Latest CVE Feed
-
0.0
NACVE-2025-38727
In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->sk_rc... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Denial of Service
-
0.0
NACVE-2025-38714
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() The hfsplus_bnode_read() method can trigger the issue: [ 174.852007][ T9784] ==================================================... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38730
In the Linux kernel, the following vulnerability has been resolved: io_uring/net: commit partial buffers on retry Ring provided buffers are potentially only valid within the single execution context in which they were acquired. io_uring deals with this ... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38697
In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of tree index in dbAllocAG When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happe... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38694
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() In dib7090p_rw_on_apb, msg is controlled by user. When msg[0].buf is null and msg[0].len is zero, former check... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38680
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() The buffer length check before calling uvc_parse_format() only ensured that the buffer has at least 3 bytes (buflen ... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38707
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size.... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-38723
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix jump offset calculation in tailcall The extra pass of bpf_int_jit_compile() skips JIT context initialization which essentially skips offset calculation leaving out_o... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-38679
In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The event_seq_changed() handler processes a variable number of properties sent by the firmware. The number of pr... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38698
In the Linux kernel, the following vulnerability has been resolved: jfs: Regular file corruption check The reproducer builds a corrupted file on disk with a negative i_size value. Add a check when opening this file to avoid subsequent operation failures... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Misconfiguration
-
4.2
MEDIUMCVE-2025-23302
NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the LS10 could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.... Read more
Affected Products :- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-38701
In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr A syzbot fuzzed image triggered a BUG_ON in ext4_update_inline_data() when an inode had the INLINE_DATA_FL flag set but was ... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-38718
In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. syzbot re... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38696
In the Linux kernel, the following vulnerability has been resolved: MIPS: Don't crash in stack_top() for tasks without ABI or vDSO Not all tasks have an ABI associated or vDSO mapped, for example kthreads never do. If such a task ever ends up calling st... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38703
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Make dma-fences compliant with the safe access rules Xe can free some of the data pointed to by the dma-fences it exports. Most notably the timeline name can get freed if usersp... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38713
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() The hfsplus_readdir() method is capable to crash by calling hfsplus_uni2asc(): [ 667.121659][ T9805] ========================... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-23261
NVIDIA Cumulus Linux and NVOS products contain a vulnerability, where hashed user passwords are not properly suppressed in log files, potentially disclosing information to unauthorized users.... Read more
Affected Products : cumulus_linux- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Information Disclosure
-
0.0
NACVE-2025-38710
In the Linux kernel, the following vulnerability has been resolved: gfs2: Validate i_depth for exhash directories A fuzzer test introduced corruption that ends up with a depth of 0 in dir_e_read(), causing an undefined shift by 32 at: index = hash >>... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-38728
In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parse_server_interfaces()... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-38690
In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent infinite recursion If the buf + offset is not aligned to XE_CAHELINE_BYTES we fallback to using a bounce buffer. However the bounce buffer here is allocated on t... Read more
Affected Products : linux_kernel- Published: Sep. 04, 2025
- Modified: Sep. 05, 2025
- Vuln Type: Memory Corruption