CVE-2025-39839
- EPSS 0.16%
- Veröffentlicht 19.09.2025 15:26:14
- Zuletzt bearbeitet 12.05.2026 13:17:14
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadv_nc_skb_decode_packet() trusts coded_len and checks only against skb->len. XOR starts at sizeof(struct batadv_unicast_...
CVE-2025-39838
- EPSS 0.15%
- Veröffentlicht 19.09.2025 15:26:13
- Zuletzt bearbeitet 12.05.2026 13:17:14
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to __cifs_sfu_make_node without checks, which passes it ...
CVE-2022-50380
- EPSS 0.15%
- Veröffentlicht 18.09.2025 13:33:02
- Zuletzt bearbeitet 14.01.2026 19:16:11
In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smaps_rollup: fix no vma's null-deref Commit 258f669e7e88 ("mm: /proc/pid/smaps_rollup: convert to single value seq_file") introduced a null-deref if there are no vma...
CVE-2025-59691
- EPSS 0.2%
- Veröffentlicht 18.09.2025 00:00:00
- Zuletzt bearbeitet 15.04.2026 00:35:42
PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv...
CVE-2025-59692
- EPSS 0.19%
- Veröffentlicht 18.09.2025 00:00:00
- Zuletzt bearbeitet 15.04.2026 00:35:42
PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been confi...
CVE-2025-39836
- EPSS 0.14%
- Veröffentlicht 16.09.2025 13:08:52
- Zuletzt bearbeitet 14.01.2026 19:16:44
In the Linux kernel, the following vulnerability has been resolved: efi: stmm: Fix incorrect buffer allocation method The communication buffer allocated by setup_mm_hdr() is later on passed to tee_shm_register_kernel_buf(). The latter expects those...
CVE-2025-39835
- EPSS 0.16%
- Veröffentlicht 16.09.2025 13:08:51
- Zuletzt bearbeitet 12.05.2026 13:17:14
In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA (aka ENOATTR) has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could n...
CVE-2025-39833
- EPSS 0.12%
- Veröffentlicht 16.09.2025 13:08:50
- Zuletzt bearbeitet 14.01.2026 19:16:44
In the Linux kernel, the following vulnerability has been resolved: mISDN: hfcpci: Fix warning when deleting uninitialized timer With CONFIG_DEBUG_OBJECTS_TIMERS unloading hfcpci module leads to the following splat: [ 250.215892] ODEBUG: assert_i...
CVE-2025-39832
- EPSS 0.11%
- Veröffentlicht 16.09.2025 13:08:49
- Zuletzt bearbeitet 14.01.2026 19:16:44
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink r...
CVE-2025-39829
- EPSS 0.14%
- Veröffentlicht 16.09.2025 13:00:27
- Zuletzt bearbeitet 14.01.2026 19:16:43
In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftrace_suspend_notifier_call already regi...