- EPSS 0.18%
- Veröffentlicht 24.10.2025 12:24:59
- Zuletzt bearbeitet 15.04.2026 00:35:42
In the Linux kernel, the following vulnerability has been resolved: vhost: Take a reference on the task in struct vhost_task. vhost_task_create() creates a task and keeps a reference to its task_struct. That task may exit early via a signal and its...
- EPSS 0.19%
- Veröffentlicht 24.10.2025 12:24:57
- Zuletzt bearbeitet 15.04.2026 00:35:42
In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamic_events interface on tracefs is compatible with kprobe_events and uprobe_events, it should also check the l...
- EPSS 0.19%
- Veröffentlicht 24.10.2025 12:24:56
- Zuletzt bearbeitet 15.04.2026 00:35:42
In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 (which is the case for PC CAN FD interfaces suppo...
- EPSS 0.27%
- Veröffentlicht 24.10.2025 11:44:29
- Zuletzt bearbeitet 15.04.2026 00:35:42
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encry...
- EPSS 0.19%
- Veröffentlicht 24.10.2025 11:44:28
- Zuletzt bearbeitet 15.04.2026 00:35:42
In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flus...
CVE-2025-62526
- EPSS 0.25%
- Veröffentlicht 22.10.2025 14:59:43
- Zuletzt bearbeitet 30.10.2025 17:21:42
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitra...
CVE-2025-62525
- EPSS 0.17%
- Veröffentlicht 22.10.2025 14:59:15
- Zuletzt bearbeitet 30.10.2025 17:34:02
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. Thi...
- EPSS 0.23%
- Veröffentlicht 20.10.2025 15:29:10
- Zuletzt bearbeitet 18.04.2026 09:16:12
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. ``` Each Unit and Termin...
- EPSS 0.23%
- Veröffentlicht 20.10.2025 15:29:09
- Zuletzt bearbeitet 15.04.2026 00:35:42
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fix potential null pointer dereference It is possible that the topology parsing function audioreach_widget_load_module_common() could return NULL or an erro...
- EPSS 0.22%
- Veröffentlicht 20.10.2025 15:26:57
- Zuletzt bearbeitet 15.04.2026 00:35:42
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix warning in smc_rx_splice() when calling get_page() smc_lo_register_dmb() allocates DMB buffers with kzalloc(), which are later passed to get_page() in smc_rx_splice()....