CVE-2025-37822
- EPSS 0.21%
- Veröffentlicht 08.05.2025 06:26:16
- Zuletzt bearbeitet 17.03.2026 15:02:19
In the Linux kernel, the following vulnerability has been resolved: riscv: uprobes: Add missing fence.i after building the XOL buffer The XOL (execute out-of-line) buffer is used to single-step the replaced instruction(s) for uprobes. The RISC-V po...
CVE-2025-37823
- EPSS 0.18%
- Veröffentlicht 08.05.2025 06:26:16
- Zuletzt bearbeitet 10.11.2025 15:52:37
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable rep...
CVE-2025-37820
- EPSS 0.16%
- Veröffentlicht 08.05.2025 06:26:14
- Zuletzt bearbeitet 12.11.2025 21:24:20
In the Linux kernel, the following vulnerability has been resolved: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() The function xdp_convert_buff_to_frame() may return NULL if it fails to correctly convert the XDP buffer into an X...
CVE-2025-37819
- EPSS 0.17%
- Veröffentlicht 08.05.2025 06:26:13
- Zuletzt bearbeitet 12.11.2025 21:25:03
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pci subsystem as pci_msi_get_fwnode_cb(), which may ge...
CVE-2025-37816
- EPSS 0.17%
- Veröffentlicht 08.05.2025 06:26:12
- Zuletzt bearbeitet 12.11.2025 21:37:34
In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid counted_by() use gcc 15 honors the __counted_by(len) attribute on vsc_tp_packet.buf[] and the vsc-tp.c code is using this in a wrong w...
CVE-2025-37817
- EPSS 0.18%
- Veröffentlicht 08.05.2025 06:26:12
- Zuletzt bearbeitet 12.11.2025 21:36:47
In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleon_parse_gdd() In chameleon_parse_gdd(), if mcb_device_register() fails, 'mdev' would be released in mcb_device_register() via put_device(). Th...
CVE-2025-37815
- EPSS 0.16%
- Veröffentlicht 08.05.2025 06:26:11
- Zuletzt bearbeitet 12.11.2025 21:37:45
In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acqu...
CVE-2025-37813
- EPSS 0.16%
- Veröffentlicht 08.05.2025 06:26:10
- Zuletzt bearbeitet 12.11.2025 21:38:20
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before prepare_transfer() and prepare_ring(), so enqueue can already point at the final link ...
CVE-2025-37812
- EPSS 0.13%
- Veröffentlicht 08.05.2025 06:26:09
- Zuletzt bearbeitet 12.11.2025 21:39:11
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit 58f2fcb3a845 ("usb: cdnsp: Fix deadlock issue during using NCM...
CVE-2025-37810
- EPSS 0.19%
- Veröffentlicht 08.05.2025 06:26:08
- Zuletzt bearbeitet 12.11.2025 21:40:46
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but ...