CVE-2025-38426
- EPSS 0.16%
- Veröffentlicht 25.07.2025 15:15:27
- Zuletzt bearbeitet 25.03.2026 11:16:11
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add basic validation for RAS header If RAS header read from EEPROM is corrupted, it could result in trying to allocate huge memory for reading the records. Add some val...
CVE-2025-38428
- EPSS 0.18%
- Veröffentlicht 25.07.2025 15:15:27
- Zuletzt bearbeitet 23.12.2025 18:28:26
In the Linux kernel, the following vulnerability has been resolved: Input: ims-pcu - check record size in ims_pcu_flash_firmware() The "len" variable comes from the firmware and we generally do trust firmware, but it's always better to double check...
CVE-2025-38430
- EPSS 0.17%
- Veröffentlicht 25.07.2025 15:15:27
- Zuletzt bearbeitet 12.05.2026 13:16:49
In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have undefined resu...
CVE-2025-38420
- EPSS 0.17%
- Veröffentlicht 25.07.2025 15:15:26
- Zuletzt bearbeitet 23.12.2025 18:42:01
In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports [1, 2] crashes caused by an attempts to ping the device which has failed to load firmware. Si...
CVE-2025-38415
- EPSS 0.18%
- Veröffentlicht 25.07.2025 14:15:33
- Zuletzt bearbeitet 23.12.2025 18:45:31
In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sb_min_blocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfs_bio_read" bug. Syzkaller forks multiple processes which after mounti...
CVE-2025-38406
- EPSS 0.17%
- Veröffentlicht 25.07.2025 14:15:32
- Zuletzt bearbeitet 23.12.2025 19:45:18
In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: remove WARN on bad firmware input If the firmware gives bad input, that's nothing to do with the driver's stack at this point etc., so the WARN_ON() doesn't add any v...
CVE-2025-38408
- EPSS 0.16%
- Veröffentlicht 25.07.2025 14:15:32
- Zuletzt bearbeitet 17.03.2026 13:42:15
In the Linux kernel, the following vulnerability has been resolved: genirq/irq_sim: Initialize work context pointers properly Initialize `ops` member's pointers properly by using kzalloc() instead of kmalloc() when allocating the simulation work co...
CVE-2025-38409
- EPSS 0.16%
- Veröffentlicht 25.07.2025 14:15:32
- Zuletzt bearbeitet 23.12.2025 19:46:10
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path put_unused_fd() doesn't free the installed file, if we've already done fd_install(). So we need to also free the sync_file. Pat...
CVE-2025-38410
- EPSS 0.16%
- Veröffentlicht 25.07.2025 14:15:32
- Zuletzt bearbeitet 23.12.2025 19:46:32
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drm_sched_entity_push_job(), so msm_job_free() will never get called. Sinc...
CVE-2025-38403
- EPSS 0.18%
- Veröffentlicht 25.07.2025 14:15:31
- Zuletzt bearbeitet 23.12.2025 19:42:42
In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet before populating the fields to avoid any u...