CVE-2025-38644
- EPSS 0.15%
- Veröffentlicht 22.08.2025 16:00:49
- Zuletzt bearbeitet 07.01.2026 16:21:33
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211...
CVE-2025-38640
- EPSS 0.15%
- Veröffentlicht 22.08.2025 16:00:46
- Zuletzt bearbeitet 26.11.2025 16:36:32
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nf_hook_run_bpf(). syzbot reported that the netfilter bpf prog can be called without migration disabled in xmit path. Then the assertion in __bpf_prog_ru...
CVE-2025-38639
- EPSS 0.16%
- Veröffentlicht 22.08.2025 16:00:45
- Zuletzt bearbeitet 07.01.2026 16:25:53
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_nfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor...
CVE-2025-38635
- EPSS 0.16%
- Veröffentlicht 22.08.2025 16:00:43
- Zuletzt bearbeitet 07.01.2026 16:27:05
In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, davinci_lpsc_clk_register() does not check for th...
CVE-2025-38636
- EPSS 0.14%
- Veröffentlicht 22.08.2025 16:00:43
- Zuletzt bearbeitet 26.11.2025 17:12:06
In the Linux kernel, the following vulnerability has been resolved: rv: Use strings in da monitors tracepoints Using DA monitors tracepoints with KASAN enabled triggers the following warning: BUG: KASAN: global-out-of-bounds in do_trace_event_raw...
CVE-2025-38634
- EPSS 0.15%
- Veröffentlicht 22.08.2025 16:00:42
- Zuletzt bearbeitet 07.01.2026 16:28:09
In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for power_supply_get_by_name In the cpcap_usb_detect() function, the power_supply_get_by_name() function may return `NULL` instead of a...
CVE-2025-38632
- EPSS 0.1%
- Veröffentlicht 22.08.2025 16:00:40
- Zuletzt bearbeitet 26.11.2025 17:11:43
In the Linux kernel, the following vulnerability has been resolved: pinmux: fix race causing mux_owner NULL with active mux_usecount commit 5a3e85c3c397 ("pinmux: Use sequential access to access desc->pinmux data") tried to address the issue when t...
CVE-2025-38631
- EPSS 0.15%
- Veröffentlicht 22.08.2025 16:00:39
- Zuletzt bearbeitet 26.11.2025 17:10:50
In the Linux kernel, the following vulnerability has been resolved: clk: imx95-blk-ctl: Fix synchronous abort When enabling runtime PM for clock suppliers that also belong to a power domain, the following crash is thrown: error: synchronous externa...
CVE-2025-38630
- EPSS 0.15%
- Veröffentlicht 22.08.2025 16:00:38
- Zuletzt bearbeitet 07.01.2026 16:34:15
In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref fb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot allocate a struct fb_modelist. If that h...
CVE-2025-38628
- EPSS 0.15%
- Veröffentlicht 22.08.2025 16:00:36
- Zuletzt bearbeitet 26.11.2025 17:09:59
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5_vdpa_free() is the single entrypoint for removing the vdpa device re...