Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•1 views

CVE-2025-39842

In the Linux kernel, the following vulnerability has been resolved: ocfs2: prevent release journal inode after journal shutdown Before calling ocfs2deleteosb, ocfs2journalshutdown has already been executed in ocfs2dismountvolume, so osb-journal must be NULL. Therefore, the following calltrace wil...

5.5CVSS5.9AI score0.00156EPSS
Exploits0References17
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•2 views

CVE-2025-39844

In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: unable t...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•2 views

CVE-2025-39843

In the Linux kernel, the following vulnerability has been resolved: mm: slub: avoid wake up kswapd in settrackprepare settrackprepare can incur lock recursion. The issue is that it is called from hrtimerstartrangens holding the percpuhrtimerbasesn.lock, but when enabled CONFIGDEBUGOBJECTSTIMERS,...

5.5CVSS5.9AI score0.00107EPSS
Exploits0References17
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•1 views

CVE-2025-39845

In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCHPAGETABLESYNCMASK and archsynckernelmappings Define ARCHPAGETABLESYNCMASK and archsynckernelmappings to ensure page tables are properly synchronized when calling pdpopulatekernel. For 5-level paging,...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•1 views

CVE-2025-39839

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadvncskbdecodepacket trusts codedlen and checks only against skb-len. XOR starts at sizeofstruct batadvunicastpacket, reducing payload headroom, and the source skb length...

7.1CVSS6.2AI score0.00164EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•7 views

CVE-2025-39865

In the Linux kernel, the following vulnerability has been resolved: tee: fix NULL pointer dereference in teeshmput teeshmput have NULL pointer dereference: opteedisableshmcache -- shm = regpairtoptr...;//shm maybe return NULL teeshmfreeshm; -- teeshmputshm;//crash Add check in teeshmput to fix it...

5.5CVSS5.8AI score0.00149EPSS
Exploits0References28
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•2 views

CVE-2025-39857

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix one NULL pointer dereference in smcibissgneedsync BUG: kernel NULL pointer dereference, address: 00000000000002ec PGD 0 P4D 0 Oops: Oops: 0000 1 SMP PTI CPU: 28 UID: 0 PID: 343 Comm: kworker/28:1 Kdump: loaded Tainte...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References17
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•3 views

CVE-2025-39840

In the Linux kernel, the following vulnerability has been resolved: audit: fix out-of-bounds read in auditcomparednamepath When a watch on dir=/ is combined with an fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...

7.1CVSS6.6AI score0.0014EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•1 views

CVE-2025-39854

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

7.8CVSS6.6AI score0.00141EPSS
Exploits0References15
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•2 views

CVE-2025-39862

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix list corruption after hardware restart Since stations are recreated from scratch, all lists that wcids are added to must be cleared before calling ieee80211restarthw. Set wcid-sta = 0 for each wcid entry i...

7.8CVSS6.6AI score0.00133EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•1 views

CVE-2025-39852

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 When tcpaocopyallmatching fails in tcpv6synrecvsock it just exits the function. This ends up causing a memory-leak: unreferenced object 0xffff0000281a8200 size...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References15
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•2 views

CVE-2025-39860

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2capsockcleanuplisten syzbot reported the splat below without a repro. In the splat, a single thread calling btacceptdequeue freed sk and touched it after that. The root cause would be the racy...

7.8CVSS6.1AI score0.00152EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•1 views

CVE-2025-39863

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work The brcmfbtcoexdetach only shuts down the btcoex timer, if the flag timeron is false. However, the brcmfbtcoextimerfunc, which runs as timer handler, sets...

7.8CVSS6.8AI score0.00148EPSS
Exploits0References16
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•3 views

CVE-2025-39856

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix null pointer dereference for ndev In the TX completion packet stage of TI SoCs with CPSW2G instance, which has single external ethernet port, ndev is accessed without being initialized if no...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•4 views

CVE-2025-39841

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only then cleared the...

7.8CVSS6.4AI score0.00167EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•2 views

CVE-2025-39848

In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25kissrcv Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d "net: introduce per netns packet chains". skb-dev becomes NULL and we crash in netifreceiveskbcore. Before...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•3 views

CVE-2025-39837

In the Linux kernel, the following vulnerability has been resolved: platform/x86: asus-wmi: Fix racy registrations asuswmiregisterdriver may be called from multiple drivers concurrently, which can lead to the racy list operations, eventually corrupting the memory and hitting Oops on some ASUS...

7.8CVSS6.5AI score0.00143EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•1 views

CVE-2025-39864

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmpbss Following bssfree quirk introduced in commit 776b3580178f "cfg80211: track hidden SSID networks properly", adjust cfg80211updateknownbss to free the last beacon frame elements only if...

7.8CVSS6.3AI score0.00152EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•1 views

CVE-2025-39849

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is more than IEEE80211MAXSSIDLEN 32 it would lead to memory corruption so add some bounds checking...

7.8CVSS6.3AI score0.00144EPSS
Exploits0References17
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•1 views

CVE-2025-39853

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty listfirstentry never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory access when dereferenced. Fi...

7.1CVSS6.1AI score0.00152EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•2 views

CVE-2025-39866

In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in markinodedirty An use-after-free issue occurred when markinodedirty get the bdiwriteback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted...

7.8CVSS6.4AI score0.00286EPSS
Exploits1References27
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•3 views

CVE-2025-39858

In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fix ISERR vs NULL check bug in mlx4encreaterxring Replace NULL check with ISERR check after calling pagepoolcreate since this function returns error pointers ERRPTR. Using NULL check could lead to invalid pointer...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•2 views

CVE-2025-39851

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object VXLAN FDB entries can point to either a remote destination or an FDB nexthop group. The latter is usually used in EVPN deployments where learning is disabled...

5.5CVSS6AI score0.00145EPSS
Exploits0References15
UbuntuCve
UbuntuCve
•added 2025/09/19 4:15 p.m.•3 views

CVE-2025-39861

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

7.8CVSS6.6AI score0.00142EPSS
Exploits0References16
UbuntuCve
UbuntuCve
•added 2025/09/19 12:0 a.m.•1 views

CVE-2025-9906

The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .keras model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...

8.6CVSS7.2AI score0.00186EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/19 12:0 a.m.•1 views

CVE-2025-9905

The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...

7.3CVSS7.3AI score0.00205EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/09/18 11:15 p.m.•5 views

CVE-2025-59692

PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...

3.7CVSS6.7AI score0.00193EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/18 11:15 p.m.•9 views

CVE-2025-59691

PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In th...

3.7CVSS6.6AI score0.00203EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/18 7:15 p.m.•4 views

CVE-2025-47906

If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

6.5CVSS6.8AI score0.00489EPSS
Exploits1References5
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2023-53420

In the Linux kernel, the following vulnerability has been resolved: ntfs: Fix panic about slab-out-of-bounds caused by ntfslistxattr Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in ntfslistea fs/ntfs3/xattr.c:191 inline BUG: KASAN: slab-out-of-bounds in ntfslistxattr+0x401/0x5...

7.1CVSS6.6AI score0.00149EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•1 views

CVE-2023-53440

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing of creation and deletion of sysfs entries, potentially leading to null pointer dereferences, use-after-free, and lockdep warnings...

5.5CVSS5.9AI score0.00132EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2022-50406

In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev...

7.8CVSS5.9AI score0.00152EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2023-53435

In the Linux kernel, the following vulnerability has been resolved: cassini: Fix a memory leak in the error handling path of casinitone cassaturnfirmwareinit allocates some memory using vmalloc. This memory is freed in the .remove function but not it the error handling path of the probe. Add the...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2022-50416

In the Linux kernel, the following vulnerability has been resolved: irqchip/wpcm450: Fix memory leak in wpcm450aicofinit If ofiomap failed, 'aic' should be freed before return. Otherwise there is a memory leak...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2023-53426

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix xskdiag use-after-free error during socket cleanup Fix a use-after-free error that is possible if the xskdiag interface is used after the socket has been unbound from the device. This can happen either due to the socket...

7.8CVSS6.7AI score0.00141EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2023-53439

In the Linux kernel, the following vulnerability has been resolved: net: skbpartialcsumset fix against transport header magic value skb-transportheader uses the special 0xFFFF value to mark if the transport header was set or not. We must prevent callers to accidentaly set skb-transportheader to...

5.5CVSS5.9AI score0.00134EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2023-53419

In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL-pointer dereference: CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall if...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•1 views

CVE-2023-53422

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fw: fix memory leak in debugfs Fix a memory leak that occurs when reading the fwinfo file all the way, since we return NULL indicating no more data, but don't free the status tracking object...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2022-50409

In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's skwq in skstreamwaitmemory Fixes the below NULL pointer dereference: ... 14.471200 Call Trace: 14.471562 14.471882 lockacquire+0x245/0x2e0 14.472416 ? removewaitqueue+0x12/0x50 14.473014 ?...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2022-50418

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: mhi: fix potential memory leak in ath11kmhiregister mhialloccontroller allocates a memory space for mhictrl. When gets some error, mhictrl should be freed with mhifreecontroller. But when ath11kmhireadaddrfromdt...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2022-50419

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times deviceadd shall not be called multiple times as stated in its documentation: 'Do not call this routine or deviceregister more than once for any device structure...

7.8CVSS6.2AI score0.00156EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•1 views

CVE-2023-53436

In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd says, putdevice should be used to give up the reference in the error...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2023-53431

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•1 views

CVE-2023-53427

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery work not initialized and list not cleared. Then will be warning and UAF when release the MR: WARNING: CPU: 4 PID: 824 at...

7.8CVSS6.2AI score0.0014EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•1 views

CVE-2023-53445

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix a refcount bug in qrtrrecvmsg Syzbot reported a bug as following: refcountt: addition on 0; use-after-free. ... RIP: 0010:refcountwarnsaturate+0x17c/0x1f0 lib/refcount.c:25 ... Call Trace: refcountadd...

5.5CVSS5.9AI score0.00131EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•1 views

CVE-2023-53437

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•1 views

CVE-2023-53438

In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch IF units on current AMD Zen-based systems do not guarantee a synchronous MC is delivered for poison consumption errors. Therefore,...

5.5CVSS6AI score0.00136EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•1 views

CVE-2022-50407

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...

5.5CVSS6AI score0.0016EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•1 views

CVE-2022-50404

In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcondosetfont failed syzbot is reporting memory leak at fbcondosetfont 1, for commit a5a923038d70 "fbdev: fbcon: Properly revert changes when vcresize failed" missed that the buffer might be new...

5.5CVSS6AI score0.0015EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/18 4:15 p.m.•2 views

CVE-2023-53429

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't check PageError in extentwritepage extentwritepage currenly sets PageError whenever any error happens, and the also checks for PageError to decide if to call error handling. This leads to very unclear responsibility...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References4
Total number of security vulnerabilities68528