CVE-2025-32463
- EPSS 47.47%
- Veröffentlicht 30.06.2025 00:00:00
- Zuletzt bearbeitet 05.11.2025 19:26:48
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
CVE-2025-38086
- EPSS 0.15%
- Veröffentlicht 28.06.2025 07:52:58
- Zuletzt bearbeitet 17.12.2025 16:36:11
In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during mii_nway_restart In mii_nway_restart() the code attempts to call mii->mdio_read which is ch9200_mdio_read(). ch9200_mdio_read() utilise...
CVE-2025-38085
- EPSS 0.11%
- Veröffentlicht 28.06.2025 07:44:26
- Zuletzt bearbeitet 18.12.2025 21:21:33
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race huge_pmd_unshare() drops a reference on a page table that may have previously been shared across processes, potentially turning ...
CVE-2025-38084
- EPSS 0.15%
- Veröffentlicht 28.06.2025 07:44:25
- Zuletzt bearbeitet 18.12.2025 21:20:39
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, __split_vma() triggers hugetlb page table unsharing through vm_ops->may_split(). This happens before the VM...
CVE-2014-7210
- EPSS 0.43%
- Veröffentlicht 26.06.2025 20:52:47
- Zuletzt bearbeitet 06.08.2025 16:38:04
pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affec...
CVE-2025-38083
- EPSS 0.11%
- Veröffentlicht 20.06.2025 11:21:51
- Zuletzt bearbeitet 12.05.2026 13:16:42
In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 ...
CVE-2025-38079
- EPSS 0.18%
- Veröffentlicht 18.06.2025 09:33:53
- Zuletzt bearbeitet 12.05.2026 13:16:42
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it...
CVE-2025-38078
- EPSS 0.12%
- Veröffentlicht 18.06.2025 09:33:52
- Zuletzt bearbeitet 17.12.2025 17:57:43
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization (or reconfiguration) of a stream with the ...
CVE-2025-38077
- EPSS 0.19%
- Veröffentlicht 18.06.2025 09:33:51
- Zuletzt bearbeitet 17.12.2025 17:58:32
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() If the 'buf' array received from the user contains an empty string, the 'length' variable will be z...
CVE-2025-38074
- EPSS 0.17%
- Veröffentlicht 18.06.2025 09:33:50
- Zuletzt bearbeitet 17.12.2025 18:54:49
In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq->log_used with vq->mutex The vhost-scsi completion path may access vq->log_base when vq->log_used is already set to false. vhost-thread ...