CVE-2025-2312
- EPSS 0.15%
- Veröffentlicht 25.03.2025 18:15:34
- Zuletzt bearbeitet 15.04.2026 00:35:42
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data fro...
CVE-2025-0927
- EPSS 0.05%
- Veröffentlicht 23.03.2025 15:00:47
- Zuletzt bearbeitet 08.04.2025 08:15:14
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Filesystem bugs due to corrupt images are not considered a CVE for any filesystem that is only mountable by CAP_SYS_ADMIN in the initial user namespace. That ...
CVE-2023-52927
- EPSS 0.29%
- Veröffentlicht 14.03.2025 14:25:59
- Zuletzt bearbeitet 14.07.2026 13:17:05
In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in s...
CVE-2025-21862
- EPSS 0.22%
- Veröffentlicht 12.03.2025 09:42:19
- Zuletzt bearbeitet 12.05.2026 13:16:39
In the Linux kernel, the following vulnerability has been resolved: drop_monitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU#1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 0000...
CVE-2025-21859
- EPSS 0.16%
- Veröffentlicht 12.03.2025 09:42:12
- Zuletzt bearbeitet 12.05.2026 13:16:38
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: f_midi: f_midi_complete to call queue_work When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to f_midi_transmit, causing a deadlo...
CVE-2025-21858
- EPSS 0.23%
- Veröffentlicht 12.03.2025 09:42:11
- Zuletzt bearbeitet 12.05.2026 13:16:38
In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a use-after-free in geneve_find_dev() [0] without repro. geneve_configure() links struct geneve_dev.next to net...
CVE-2025-21855
- EPSS 0.21%
- Veröffentlicht 12.03.2025 09:42:09
- Zuletzt bearbeitet 03.11.2025 20:17:22
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Don't reference skb after sending to VIOS Previously, after successfully flushing the xmit buffer to VIOS, the tx_bytes stat was incremented by the length of the skb. It ...
CVE-2025-21846
- EPSS 0.21%
- Veröffentlicht 12.03.2025 09:42:02
- Zuletzt bearbeitet 14.07.2026 13:17:24
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2) system call can be used to trigger NULL deref in cases where it is set to write to a file that trigg...
CVE-2025-21835
- EPSS 0.2%
- Veröffentlicht 07.03.2025 09:15:16
- Zuletzt bearbeitet 12.05.2026 13:16:37
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_midi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct inf...
CVE-2025-21838
- EPSS 0.19%
- Veröffentlicht 07.03.2025 09:15:16
- Zuletzt bearbeitet 03.11.2025 20:17:21
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: flush gadget workqueue after device removal device_del() can lead to new work being scheduled in gadget->work workqueue. This is observed, for example, with the ...