Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38385

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

7.8CVSS6.3AI score0.00166EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38364

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix MASTATEPREALLOC flag in maspreallocate Temporarily clear the preallocation flag when explicitly requesting allocations. Pre-existing allocations are already counted against the request through masnodecountgfp, but...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•4 views

CVE-2025-38358

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between async reclaim worker and closectree Syzbot reported an assertion failure due to an attempt to add a delayed iput after we have set BTRFSFSSTATENODELAYEDIPUT in the fsinfo state: WARNING: CPU: 0 PID: 65 at...

4.7CVSS5.7AI score0.00096EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•4 views

CVE-2025-38391

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pinassignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DPPINASSIGNF. In...

5.5CVSS6.3AI score0.0017EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38378

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix slab use-after-free bug in appletbkbdprobe In probe appletbkbdprobe a "struct appletbkbd kbd" is allocated via devmkzalloc to store touch bar keyboard related data. Later on if backlightdevicegetbyname finds...

7.8CVSS6.6AI score0.00144EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38373

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix potential deadlock in MR deregistration The issue arises when kzalloc is invoked while holding umemmutex or any other lock acquired under umemmutex. This is problematic because kzalloc can trigger fsreclaimaqcuire,...

5.5CVSS6AI score0.0011EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38382

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix iteration of extrefs during log replay At inodeaddref when processing extrefs, if we jump into the next label we have an undefined value of victimname.len, since we haven't initialized it before we did the goto. This...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38360

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees WHY For non-zero DSC instances it's possible that the HUBP domain required to drive it for sequential ONO ASICs isn't met, potentially causing the logic to the tile t...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38376

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - There is data transfer over USB Ethernet scp a b...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References28
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38367

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as array index when modify register EIOINTCENABLE. There will be array index overflow problem...

7.8CVSS6.6AI score0.00144EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38365

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a race between renames and directory logging We have a race between a rename and directory inode logging that if it happens and we crash/power fail before the rename completes, the next time the filesystem is mounted,...

4.7CVSS6.2AI score0.00114EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38380

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.6AI score
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38354

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gpu: Fix crash when throttling GPU immediately during boot There is a small chance that the GPU is already hot during boot. In that case, the call to ofdevfreqcoolingregister will immediately try to apply devfreq cooling,...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38394

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix memory corruption of inputhandlerlist In appletbkbdprobe an input handler is initialised and then registered with input core through inputregisterhandler. When this happens input core will add the input...

7.8CVSS6.6AI score0.00144EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38372

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling xastore and xaerase were used without holding the proper lock, which led to a lockdep warning due to unsafe RCU usage. This patch replaces them with xastore and xaerase...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•1 views

CVE-2025-38392

In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock With VIRTCHNL2CAPMACFILTER enabled, the following warning is generated on module load: 324.701677 BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•5 views

CVE-2025-38396

In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...

7.8CVSS6.3AI score0.00163EPSS
Exploits0References29
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•4 views

CVE-2025-38355

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Process deferred GGTT node removals on device unwind While we are indirectly draining our dedicated workqueue ggtt-wq that we use to complete asynchronous removal of some GGTT nodes, this happends as part of the managed-d...

5.5CVSS6.2AI score0.00154EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38368

In the Linux kernel, the following vulnerability has been resolved: misc: tps6594-pfsm: Add NULL pointer check in tps6594pfsmprobe The returned value, pfsm-miscdev.name, from devmkasprintf could be NULL. A pointer check is added to prevent potential NULL pointer dereference. This is similar to th...

5.5CVSS5.9AI score0.00148EPSS
Exploits0References28
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•8 views

CVE-2025-38402

In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading to cast and invalid size value as a result. -EOPNOTSUPP as a size probably will lead to allocation fail. Command: ethto...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•8 views

CVE-2025-38393

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

4.7CVSS6.3AI score0.00123EPSS
Exploits0References40
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38361

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dcehwseq before dereferencing it WHAT hws was checked for null earlier in dce110blankstream, indicating hws can be null, and should be checked whenever it is used. cherry picked from commit...

7.8CVSS6.3AI score0.00196EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38357

In the Linux kernel, the following vulnerability has been resolved: fuse: fix runtime warning on truncatefoliobatchexceptionals The WARNONONCE is introduced on truncatefoliobatchexceptionals to capture whether the filesystem has removed all DAX entries or not. And the fix has been applied on the...

7.8CVSS6.2AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•7 views

CVE-2025-38401

In the Linux kernel, the following vulnerability has been resolved: mtk-sd: Prevent memory corruption from DMA map failure If msdcpreparedata fails to map the DMA region, the request is not prepared for data receiving, but msdcstartdata proceeds the DMA with previous setting. Since this will lead...

7.8CVSS6.4AI score0.00168EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•4 views

CVE-2025-38388

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Replace mutex with rwlock to avoid sleep in atomic context The current use of a mutex to protect the notifier hashtable accesses can lead to issues in the atomic context. It results in the below kernel warnings:...

5.5CVSS5.9AI score0.00117EPSS
Exploits0References27
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•6 views

CVE-2025-38366

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "numcpu" from user space The maximum supported cpu number is EIOINTCROUTEMAXVCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow...

7.8CVSS6.7AI score0.00145EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38387

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize objevent-objsublist before xainsert The objevent may be loaded immediately after inserted, then if the listhead is not initialized then we may get a poisonous pointer. This fixes the crash below: mlx5core...

5.5CVSS6.2AI score0.0017EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•4 views

CVE-2025-38397

In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: fix suspicious RCU usage warning When I run the NVME over TCP test in virtme-ng, I get the following "suspicious RCU usage" warning in nvmempathaddsysfslink: ''' 5.024557 T44 nvmet: Created nvm controller 1 for...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38370

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix failure to rebuild free space tree using multiple transactions If we are rebuilding a free space tree, while modifying the free space tree we may need to allocate a new metadata block group. If we end up using multiple...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38398

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: reallocate BAM transactions Using the mtdnandbiterrs module for testing the driver occasionally results in weird things like below. 1. swiotlb mapping fails with the following message: 85.926216 qcomsnand...

5.5CVSS6.1AI score0.00129EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•5 views

CVE-2025-38362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for getfirstactivedisplay The function modhdcphdcp1enableencryption calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

5.5CVSS6.3AI score0.00107EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38386

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing As reported in 1, a platform firmware update that increased the number of method parameters and forgot to update a least one of its callers, caused ACPICA to crash due ...

5.5CVSS6.3AI score0.00166EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•4 views

CVE-2025-38356

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Explicitly exit CT safe mode on unwind During driver probe we might be briefly using CT safe mode, which is based on a delayed work, but usually we are able to stop this once we have IRQ fully operational. However, if...

5.5CVSS6.2AI score0.00154EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•3 views

CVE-2025-38359

In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix inatomic handling in dosecurestorageaccess Kernel user spaces accesses to not exported pages in atomic context incorrectly try to resolve the page fault. With debug options enabled call traces like this can be seen:...

5.5CVSS5.7AI score0.00104EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38395

In the Linux kernel, the following vulnerability has been resolved: regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods drvdata::gpiods is supposed to hold an array of 'gpiodesc' pointers. But the memory is allocated for only one pointer. This will lead to out-of-bounds access later ...

7.1CVSS6.4AI score0.00164EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•4 views

CVE-2025-38363

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix a possible null pointer dereference In tegracrtcreset, new memory is allocated with kzalloc, but no check is performed. Before calling drmatomichelpercrtcreset, state should be checked to prevent possible null...

5.5CVSS6.3AI score0.00167EPSS
Exploits0References40
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•2 views

CVE-2025-38375

In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdplinearizepage, when reading the following buffers from the ring, we forget to check the received length with the true allocate size. This can lead to an...

7.8CVSS6.3AI score0.0017EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/07/25 1:15 p.m.•1 views

CVE-2025-38371

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Disable interrupts before resetting the GPU Currently, an interrupt can be triggered during a GPU reset, which can lead to GPU hangs and NULL pointer dereference in an interrupt context as shown in the following trace:...

5.5CVSS6.3AI score0.00161EPSS
Exploits0References41
UbuntuCve
UbuntuCve
•added 2025/07/25 12:0 a.m.•2 views

CVE-2025-54566

hw/pci/pciesriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327...

5.4CVSS5.9AI score0.0024EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/07/25 12:0 a.m.•1 views

CVE-2025-54567

hw/pci/pciesriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327...

5.4CVSS5.9AI score0.0024EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/07/24 3:15 p.m.•5 views

CVE-2025-8114

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...

4.7CVSS6.3AI score0.00217EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/24 7:15 a.m.•3 views

CVE-2025-1299

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all versions starting from 18.2 before 18.2.1 that, under circumstances, could have allowed an unauthorized user to read deployment job logs by...

4.3CVSS5.8AI score0.00298EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/07/24 7:15 a.m.•4 views

CVE-2025-7001

An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed priviledged users to access certain resourcegroup information through the API which should have been unavailable...

4.3CVSS5.8AI score0.00383EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2025/07/24 7:15 a.m.•3 views

CVE-2025-0765

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an unauthorized user to access custom service desk email addresses...

4.3CVSS5.8AI score0.0038EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/07/24 7:15 a.m.•5 views

CVE-2025-4976

An issue has been discovered in GitLab EE affecting all versions from 17.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under certain circumstances, could have allowed an attacker to access internal notes in GitLab Duo responses...

5.3CVSS5.8AI score0.00392EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/07/23 9:15 p.m.•2 views

CVE-2025-53537

LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set suricata.yaml...

7.5CVSS5.9AI score0.0042EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/23 8:15 p.m.•3 views

CVE-2025-8058

The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation...

5.9CVSS6.8AI score0.00158EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/23 7:15 p.m.•2 views

CVE-2025-46686

Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...

3.5CVSS5.9AI score0.00263EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/07/23 6:15 p.m.•3 views

CVE-2025-4700

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific circumstances, could have potentially allowed a successful attacker to trigger unintended content rendering leading to XSS...

8.7CVSS5.8AI score0.00222EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/07/23 6:15 p.m.•5 views

CVE-2025-4439

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an authenticated user to perform cross-site scripting attacks when the instance is served through certain content delivery networks...

7.7CVSS5.7AI score0.00236EPSS
Exploits0References3
Total number of security vulnerabilities68528