CVE-2025-38185
- EPSS 0.16%
- Veröffentlicht 04.07.2025 13:37:11
- Zuletzt bearbeitet 18.12.2025 16:53:27
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcp_c_send(). syzbot reported the splat below. [0] vcc_sendmsg() copies data passed from userspace to skb and passes it to vcc->dev->ops...
CVE-2025-38183
- EPSS 0.16%
- Veröffentlicht 04.07.2025 13:37:10
- Zuletzt bearbeitet 18.12.2025 16:49:42
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() Before calling lan743x_ptp_io_event_clock_get(), the 'channel' value is checked against the maxi...
CVE-2025-38180
- EPSS 0.17%
- Veröffentlicht 04.07.2025 13:37:08
- Zuletzt bearbeitet 18.12.2025 15:36:58
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imb...
CVE-2025-38181
- EPSS 0.17%
- Veröffentlicht 04.07.2025 13:37:08
- Zuletzt bearbeitet 18.12.2025 16:49:32
In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct soc...
CVE-2025-38177
- EPSS 0.15%
- Veröffentlicht 04.07.2025 12:47:09
- Zuletzt bearbeitet 18.12.2025 16:48:54
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease ...
CVE-2025-38174
- EPSS 0.15%
- Veröffentlicht 04.07.2025 10:39:55
- Zuletzt bearbeitet 18.12.2025 16:46:25
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in tb_cfg_request_dequeue(): general protection fault, probably for non-canonical address 0xd...
CVE-2025-38173
- EPSS 0.15%
- Veröffentlicht 03.07.2025 08:36:10
- Zuletzt bearbeitet 18.12.2025 20:53:34
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0.
CVE-2025-38170
- EPSS 0.14%
- Veröffentlicht 03.07.2025 08:36:09
- Zuletzt bearbeitet 18.12.2025 20:53:13
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can re...
CVE-2025-38166
- EPSS 0.15%
- Veröffentlicht 03.07.2025 08:36:06
- Zuletzt bearbeitet 18.12.2025 20:51:59
In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:629! ...... [ 2172.944996] PKRU: 55555554 [ 2172.94...
CVE-2025-38167
- EPSS 0.14%
- Veröffentlicht 03.07.2025 08:36:06
- Zuletzt bearbeitet 12.05.2026 13:16:43
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdr_first_de() return value The hdr_first_de() function returns a pointer to a struct NTFS_DE. This pointer may be NULL. To handle the NULL error effectively, it i...