CVE-2025-38729
- EPSS 0.18%
- Veröffentlicht 04.09.2025 15:33:26
- Zuletzt bearbeitet 12.05.2026 13:17:03
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by...
CVE-2025-38727
- EPSS 0.15%
- Veröffentlicht 04.09.2025 15:33:25
- Zuletzt bearbeitet 14.07.2026 13:17:46
In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->...
CVE-2025-38725
- EPSS 0.14%
- Veröffentlicht 04.09.2025 15:33:23
- Zuletzt bearbeitet 14.07.2026 13:17:45
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: add phy_mask for ax88772 mdio bus Without setting phy_mask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address rang...
CVE-2025-38724
- EPSS 0.16%
- Veröffentlicht 04.09.2025 15:33:22
- Zuletzt bearbeitet 12.05.2026 13:17:02
In the Linux kernel, the following vulnerability has been resolved: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Lei Lu recently reported that nfsd4_setclientid_confirm() did not check the return value from get_client_loc...
CVE-2025-38723
- EPSS 0.15%
- Veröffentlicht 04.09.2025 15:33:16
- Zuletzt bearbeitet 12.05.2026 13:17:02
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix jump offset calculation in tailcall The extra pass of bpf_int_jit_compile() skips JIT context initialization which essentially skips offset calculation leaving ...
CVE-2025-38722
- EPSS 0.14%
- Veröffentlicht 04.09.2025 15:33:15
- Zuletzt bearbeitet 25.11.2025 21:47:55
In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix UAF in export_dmabuf() As soon as we'd inserted a file reference into descriptor table, another thread could close it. That's fine for the case when all we are doi...
CVE-2025-38721
- EPSS 0.16%
- Veröffentlicht 04.09.2025 15:33:14
- Zuletzt bearbeitet 14.07.2026 13:17:42
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix refcount leak on table dump There is a reference count leak in ctnetlink_dump_table(): if (res < 0) { nf_conntrack_get(&ct->ct_gener...
CVE-2025-38718
- EPSS 0.15%
- Veröffentlicht 04.09.2025 15:33:12
- Zuletzt bearbeitet 17.03.2026 16:21:17
In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzb...
CVE-2025-38717
- EPSS 0.1%
- Veröffentlicht 04.09.2025 15:33:11
- Zuletzt bearbeitet 25.11.2025 22:07:31
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcm_unattach() syzbot found a race condition when kcm_unattach(psock) and kcm_release(kcm) are executed at the same time. kcm_unattach() is missing...
CVE-2025-38716
- EPSS 0.14%
- Veröffentlicht 04.09.2025 15:33:10
- Zuletzt bearbeitet 25.11.2025 22:07:21
In the Linux kernel, the following vulnerability has been resolved: hfs: fix general protection fault in hfs_find_init() The hfs_find_init() method can trigger the crash if tree pointer is NULL: [ 45.746290][ T9787] Oops: general protection faul...