Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/07/25 4:15 p.m.•2 views

CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...

5.5CVSS6.2AI score0.00148EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/07/25 4:15 p.m.•3 views

CVE-2025-38466

In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAPSYSADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the requested offset, but d...

5.5CVSS6.3AI score0.0017EPSS
Exploits0References40
UbuntuCve
UbuntuCve
•added 2025/07/25 4:15 p.m.•2 views

CVE-2025-38438

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 4:15 p.m.•4 views

CVE-2025-38454

In the Linux kernel, the following vulnerability has been resolved: ALSA: ad1816a: Fix potential NULL pointer deref in sndcardad1816apnp Use prwarn instead of devwarn when 'pdev' is NULL to avoid a potential NULL pointer dereference...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•3 views

CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...

5.5CVSS6.3AI score0.0017EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•3 views

CVE-2025-38423

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9375: Fix double free of regulator supplies Driver gets regulator supplies in probe path with devmregulatorbulkget, so should not call regulatorbulkfree in error and remove paths to avoid double free...

7.8CVSS6.6AI score0.00163EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•1 views

CVE-2025-38432

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: Initialize UDP checksum field before checksumming commit f1fce08e63fe "netpoll: Eliminate redundant assignment" removed the initialization of the UDP checksum, which was wrong and broke netpoll IPv6 transmission due...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•3 views

CVE-2025-38429

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Update read pointer only after buffer is written Inside mhiepringaddelement, the read pointer rdoffset is updated before the buffer is written, potentially causing race conditions where the host sees an updated read...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References28
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•1 views

CVE-2025-38421

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmf: Use device managed allocations If setting up smart PC fails for any reason then this can lead to a double free when unloading amd-pmf. This is because dev-buf was freed but never set to NULL and is again...

7.8CVSS6.6AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•1 views

CVE-2025-38436

In the Linux kernel, the following vulnerability has been resolved: drm/scheduler: signal scheduled fence when kill job When an entity from application B is killed, drmschedentitykill removes all jobs belonging to that entity through drmschedentitykilljobswork. If application A's job depends on a...

5.5CVSS6.1AI score0.00126EPSS
Exploits0References28
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•3 views

CVE-2025-38434

In the Linux kernel, the following vulnerability has been resolved: Revert "riscv: Define TASKSIZEMAX for accessok" This reverts commit ad5643cf2f69 "riscv: Define TASKSIZEMAX for accessok". This commit changes TASKSIZEMAX to be LONGMAX to optimize accessok, because the previous TASKSIZEMAX defau...

5.5CVSS5.7AI score0.00157EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•0 views

CVE-2025-38433

In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•3 views

CVE-2025-38427

In the Linux kernel, the following vulnerability has been resolved: video: screeninfo: Relocate framebuffers behind PCI bridges Apply PCI host-bridge window offsets to screeninfo framebuffers. Fixes invalid access to I/O memory. Resources behind a PCI host bridge can be relocated by a certain...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References28
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•3 views

CVE-2025-38422

In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices Maximum OTP and EEPROM size for hearthstone PCI1xxxx devices are 8 Kb and 64 Kb respectively. Adjust max size definitions and return correct EEPROM length based on...

7.8CVSS6.6AI score0.00164EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•3 views

CVE-2025-38425

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater than the maximum allowed bytes...

7.8CVSS6.3AI score0.00164EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•4 views

CVE-2025-38430

In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4spomustallow must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have undefined results. This patch adds a check that the rpc procedure...

5.5CVSS6.3AI score0.00174EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•2 views

CVE-2025-38435

In the Linux kernel, the following vulnerability has been resolved: riscv: vector: Fix context save/restore with xtheadvector Previously only v0-v7 were correctly saved/restored, and the context of v8-v31 are damanged. Correctly save/restore v8-v31 to avoid breaking userspace...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•5 views

CVE-2025-38426

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add basic validation for RAS header If RAS header read from EEPROM is corrupted, it could result in trying to allocate huge memory for reading the records. Add some validation to header fields...

5.5CVSS6.2AI score0.00157EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•2 views

CVE-2025-38431

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix regression with native SMB symlinks Some users and customers reported that their backup/copy tools started to fail when the directory being copied contained symlink targets that the client couldn't parse - even...

5.5CVSS5.9AI score0.00138EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•2 views

CVE-2025-38428

In the Linux kernel, the following vulnerability has been resolved: Input: ims-pcu - check record size in imspcuflashfirmware The "len" variable comes from the firmware and we generally do trust firmware, but it's always better to double check. If the "len" is too large it could result in memory...

7.8CVSS6.3AI score0.00179EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 3:15 p.m.•4 views

CVE-2025-38424

In the Linux kernel, the following vulnerability has been resolved: perf: Fix sample vs doexit Baisheng Gao reported an ARM64 crash, which Mark decoded as being a synchronous external abort -- most likely due to trying to access MMIO in bad ways. The crash further shows perf trying to do a user...

5.5CVSS6.3AI score0.0017EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•2 views

CVE-2025-38405

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128 slab or more precisely bio-biintegrity. Since commit bf4c89fc8797 "block: don't call biouninit from...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•1 views

CVE-2025-38412

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content...

5.5CVSS6.3AI score0.00156EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•3 views

CVE-2025-38410

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

5.5CVSS6.3AI score0.00156EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•1 views

CVE-2025-38408

In the Linux kernel, the following vulnerability has been resolved: genirq/irqsim: Initialize work context pointers properly Initialize ops member's pointers properly by using kzalloc instead of kmalloc when allocating the simulation work context. Otherwise the pointers contain random content...

5.5CVSS5.9AI score0.00158EPSS
Exploits0References40
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•1 views

CVE-2025-38413

In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...

5.5CVSS6AI score0.00154EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•2 views

CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•2 views

CVE-2025-38411

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix double put of request If a netfs request finishes during the pause loop, it will have the ref that belongs to the INPROGRESS flag removed at that point - however, if it then goes to the final wait loop, that will also...

7.8CVSS6.6AI score0.00153EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•1 views

CVE-2025-38407

In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...

5.5CVSS5.7AI score0.00154EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•2 views

CVE-2025-38406

In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: remove WARN on bad firmware input If the firmware gives bad input, that's nothing to do with the driver's stack at this point etc., so the WARNON doesn't add any value. Additionally, this is one of the top syzbot...

5.5CVSS6.3AI score0.00172EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•4 views

CVE-2025-38404

In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of crostypecaltmodedata::mutex. The call chain is as follows: 1. crostypecaltmodework acquires the mutex 2. typecaltmodevd...

5.5CVSS6.2AI score0.00129EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•1 views

CVE-2025-38414

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix GCCGCCPCIEHOTRST definition for WCN7850 GCCGCCPCIEHOTRST is wrongly defined for WCN7850, causing kernel crash on some specific platforms. Since this register is divergent for WCN7850 and QCN9274, move it to...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References28
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•1 views

CVE-2025-38419

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Cleanup acquired resources when rprochandleresources fails in rprocattach When rproc-state = RPROCDETACHED and rprocattach is used to attach to the remote processor, if rprochandleresources returns a failure, th...

5.5CVSS6.4AI score0.00156EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•3 views

CVE-2025-38403

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields to avoid any uninitialised data being left in the structure...

7.8CVSS6.3AI score0.0018EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•3 views

CVE-2025-38417

In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario Add simple eswitch mode checker in attaching VF procedure and allocate required port representor memory structures only in switchdev mode. The reset flows triggers VF if present...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•3 views

CVE-2025-38418

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Release rproc-cleantable after rprocattach fails When rproc-state = RPROCDETACHED is attached to remote processor through rprocattach, if rprochandleresources returns failure, then the clean table should be...

5.5CVSS6.4AI score0.00156EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•6 views

CVE-2025-38416

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in success path Setting tty-discdata before opening the NCI device means we need to clean it up on error paths. This also opens some short window if device starts sending data, even before...

7.8CVSS6.4AI score0.00183EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 2:15 p.m.•1 views

CVE-2025-38415

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sbminblocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfsbioread" bug. Syzkaller forks multiple processes which after mounting the Squashfs filesystem, issues an ioctl"/dev/loop0...

7.8CVSS6.4AI score0.00181EPSS
Exploits0References42
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•10 views

CVE-2025-38384

In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: fix memory leak of ECC engine conf Memory allocated for the ECC engine conf is not released during spinand cleanup. Below kmemleak trace is seen for this memory leak: unreferenced object 0xffffff80064f00e0 size 8:...

5.5CVSS6.3AI score0.00157EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38390

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...

5.5CVSS6AI score0.00154EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38383

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix data race in shownumainfo The following data-race was found in shownumainfo: ================================================================== BUG: KCSAN: data-race in vmallocinfoshow / vmallocinfoshow read to...

4.7CVSS5.7AI score0.00111EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38381

In the Linux kernel, the following vulnerability has been resolved: Input: cs40l50-vibra - fix potential NULL dereference in cs40l50uploadowt The cs40l50uploadowt function allocates memory via kmalloc without checking for allocation failure, which could lead to a NULL pointer dereference. Return...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38369

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...

7.8CVSS6.3AI score0.00154EPSS
Exploits0References28
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•7 views

CVE-2025-38399

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL pointer dereference in corescsi3decodespeciport The function corescsi3decodespeciport, in its error code path, unconditionally calls corescsi3lunaclundependitem passing the destsedeve pointer, which may be...

5.5CVSS6.3AI score0.00156EPSS
Exploits0References40
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•1 views

CVE-2025-38389

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix timeline left held on VMA alloc error The following error has been reported sporadically by CI when a test unbinds the i915 driver on a ring submission platform: 239.330153 ------------ cut here ------------...

7.8CVSS6.3AI score0.00179EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38353

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabled and the state is not even initialized. Protect the wedge call so it does nothing in this case. It fixes the following...

5.5CVSS6.2AI score0.00117EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38374

In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38379

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2reconnectserver, a dummy tcon is passed down to smb2reconnect with -queryinterface uninitialized, so we can't call queuedelayedwork on it. Fix...

5.5CVSS5.9AI score0.00148EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•4 views

CVE-2025-38400

In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfsfsprocnetinit fails. syzbot reported a warning below 1 following a fault injection in nfsfsprocnetinit. 0 When nfsfsprocnetinit fails, /proc/net/rpc/nfs is not removed. Later, rpcprocexit...

5.5CVSS6.3AI score0.00183EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38377

In the Linux kernel, the following vulnerability has been resolved: rose: fix dangling neighbour pointers in rosertdevicedown There are two bugs in rosertdevicedown that can cause use-after-free: 1. The loop bound t-count is modified within the loop, which can cause the loop to terminate early an...

7.8CVSS6.3AI score0.00164EPSS
Exploits0References41
Total number of security vulnerabilities68528