CVE-2025-37962
- EPSS 0.15%
- Veröffentlicht 20.05.2025 16:15:34
- Zuletzt bearbeitet 16.12.2025 20:29:12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leak in parse_lease_state() The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the functio...
CVE-2025-37963
- EPSS 0.16%
- Veröffentlicht 20.05.2025 16:15:34
- Zuletzt bearbeitet 16.12.2025 20:29:30
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs nee...
CVE-2025-37964
- EPSS 0.15%
- Veröffentlicht 20.05.2025 16:15:34
- Zuletzt bearbeitet 16.12.2025 20:30:11
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Eliminate window where TLB flushes may be inadvertently skipped tl;dr: There is a window in the mm switching code where the new CR3 is set and the CPU should be getting TLB...
CVE-2025-37951
- EPSS 0.15%
- Veröffentlicht 20.05.2025 16:15:33
- Zuletzt bearbeitet 17.12.2025 20:05:00
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Add job to pending list if the reset was skipped When a CL/CSD job times out, we check if the GPU has made any progress since the last timeout. If so, instead of resetting...
CVE-2025-37953
- EPSS 0.15%
- Veröffentlicht 20.05.2025 16:15:33
- Zuletzt bearbeitet 17.12.2025 20:04:41
In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following ...
CVE-2025-37947
- EPSS 0.2%
- Veröffentlicht 20.05.2025 16:15:32
- Zuletzt bearbeitet 17.03.2026 15:56:07
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating *pos ksmbd_vfs_stream_write() did not validate whether the write offset (*pos) was within the bounds of the existing stream...
CVE-2025-37948
- EPSS 0.16%
- Veröffentlicht 20.05.2025 16:15:32
- Zuletzt bearbeitet 18.12.2025 20:57:12
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen nex...
CVE-2025-37949
- EPSS 0.16%
- Veröffentlicht 20.05.2025 16:15:32
- Zuletzt bearbeitet 17.12.2025 20:05:13
In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track req lifetime Marek reported seeing a NULL pointer fault in the xenbus_thread callstack: BUG: kernel NULL pointer dereference, address: 0000000000000000 RI...
CVE-2025-37940
- EPSS 0.13%
- Veröffentlicht 20.05.2025 15:58:17
- Zuletzt bearbeitet 19.12.2025 17:44:15
In the Linux kernel, the following vulnerability has been resolved: ftrace: Add cond_resched() to ftrace_graph_set_hash() When the kernel contains a large number of functions that can be traced, the loop in ftrace_graph_set_hash() may take a lot of...
CVE-2025-37938
- EPSS 0.16%
- Veröffentlicht 20.05.2025 15:34:40
- Zuletzt bearbeitet 19.12.2025 17:44:09
In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%*p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace e...