20860 results (0.013 seconds)

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eeprom_readback message with a large |eeprom->v1.len, p54_rx_eeprom_readback() will copy data from the |message beyond the end of priv->eeprom. In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p5... • https://git.kernel.org/stable/c/7cb770729ba895f73253dfcd46c3fcba45d896f9 •

CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid syzbot reported a f2fs bug as below: INFO: task syz-executor140:5308 blocked for more than 143 seconds. • https://git.kernel.org/stable/c/98e4da8ca301e062d79ae168c67e56f3c3de3ce4 •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd671067 PMD 101808067 PTE 0 Oops: Oops: 0000 [#1] SMP KASAN PTI Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS RIP: 0010:sized_strscpy+0x81/0x2f0 RSP: 0018:ffff88812d76fa08 EF... • https://git.kernel.org/stable/c/aba4b5c22cbac296f4081a0476d0c55828f135b4 •

CVSS: 6.6EPSS: 0%CPEs: 8EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing ... • https://git.kernel.org/stable/c/4fa430a8bca708c7776f6b9d001257f48b19a5b7 •

CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. ... acpi_init+0x2af/0x3 ---truncated--- In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work f... • https://git.kernel.org/stable/c/1e0e629e88b1f7751ce69bf70cda6d1598d45271 •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast RA. ... In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. • https://git.kernel.org/stable/c/98686cd21624c75a043e96812beadddf4f6f48e5 •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in software_node_get_reference_args() software_node_get_reference_args() wants to get @index-th element, so the property value requires at least '(index + 1) * sizeof(*ref)' bytes but that can not be guaranteed by current OOB check, and may cause OOB for malformed property. In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in software_node_... • https://git.kernel.org/stable/c/59abd83672f70cac4b6bf9b237506c5bc6837606 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnic_mbx_map_msg() retains the ownership of the message on error. ... In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnic_mbx_map_msg() retains the ownership of the message on error. • https://git.kernel.org/stable/c/da3cde08209ec1c915195c2331c275397f34a731 •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - cs_dsp_mock_bin_add_name_or_info(), because the source string length was rounded up to the allocation size. In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - cs_dsp_mock_bin_add_name_or_info(), because the source strin... • https://git.kernel.org/stable/c/7c052c6615297ff32032105130cd5f02059f7ae4 •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: fix JIT code size calculation of bpf trampoline arch_bpf_trampoline_size() provides JIT size of the BPF trampoline before the buffer for JIT'ing it is allocated. ... In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: fix JIT code size calculation of bpf trampoline arch_bpf_trampoline_size() provides JIT size of the BPF trampoline before the buffer for JIT'ing it is allocated. • https://git.kernel.org/stable/c/d243b62b7bd3d5314382d3b54e4992226245e936 •