA address of the transfer buffer instead of hacking with virttophys. This fixes the following DMA-API debug warning: ------------ cut here...

5.8AI score0.00155EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•2 views

CVE-2025-68225

In the Linux kernel, the following vulnerability has been resolved: lib/testkho: check if KHO is enabled We must check whether KHO is enabled prior to issuing KHO commands, otherwise KHO internal data structures are not initialized...

5.7AI score0.00162EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•0 views

CVE-2025-68221

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix address removal logic in mptcppmnlrmaddr Fix inverted WARNONONCE condition that prevented normal address removal counter updates. The current code only executes decrement logic when the counter is already 0 abnormal...

5.8AI score0.00173EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-40359

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix KASAN global-out-of-bounds warning When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. ================================================================== BUG:...

5.8AI score0.00166EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-40352

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

5.7AI score0.00173EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-68182

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix potential use after free in iwlmldremovelink This code frees "link" by calling kfreerculink, rcuhead and then it dereferences "link" to get the "link-fwid". Save the "link-fwid" first to avoid a potential use...

5.8AI score0.00155EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•5 views

CVE-2025-68189

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix GEM free for imported dma-bufs Imported dma-bufs also have obj-resv != &obj-resv. So we should check both this condition in addition to flags for handling the NOSHARE case. Fixes this splat that was reported with IRI...

5.7AI score0.00155EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•4 views

CVE-2025-68228

In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix createinformatblob return value createinformatblob is either supposed to return a valid pointer or an error, but never NULL. The caller will dereference the blob when it is not an error, and thus will oops if NULL...

5.7AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•2 views

CVE-2025-68212

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized 'offp' in statmountstring In statmountstring, most flags assign an output offset pointer offp which is later updated with the string offset. However, the STATMOUNTMNTUIDMAP and STATMOUNTMNTGIDMAP cases...

5.7AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•4 views

CVE-2025-68205

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/hdmi: Fix breakage at probing nvhdmi-mcp driver After restructuring and splitting the HDMI codec driver code, each HDMI codec driver contains the own buildcontrols and buildpcms ops. A copy-n-paste error put the wrong...

5.7AI score0.00155EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•3 views

CVE-2025-68232

In the Linux kernel, the following vulnerability has been resolved: veth: more robust handing of race to avoid txq getting stuck Commit dc82a33297fc "veth: apply qdisc backpressure on full ptrring to reduce TX drops" introduced a race condition that can lead to a permanently stalled TXQ. This was...

5.7AI score0.00155EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•5 views

CVE-2025-68190

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/atom: Check kcalloc for WS buffer in amdgpuatomexecutetablelocked kcalloc may fail. When WS is non-zero and allocation fails, ectx.ws remains NULL while ectx.wssize is set, leading to a potential NULL pointer dereferen...

5.8AI score0.00166EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•4 views

CVE-2025-68223

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeonfenceprocess in issignaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fenceops::signaled can be called with the fence lock in unkno...

5.5CVSS5.9AI score0.00099EPSS
Exploits0References21
UbuntuCve
UbuntuCve
•added 2025/12/16 2:15 p.m.•4 views

CVE-2025-68226

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfidsinvalidationworker The previous commit bdb596ceb4b7 "smb: client: fix potential UAF in smb2closecachedfid" was an incomplete backport and missed one krefput call in...

5.7AI score0.0015EPSS
Exploits0References3
Total number of security vulnerabilities68528