CVE Daily
← All years

Uncategorized 2025

Page 3/22.

CVEs without a recognized CWE (not present in the CWE map or marked as N/A).

CVSS ≥ 0.0
2025-07-25
Low

CVE-2025-38365

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a race between renames and directory logging We have a race between a rename and directory inode logging that if it ha…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38364

In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() Temporarily clear the preallocation flag when explicitly requesting a…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38363

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix a possible null pointer dereference In tegra_crtc_reset(), new memory is allocated with kzalloc(), but no check is…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for get_first_active_display() The function mod_hdcp_hdcp1_enable_encryption() calls the…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38361

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dce_hwseq before dereferencing it [WHAT] hws was checked for null earlier in dce110_blank_stream, indicat…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38360

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees [WHY] For non-zero DSC instances it's possible that the HUBP domai…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38359

In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix in_atomic() handling in do_secure_storage_access() Kernel user spaces accesses to not exported pages in atomic conte…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38358

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between async reclaim worker and close_ctree() Syzbot reported an assertion failure due to an attempt to add a de…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38357

In the Linux kernel, the following vulnerability has been resolved: fuse: fix runtime warning on truncate_folio_batch_exceptionals() The WARN_ON_ONCE is introduced on truncate_folio_batch_exception…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38356

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Explicitly exit CT safe mode on unwind During driver probe we might be briefly using CT safe mode, which is based on…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38355

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Process deferred GGTT node removals on device unwind While we are indirectly draining our dedicated workqueue ggtt->wq th…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38354

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gpu: Fix crash when throttling GPU immediately during boot There is a small chance that the GPU is already hot during boo…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38353

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabled and the state is…

CVSS: N/ACWE: N/A
Read more
Medium

CVE-2025-7022

The My Reservation System WordPress plugin through 2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used…

CVSS: 6.1CWE: N/A
Read more
2025-07-23
Medium

CVE-2025-6174

The Qwizcards | online quizzes and flashcards WordPress plugin through 3.9.4 does not sanitise and escape the "_stylesheet" parameter before outputting it back in the page, leading to a Reflected Cro…

CVSS: 6.1CWE: N/A
Read more
2025-07-22
High

CVE-2015-10140

The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to upload and delete arbitrary files.

CVSS: 8.8CWE: N/A
Read more
Low

CVE-2025-38352

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has alr…

CVSS: N/ACWE: N/A
Read more
2025-07-19
Low

CVE-2025-38351

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38350

In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue han…

CVSS: N/ACWE: N/A
Read more
2025-07-18
Medium

CVE-2025-45156

Splashin iOS v2.0 fails to enforce server-side interval restrictions for location updates for free-tier users.

CVSS: 5.3CWE: N/A
Read more
Low

CVE-2025-38349

In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep re…

CVSS: N/ACWE: N/A
Read more
2025-07-17
Medium

CVE-2025-23269

NVIDIA Jetson Linux contains a vulnerability in the kernel where an attacker may cause an exposure of sensitive information due to a shared microarchitectural predictor state that influences transien…

CVSS: 4.7CWE: N/A
Read more
Medium

CVE-2025-4302

The Stop User Enumeration WordPress plugin before version 1.7.3 blocks REST API /wp-json/wp/v2/users/ requests for non-authorized users. However, this can be bypassed by URL-encoding the API path.

CVSS: 5.3CWE: N/A
Read more
2025-07-16
Medium

CVE-2025-40913

Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow. Net::Dropbear embeds a version of the libtommath library that is susceptible to an…

CVSS: 6.5CWE: N/A
Read more
2025-07-15
High

CVE-2025-50106

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u4…

CVSS: 8.1CWE: N/A
Read more
Medium

CVE-2025-50068

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vuln…

CVSS: 6.7CWE: N/A
Read more
High

CVE-2025-50063

Vulnerability in Oracle Java SE (component: Install). The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to…

CVSS: 7.3CWE: N/A
Read more
High

CVE-2025-30749

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u4…

CVSS: 8.1CWE: N/A
Read more
High

CVE-2024-42650

NanoMQ 0.17.5 was discovered to contain a segmentation fault via the component /nanomq/pub_handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH mess…

CVSS: 7.5CWE: N/A
Read more
2025-07-14
High

CVE-2024-26293

The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issu…

CVSS: 8.7CWE: N/A
Read more
Low

CVE-2025-7577

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of hard-coded…

CVSS: 3.7CWE: CWE-255
Read more
2025-07-11
Low

CVE-2025-7453

A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file zpan/internal/app/service/token.go of the comp…

CVSS: 3.7CWE: CWE-255
Read more
High

CVE-2025-30403

A heap-buffer-overflow vulnerability is possible in mvfst via a specially crafted message during a QUIC session. This issue affects mvfst versions prior to v2025.07.07.00.

CVSS: 8.1CWE: N/A
Read more
High

CVE-2025-30402

A heap-buffer-overflow vulnerability in the loading of ExecuTorch methods can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects Exec…

CVSS: 8.1CWE: N/A
Read more
High

CVE-2025-7029

A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used to derive pointers (OcHeader, OcData) passed into power and therm…

CVSS: 8.2CWE: N/A
Read more
High

CVE-2025-7028

A vulnerability in the Software SMI handler (SwSmiInputValue 0x20) allows a local attacker to supply a crafted pointer (FuncBlock) through RBX and RCX register values. This pointer is passed unchecke…

CVSS: 7.8CWE: N/A
Read more
High

CVE-2025-7027

A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived f…

CVSS: 8.2CWE: N/A
Read more
High

CVE-2025-7026

A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the conte…

CVSS: 8.2CWE: N/A
Read more
Medium

CVE-2025-2942

The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title (such as from draft and private posts) via an unauthenticated AJAX action, allowing attackers to retrieve such in…

CVSS: 4.3CWE: N/A
Read more
2025-07-10
Low

CVE-2025-38348

In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() Robert Morris reported: |If a malicious USB device pretends to be…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38347

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for mo…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38346

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38345

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache l…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38344

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I w…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38343

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38342

In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in software_node_get_reference_args() software_node_get_reference_args() wants to get @index-t…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38341

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnic_mbx_map_msg() retains the own…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38340

In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - cs_dsp_mock_bin_add_name_or_info…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38339

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: fix JIT code size calculation of bpf trampoline arch_bpf_trampoline_size() provides JIT size of the BPF trampoline b…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38338

In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() Sometimes, when a file was read while it was being truncated by an…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38337

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() Since handle->h_transaction may be a NULL pointer, so we…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38336

In the Linux kernel, the following vulnerability has been resolved: ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that can hard hang the system when…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38335

In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT When enabling PREEMPT_RT, the gpio_keys_irq_timer() callback runs in…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38334

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Prevent attempts to reclaim poisoned pages TL;DR: SGX page reclaim touches the page to copy its contents to secondary st…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38333

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to bail out in get_new_segment() ------------[ cut here ]------------ WARNING: CPU: 3 PID: 579 at fs/f2fs/segment.c:283…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38332

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy() for BIOS version The strlcat() with FORTIFY support is triggering a panic because it thinks the target b…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38331

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TC…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38330

In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache) KASAN reported out of bounds access - cs_dsp_ctl_cache_ini…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38329

In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test (wmfw info) KASAN reported out of bounds access - cs_dsp_mock_wmfw_add…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38328

In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2_prealloc_raw_node_refs() result in few other places Fuzzing hit another invalid pointer dereference due to the…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38327

In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable function_graph tracer when setting funcgraph-args When setting the funcgraph-args option when function grap…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38326

In the Linux kernel, the following vulnerability has been resolved: aoe: clean device rq_list in aoedev_downdev() An aoe device's rq_list contains accepted block requests that are waiting to be tra…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38325

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add free_transport ops in ksmbd connection free_transport function for tcp connection can be called from smbdirect. It wil…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38324

In the Linux kernel, the following vulnerability has been resolved: mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu(). As syzbot reported [0], mpls_route_input_rcu() can be called from mpl…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38323

In the Linux kernel, the following vulnerability has been resolved: net: atm: add lec_mutex syzbot found its way in net/atm/lec.c, and found an error path in lecd_attach() could leave a dangling po…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38322

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix crash in icl_update_topdown_event() The perf_fuzzer found a hard-lockup crash on a RaptorLake machine: Oop…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38321

In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when close_all_cached_dirs fails Under low-memory conditions, close_all_cached_dirs() can't move the dentries t…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38320

In the Linux kernel, the following vulnerability has been resolved: arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth() KASAN reports a stack-out-of-bounds read in regs_get_ke…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38319

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table The function atomctrl_initialize_mc_reg_ta…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38318

In the Linux kernel, the following vulnerability has been resolved: perf: arm-ni: Fix missing platform_set_drvdata() Add missing platform_set_drvdata in arm_ni_probe(), otherwise calling platform_g…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38317

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix buffer overflow in debugfs If the user tries to write more than 32 bytes then it results in memory corruption.…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38316

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996_set_monitor() The function mt7996_set_monitor() dereferences phy bef…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38315

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check dsbr size from EFI variable Since the size of struct btintel_dsbr is already known, we can just start t…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38314

In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtio_pci_admin_dev_parts_get(…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38313

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix double-free on mc_dev The blamed commit tried to simplify how the deallocations are done but, in the process, in…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38312

In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() In fb_find_mode_cvt(), iff mode->refresh somehow happens to be 0x8000…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38311

In the Linux kernel, the following vulnerability has been resolved: iavf: get rid of the crit lock Get rid of the crit lock. That frees us from the error prone logic of try_locks. Thanks to netdev…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38310

In the Linux kernel, the following vulnerability has been resolved: seg6: Fix validation of nexthop addresses The kernel currently validates that the length of the provided nexthop address does not…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xe_svm_init() earlier In xe_vm_close_and_put() we need to be able to call xe_svm_fini(), however during vm creati…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38308

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw Search result of avs_dai_find_path_template() shall be verified bef…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38307

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify content returned by parse_int_array() The first element of the returned array stores its length. If it i…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38306

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38305

In the Linux kernel, the following vulnerability has been resolved: ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() There is no disagreement that we should check both ptp->is_virtual_…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38304

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eir_get_service_data The len parameter is considered optional so it can be NULL so it ca…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38303

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eir_create_adv_data eir_create_adv_data may attempt to add EIR_FLAGS and EIR_TX_POWER wit…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38302

In the Linux kernel, the following vulnerability has been resolved: block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work Bios queued up in the zone write plug have already gone thr…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38301

In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmp_nvmem: unbreak driver after cleanup Commit 29be47fcd6a0 ("nvmem: zynqmp_nvmem: zynqmp_nvmem_probe cleanup") changed…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38300

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() Fix two DMA cleanup issues on the error path in sun8i_c…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38299

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() ETDM2_IN_BE and ETDM1_OUT_BE are defined as COMP_EMPTY(), in the case…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38298

In the Linux kernel, the following vulnerability has been resolved: EDAC/skx_common: Fix general protection fault After loading i10nm_edac (which automatically loads skx_edac_common), if unload onl…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38297

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix potential division-by-zero error in em_compute_costs() When the device is of a non-CPU type, table[i].performance won…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38296

In the Linux kernel, the following vulnerability has been resolved: ACPI: platform_profile: Avoid initializing on non-ACPI platforms The platform profile driver is loaded even on platforms that do…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38295

In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create() The Amlogic DDR PMU driver meson_d…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38294

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix NULL access in assign channel context handler Currently, when ath12k_mac_assign_vif_to_vdev() fails, the radio…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38293

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath11k_core_halt() only reinitializes th…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38292

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean is_continuation…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38291

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash Currently, we encounter the following kernel call tr…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38290

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath12k_core_halt() only reinitializes th…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38289

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk Smatch detected a potential use-after-free of an ndlp ojec…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38288

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels Correct kernel call trace when calling smp_processor_id…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38287

In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cm_id has advanced to another…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38286

In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91: Fix possible out-of-boundary access at91_gpio_probe() doesn't check that given OF alias is not available or someth…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38285

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN() in get_bpf_raw_tp_regs syzkaller reported an issue: WARNING: CPU: 3 PID: 5971 at kernel/trace/bpf_trace.c:1861 g…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38284

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: configure manual DAC mode via PCI config API only To support 36-bit DMA, configure chip proprietary bit via PCI…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38283

In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: bugfix live migration function without VF device driver If the VF device driver is not loaded in the Guest OS…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38282

In the Linux kernel, the following vulnerability has been resolved: kernfs: Relax constraint in draining guard The active reference lifecycle provides the break/unbreak mechanism but the active ref…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38281

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Add NULL check in mt7996_thermal_init devm_kasprintf() can return a NULL pointer on failure,but this returned…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38280

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid __bpf_prog_ret0_warn when jit fails syzkaller reported an issue: WARNING: CPU: 3 PID: 217 at kernel/bpf/core.c:2357 _…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38279

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue ([1]) where the following w…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38278

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback This patch addresses below issues, 1. Active traffic on the leaf node…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38277

In the Linux kernel, the following vulnerability has been resolved: mtd: nand: ecc-mxic: Fix use of uninitialized variable ret If ctx->steps is zero, the loop processing ECC steps is skipped, and t…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38276

In the Linux kernel, the following vulnerability has been resolved: fs/dax: Fix "don't skip locked entries when scanning entries" Commit 6be3e21d25ca ("fs/dax: don't skip locked entries when scanni…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38275

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug The qmp_usb_iomap() helper function currently returns the raw result of devm_iorem…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt() fpga_mgr_test_img_load_sgt() allocates memory for sgt usin…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38273

In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix refcount warning in tipc_aead_encrypt syzbot reported a refcount warning [1] caused by calling get_net() on a netw…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38272

In the Linux kernel, the following vulnerability has been resolved: net: dsa: b53: do not enable EEE on bcm63xx BCM63xx internal switches do not support EEE, but provide multiple RGMII ports where…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38271

In the Linux kernel, the following vulnerability has been resolved: net: prevent a NULL deref in rtnl_create_link() At the time rtnl_create_link() is running, dev->netdev_ops is NULL, we must not u…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38270

In the Linux kernel, the following vulnerability has been resolved: net: drv: netdevsim: don't napi_complete() from netpoll netdevsim supports netpoll. Make sure we don't call napi_complete() from…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38269

In the Linux kernel, the following vulnerability has been resolved: btrfs: exit after state insertion failure at btrfs_convert_extent_bit() If insert_state() state failed it returns an error pointe…

CVSS: N/ACWE: N/A
Read more
Low

CVE-2025-38268

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work A state check was previously added to tcpm_queue_vdm_unlocked…

CVSS: N/ACWE: N/A
Read more
>