CVE-2025-39828
- EPSS 0.16%
- Veröffentlicht 16.09.2025 13:00:26
- Zuletzt bearbeitet 12.05.2026 13:17:14
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). syzbot reported the splat below. [0] When atmtcp_v_open() or atmtcp_v_close() is called via connect() or close(), at...
CVE-2025-39827
- EPSS 0.13%
- Veröffentlicht 16.09.2025 13:00:25
- Zuletzt bearbeitet 14.07.2026 13:17:50
In the Linux kernel, the following vulnerability has been resolved: net: rose: include node references in rose_neigh refcount Current implementation maintains two separate reference counting mechanisms: the 'count' field in struct rose_neigh tracks...
- EPSS 0.13%
- Veröffentlicht 16.09.2025 13:00:24
- Zuletzt bearbeitet 14.07.2026 13:17:50
In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcount_t The 'use' field in struct rose_neigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a rose_...
CVE-2025-39824
- EPSS 0.15%
- Veröffentlicht 16.09.2025 13:00:23
- Zuletzt bearbeitet 12.05.2026 13:17:13
In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HID_CLAIMED_INPUT validation After hid_hw_start() is called hidinput_connect() will eventually be called to set up the device with the input layer since the ...
CVE-2025-39825
- EPSS 0.1%
- Veröffentlicht 16.09.2025 13:00:23
- Zuletzt bearbeitet 12.05.2026 13:17:13
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename(2) Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for ...
CVE-2025-39823
- EPSS 0.17%
- Veröffentlicht 16.09.2025 13:00:22
- Zuletzt bearbeitet 12.05.2026 13:17:13
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use array_index_nospec with indices that come from guest min and dest_id are guest-controlled indices. Using array_index_nospec() after the bounds checks clamps these val...
CVE-2025-39819
- EPSS 0.14%
- Veröffentlicht 16.09.2025 13:00:19
- Zuletzt bearbeitet 12.05.2026 13:17:13
In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fix inconsistent refcnt update A possible inconsistent update of refcount was identified in `smb2_compound_op`. Such inconsistent update could lead to possible resource lea...
CVE-2025-39817
- EPSS 0.15%
- Veröffentlicht 16.09.2025 13:00:17
- Zuletzt bearbeitet 12.05.2026 13:17:13
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare Observed on kernel 6.6 (present on master as well): BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: ka...
CVE-2025-39815
- EPSS 0.14%
- Veröffentlicht 16.09.2025 13:00:16
- Zuletzt bearbeitet 14.01.2026 19:16:42
In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: fix stack overrun when loading vlenb The userspace load can put up to 2048 bits into an xlen bit stack buffer. We want only xlen bits, so check the size beforehand.
CVE-2025-39812
- EPSS 0.16%
- Veröffentlicht 16.09.2025 13:00:14
- Zuletzt bearbeitet 12.05.2026 13:17:12
In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctp_v6_from_sk() syzbot found that sin6_scope_id was not properly initialized, leading to undefined behavior. Clear sin6_scope_id and sin6_flowinf...