CVE-2025-38420
- EPSS 0.17%
- Veröffentlicht 25.07.2025 15:15:26
- Zuletzt bearbeitet 23.12.2025 18:42:01
In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports [1, 2] crashes caused by an attempts to ping the device which has failed to load firmware. Si...
CVE-2025-38421
- EPSS 0.16%
- Veröffentlicht 25.07.2025 15:15:26
- Zuletzt bearbeitet 19.11.2025 18:59:33
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmf: Use device managed allocations If setting up smart PC fails for any reason then this can lead to a double free when unloading amd-pmf. This is because dev->...
CVE-2025-38414
- EPSS 0.16%
- Veröffentlicht 25.07.2025 14:15:33
- Zuletzt bearbeitet 19.11.2025 18:59:15
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 GCC_GCC_PCIE_HOT_RST is wrongly defined for WCN7850, causing kernel crash on some specific platforms. Since this regi...
CVE-2025-38415
- EPSS 0.18%
- Veröffentlicht 25.07.2025 14:15:33
- Zuletzt bearbeitet 23.12.2025 18:45:31
In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sb_min_blocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfs_bio_read" bug. Syzkaller forks multiple processes which after mounti...
CVE-2025-38416
- EPSS 0.18%
- Veröffentlicht 25.07.2025 14:15:33
- Zuletzt bearbeitet 23.12.2025 18:45:10
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty->disc_data only in success path Setting tty->disc_data before opening the NCI device means we need to clean it up on error paths. This also opens some shor...
CVE-2025-38418
- EPSS 0.16%
- Veröffentlicht 25.07.2025 14:15:33
- Zuletzt bearbeitet 23.12.2025 18:42:58
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Release rproc->clean_table after rproc_attach() fails When rproc->state = RPROC_DETACHED is attached to remote processor through rproc_attach(), if rproc_handle_r...
CVE-2025-38419
- EPSS 0.16%
- Veröffentlicht 25.07.2025 14:15:33
- Zuletzt bearbeitet 23.12.2025 18:42:25
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() When rproc->state = RPROC_DETACHED and rproc_attach() is used to attach to the re...
CVE-2025-38405
- EPSS 0.16%
- Veröffentlicht 25.07.2025 14:15:32
- Zuletzt bearbeitet 19.11.2025 18:18:34
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128 slab or more precisely bio->bi_integrity. Since c...
CVE-2025-38406
- EPSS 0.17%
- Veröffentlicht 25.07.2025 14:15:32
- Zuletzt bearbeitet 23.12.2025 19:45:18
In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: remove WARN on bad firmware input If the firmware gives bad input, that's nothing to do with the driver's stack at this point etc., so the WARN_ON() doesn't add any v...
CVE-2025-38407
- EPSS 0.15%
- Veröffentlicht 25.07.2025 14:15:32
- Zuletzt bearbeitet 19.11.2025 18:19:03
In the Linux kernel, the following vulnerability has been resolved: riscv: cpu_ops_sbi: Use static array for boot_data Since commit 6b9f29b81b15 ("riscv: Enable pcpu page first chunk allocator"), if NUMA is enabled, the page percpu allocator may be...