Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39790

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the TREs between it and...

7.8CVSS6.8AI score0.00143EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39776

In the Linux kernel, the following vulnerability has been resolved: mm/debugvmpgtable: clear page table entries at destroyargs The mm/debugvmpagetable test allocates manually page table entries for the tests it runs, using also its manually allocated mmstruct. That in itself is ok, but when it...

7.8CVSS6.6AI score0.00144EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39738

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not allow relocation of partially dropped subvolumes BUG There is an internal report that balance triggered transaction abort, with the following call trace: item 85 key 594509824 169 0 itemoff 12599 itemsize 33 extent...

7.8CVSS6.6AI score0.00156EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•3 views

CVE-2025-39782

In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2logdocheckpoint Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release jlistlock after processing a batch of buffers to avoid long hold times on the jlistlock. However,...

5.5CVSS5.9AI score0.00117EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•0 views

CVE-2025-39761

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Decrement TID on RX peer frag setup error handling Currently, TID is not decremented before peer cleanup, during error handling path of ath12kdprxpeerfragsetup. This could lead to out-of-bounds access in peer-rxtid...

7.1CVSS6.4AI score0.00149EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39736

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid deadlock by moving prwarn outside kmemleaklock When netpoll is enabled, calling prwarnonce while holding kmemleaklock in mempoolalloc can cause a deadlock due to lock inversion with the netconsole subsystem. Th...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39780

In the Linux kernel, the following vulnerability has been resolved: sched/ext: Fix invalid task state transitions on class switch When enabling a schedext scheduler, we may trigger invalid task state transitions, resulting in warnings like the following which can be easily reproduced by running t...

5.5CVSS5.9AI score0.00134EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•3 views

CVE-2025-39781

In the Linux kernel, the following vulnerability has been resolved: parisc: Drop WARNONONCE from flushcachevmap I have observed warning to occassionally trigger...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39752

In the Linux kernel, the following vulnerability has been resolved: ARM: rockchip: fix kernel hang during smp initialization In order to bring up secondary CPUs main CPU write trampoline code to SRAM. The trampoline code is written while secondary CPUs are powered on at least that true for RK3188...

5.5CVSS5.8AI score0.00159EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39750

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Correct tid cleanup when tid setup fails Currently, if any error occurs during ath12kdprxpeertidsetup, the tid value is already incremented, even though the corresponding TID is not actually allocated. Proceed to...

7.1CVSS6.5AI score0.00149EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39756

In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...

5.5CVSS5.9AI score0.00166EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39773

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in brmulticastqueryexpired When set multicastqueryinterval to a large value, the local variable 'time' in brmulticastsendquery may overflow. If the time is smaller than jiffies, the timer will expire...

5.5CVSS5.9AI score0.0011EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39746

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: shutdown driver when hardware is unreliable In rare cases, ath10k may lose connection with the PCIe bus due to some unknown reasons, which could further lead to system crashes during resuming due to watchdog timeout...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39745

In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix rcutortureoneextendcheck splat in RT kernels For built with CONFIGPREEMPTRT=y kernels, running rcutorture tests resulted in the following splat: 68.797425 rcutortureoneextendcheck during change: Current 0x1 To add...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•10 views

CVE-2025-39744

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcureadunlock deadloop due to IRQ work During rcureadunlockspecial, if this happens during irqexit, we can lockup if an IPI is issued. This is because the IPI itself triggers the irqexit path causing a recursive lock up...

7.1CVSS6.5AI score0.00149EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39742

In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask The function divides number of online CPUs by numcoresiblings, and later checks the divider by zero. This implies a possibility to get and divide-by-zero runtime error...

5.5CVSS5.9AI score0.0016EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39748

In the Linux kernel, the following vulnerability has been resolved: bpf: Forget ranges when refining tnum after JSET Syzbot reported a kernel warning due to a range invariant violation on the following BPF program. 0: call bpfgetnetnscookie 1: if r0 == 0 goto 2: if r0 & Oxffffffff goto The issue ...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39770

In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...

5.5CVSS5.9AI score0.00144EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39764

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...

5.5CVSS5.7AI score0.00147EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39763

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggering a 2-bit uncorrected error, the CPU will take a synchronous error...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39787

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...

5.5CVSS6AI score0.00148EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39784

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix link speed calculation on retrain failure When pciefailedlinkretrain fails to retrain, it tries to revert to the previous link speed. However it calculates that speed from the Link Control 2 register without masking out...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•0 views

CVE-2025-39791

In the Linux kernel, the following vulnerability has been resolved: dm: dm-crypt: Do not partially accept write BIOs with zoned targets Read and write operations issued to a dm-crypt target may be split according to the dm-crypt internal limits defined by the maxreadsize and maxwritesize module...

5.5CVSS6.1AI score0.00113EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•4 views

CVE-2025-39789

In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•3 views

CVE-2025-39759

In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix race between quota disable and quota rescan ioctl There's a race between a task disabling quotas and another running the rescan ioctl that can result in a use-after-free of qgroup records from the...

7CVSS6.6AI score0.00108EPSS
Exploits0References24
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39757

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...

7.1CVSS6.4AI score0.00164EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•3 views

CVE-2025-39760

In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usbparsessendpointcompanion checks descriptor type before length, enabling a potentially odd read outside of the buffer size. Fix this up by checking the size...

7.1CVSS6.7AI score0.00164EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•4 views

CVE-2025-39751

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39743

In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, its hard link number is 0, so its inode pages are not truncated. This...

7.8CVSS6.6AI score0.00167EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•3 views

CVE-2025-39783

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is not correct as this field is a list head, not a list entry. This listdel call triggers a KASA...

7.8CVSS6.3AI score0.00152EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39788

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fix programming of HCIUTRLNEXUSTYPE On Google gs101, the number of UTP transfer request slots nutrs is 32, and in this case the driver ends up programming the UTRLNEXUSTYPE incorrectly as 0. This is because the...

7.8CVSS6.6AI score0.00155EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39785

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix irqrequest's irq name variable is local The local variable is passed in requestirq , and there will be use after free problem, which will make requestirq failed. Using the global irq name instead of it to...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39772

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•3 views

CVE-2025-39771

In the Linux kernel, the following vulnerability has been resolved: regulator: pca9450: Use devmregistersysoffhandler With module test, there is error dump: ------------ cut here ------------ notifier callback pca9450i2crestarthandler already registered WARNING: kernel/notifier.c:23 at...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39765

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39739

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Add the SM6115 MDSS compatible to clients compatible list, as it also needs that workaround. Without this workaround, for example, QRB4210 RB2 which is based on SM4250/SM6115...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39766

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

7.8CVSS6.6AI score0.00168EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•1 views

CVE-2025-39737

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid soft lockup in kmemleakdocleanup A soft lockup warning was observed on a relative small system x86-64 system with 16 GB of memory when running a debug kernel with kmemleak enabled. watchdog: BUG: soft lockup -...

5.5CVSS5.9AI score0.00159EPSS
Exploits0References36
UbuntuCve
UbuntuCve
•added 2025/09/11 5:15 p.m.•2 views

CVE-2025-39769

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix lockdep warning during rmmod The commit under the Fixes tag added a netdevassertlocked in bnxtfreentpfltrs. The lock should be held during normal run-time but the assert will be triggered see below during bnxtremoveon...

5.5CVSS5.9AI score0.00093EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/11 2:15 p.m.•3 views

CVE-2025-58142

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/11 2:15 p.m.•2 views

CVE-2025-58145

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...

7.5CVSS5.8AI score0.0042EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/11 2:15 p.m.•4 views

CVE-2025-58144

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...

7.5CVSS5.8AI score0.0042EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/11 2:15 p.m.•3 views

CVE-2025-27466

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/11 2:15 p.m.•4 views

CVE-2025-58143

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/11 1:0 p.m.•3 views

CVE-2025-58364

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

6.5CVSS7.1AI score0.01063EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/09/11 1:0 p.m.•5 views

CVE-2025-58060

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

8CVSS7.2AI score0.00964EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/09/11 12:0 a.m.•1 views

CVE-2025-48040

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to...

6.9CVSS5.9AI score0.00402EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/11 12:0 a.m.•2 views

CVE-2025-40300

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

5.5CVSS6.3AI score0.00331EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/09/11 12:0 a.m.•1 views

CVE-2025-48039

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.9AI score0.00359EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/11 12:0 a.m.•1 views

CVE-2025-48041

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

7.1CVSS5.9AI score0.00359EPSS
Exploits0References4
Total number of security vulnerabilities68528