6 matches found
CVE-2025-37750
CVE-2025-37750: Linux kernel SMB client UAF in decryption with multichannel resolved. After commits f7025d861694 and b0abcd65ec54, multiple cifsd threads could access the AEAD crypto context simultaneously, causing a use-after-free during decryption. The issue triggered KASAN reports (gf128mul_4k...
CVE-2025-22093
Summary (CVE-2025-22093) The Linux kernel DRM for AMD displays had a NULL pointer dereference risk when DMUB is unsupported on the ASIC. Specifically, ctx->dmub_srv could be NULL (tested in dm_dmub_sw_init) but was dereferenced in dmub_hw_lock_mgr_cmd if should_use_dmub_lock returned true. The...
CVE-2025-21819
Technical details for CVE-2025-21819 are not provided in the supplied documents; no affected product/version or remediation information is disclosed. Monitor for updates.
CVE-2025-38488
CVE-2025-38488 affects the Linux kernel SMB client path (crypt_message) where async crypto could lead to use-after-free when hardware accelerators return -EINPROGRESS. The issue arose after CVE-2024-50047 fixed async handling for all operations but hardware offload could still complete asynchrono...
CVE-2025-38588
CVE-2025-38588 affects the Linux kernel IPv6 path: an infinite loop in rt6_nlmsg_size() due to list_del_rcu() interactions with rt6_nh structures, potentially causing denial of service. The patch reworks the loop by restarting when f6i->fib6_nsiblings is zero, and kernel live patches/advisorie...
CVE-2025-38587
CVE-2025-38587 affects the Linux kernel IPv6 code: fib6_info_uses_dev() may loop indefinitely due to relying on RCU without explicit protection, risking an infinite loop if anchors are removed by fib6_del_route() or fib6_add_rt2node(). The vulnerability has been resolved in the kernel; advisories...