CVE-2025-37738
- EPSS 0.17%
- Veröffentlicht 01.05.2025 12:55:47
- Zuletzt bearbeitet 04.11.2025 18:17:03
In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: =====...
CVE-2025-23161
- EPSS 0.12%
- Veröffentlicht 01.05.2025 12:55:46
- Zuletzt bearbeitet 05.11.2025 17:51:58
In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be ...
CVE-2025-23162
- EPSS 0.15%
- Veröffentlicht 01.05.2025 12:55:46
- Zuletzt bearbeitet 05.11.2025 15:32:30
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Don't try to trigger a full GT reset if VF VFs don't have access to the GDRST(0x941c) register that driver uses to reset a GT. Attempt to trigger a reset using debugfs: ...
CVE-2025-23143
- EPSS 0.18%
- Veröffentlicht 01.05.2025 12:55:33
- Zuletzt bearbeitet 14.07.2026 13:17:32
In the Linux kernel, the following vulnerability has been resolved: net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. When I ran the repro [0] and waited a few seconds, I observed two LOCKDEP splats: a warning immediately follow...
CVE-2025-23141
- EPSS 0.17%
- Veröffentlicht 01.05.2025 12:55:31
- Zuletzt bearbeitet 01.06.2026 17:16:34
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses Acquire a lock on kvm->srcu when userspace is getting MP state to handle a rather extreme edge case wher...
CVE-2025-37838
- EPSS 0.19%
- Veröffentlicht 18.04.2025 14:20:55
- Zuletzt bearbeitet 03.11.2025 20:18:37
In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition In the ssi_protocol_probe() function, &ssi->work is bound with ssip_xmit_work(), In...
CVE-2025-37925
- EPSS 0.23%
- Veröffentlicht 18.04.2025 07:01:29
- Zuletzt bearbeitet 03.11.2025 18:15:55
In the Linux kernel, the following vulnerability has been resolved: jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668! Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 3...
CVE-2025-37785
- EPSS 0.24%
- Veröffentlicht 18.04.2025 07:01:27
- Zuletzt bearbeitet 14.07.2026 13:17:33
In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (la...
CVE-2021-47668
- EPSS 0.17%
- Veröffentlicht 17.04.2025 18:01:29
- Zuletzt bearbeitet 21.04.2025 18:41:27
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after t...
CVE-2020-36789
- EPSS 0.16%
- Veröffentlicht 17.04.2025 18:01:28
- Zuletzt bearbeitet 01.10.2025 17:15:31
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context If a driver calls can_get_echo_skb() during a hardware IRQ (which is often, but not always, the case),...