CVE-2025-37900
- EPSS 0.16%
- Veröffentlicht 20.05.2025 15:21:35
- Zuletzt bearbeitet 19.11.2025 14:43:49
In the Linux kernel, the following vulnerability has been resolved: iommu: Fix two issues in iommu_copy_struct_from_user() In the review for iommu_copy_struct_to_user() helper, Matt pointed out that a NULL pointer should be rejected prior to derefe...
CVE-2025-37899
- EPSS 0.38%
- Veröffentlicht 20.05.2025 15:21:34
- Zuletzt bearbeitet 06.12.2025 22:15:50
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to b...
CVE-2025-37897
- EPSS 0.16%
- Veröffentlicht 20.05.2025 15:21:33
- Zuletzt bearbeitet 19.11.2025 14:37:37
In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release plfxlc_mac_release() asserts that mac->lock is held. This assertion is incorrect, because even if it was possible, it wo...
CVE-2025-37892
- EPSS 0.16%
- Veröffentlicht 20.05.2025 11:15:48
- Zuletzt bearbeitet 12.11.2025 20:35:43
In the Linux kernel, the following vulnerability has been resolved: mtd: inftlcore: Add error check for inftl_read_oob() In INFTL_findwriteunit(), the return value of inftl_read_oob() need to be checked. A proper implementation can be found in INFT...
CVE-2025-37891
- EPSS 0.21%
- Veröffentlicht 19.05.2025 07:19:04
- Zuletzt bearbeitet 17.11.2025 19:21:12
In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and ...
CVE-2025-37890
- EPSS 0.16%
- Veröffentlicht 16.05.2025 13:01:12
- Zuletzt bearbeitet 17.11.2025 17:11:57
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The...
CVE-2024-28956
- EPSS 0.37%
- Veröffentlicht 13.05.2025 21:15:59
- Zuletzt bearbeitet 14.07.2026 13:17:07
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-37889
- EPSS 0.23%
- Veröffentlicht 09.05.2025 06:45:50
- Zuletzt bearbeitet 17.11.2025 17:13:03
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Consistently treat platform_max as control value This reverts commit 9bdd10d57a88 ("ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min"), and makes some addit...
CVE-2025-37887
- EPSS 0.23%
- Veröffentlicht 09.05.2025 06:45:49
- Zuletzt bearbeitet 12.11.2025 19:36:44
In the Linux kernel, the following vulnerability has been resolved: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result If the FW doesn't support the PDS_CORE_CMD_FW_CONTROL command the driver might at the least print garbage and at the wor...
CVE-2025-37885
- EPSS 0.26%
- Veröffentlicht 09.05.2025 06:45:48
- Zuletzt bearbeitet 12.11.2025 19:36:29
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an IRTE back to host control (remapped or posted MSI mode) if the *new* GSI route prevents posting the IR...