https://db.gcve.eu/sightings/feed 2026-05-20T09:16:03.087375+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/92345574-1038-4a07-a9a0-7d62b3df0ead/export 2026-05-20T09:16:03.245133+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "92345574-1038-4a07-a9a0-7d62b3df0ead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21982", "type": "seen", "source": "https://t.me/cvedetector/21783", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-21982 - \"NuvoTon Npcm8xx Linux Kernel Null Pointer Dereference\"\", \n \"Content\": \"CVE ID : CVE-2025-21982 \nPublished : April 1, 2025, 4:15 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \npinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xx_gpio_fw \n \ndevm_kasprintf() calls can return null pointers on failure. \nBut the return values were not checked in npcm8xx_gpio_fw(). \nAdd NULL check in npcm8xx_gpio_fw(), to handle kernel NULL \npointer dereference error. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T19:44:26.000000Z"} 2025-04-01T19:44:26+00:00 https://db.gcve.eu/sighting/a00f5bd6-d902-4ab0-9947-9bfcea9bbca3/export 2026-05-20T09:16:03.245061+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "a00f5bd6-d902-4ab0-9947-9bfcea9bbca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21984", "type": "seen", "source": "https://t.me/cvedetector/21785", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-21984 - Linux Kernel mm Swapcache Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-21984 \nPublished : April 1, 2025, 4:15 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nmm: fix kernel BUG when userfaultfd_move encounters swapcache \n \nuserfaultfd_move() checks whether the PTE entry is present or a \nswap entry. \n \n- If the PTE entry is present, move_present_pte() handles folio \n migration by setting: \n \n src_folio->index = linear_page_index(dst_vma, dst_addr); \n \n- If the PTE entry is a swap entry, move_swap_pte() simply copies \n the PTE to the new dst_addr. \n \nThis approach is incorrect because, even if the PTE is a swap entry, \nit can still reference a folio that remains in the swap cache. \n \nThis creates a race window between steps 2 and 4. \n 1. add_to_swap: The folio is added to the swapcache. \n 2. try_to_unmap: PTEs are converted to swap entries. \n 3. pageout: The folio is written back. \n 4. Swapcache is cleared. \nIf userfaultfd_move() occurs in the window between steps 2 and 4, \nafter the swap PTE has been moved to the destination, accessing the \ndestination triggers do_swap_page(), which may locate the folio in \nthe swapcache. However, since the folio's index has not been updated \nto match the destination VMA, do_swap_page() will detect a mismatch. \n \nThis can result in two critical issues depending on the system \nconfiguration. \n \nIf KSM is disabled, both small and large folios can trigger a BUG \nduring the add_rmap operation due to: \n \n page_pgoff(folio, page) != linear_page_index(vma, address) \n \n[ 13.336953] page: refcount:6 mapcount:1 mapping:00000000f43db19c index:0xffffaf150 pfn:0x4667c \n[ 13.337520] head: order:2 mapcount:1 entire_mapcount:0 nr_pages_mapped:1 pincount:0 \n[ 13.337716] memcg:ffff00000405f000 \n[ 13.337849] anon flags: 0x3fffc0000020459(locked|uptodate|dirty|owner_priv_1|head|swapbacked|node=0|zone=0|lastcpupid=0xffff) \n[ 13.338630] raw: 03fffc0000020459 ffff80008507b538 ffff80008507b538 ffff000006260361 \n[ 13.338831] raw: 0000000ffffaf150 0000000000004000 0000000600000000 ffff00000405f000 \n[ 13.339031] head: 03fffc0000020459 ffff80008507b538 ffff80008507b538 ffff000006260361 \n[ 13.339204] head: 0000000ffffaf150 0000000000004000 0000000600000000 ffff00000405f000 \n[ 13.339375] head: 03fffc0000000202 fffffdffc0199f01 ffffffff00000000 0000000000000001 \n[ 13.339546] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 \n[ 13.339736] page dumped because: VM_BUG_ON_PAGE(page_pgoff(folio, page) != linear_page_index(vma, address)) \n[ 13.340190] ------------[ cut here ]------------ \n[ 13.340316] kernel BUG at mm/rmap.c:1380! \n[ 13.340683] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP \n[ 13.340969] Modules linked in: \n[ 13.341257] CPU: 1 UID: 0 PID: 107 Comm: a.out Not tainted 6.14.0-rc3-gcf42737e247a-dirty #299 \n[ 13.341470] Hardware name: linux,dummy-virt (DT) \n[ 13.341671] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) \n[ 13.341815] pc : __page_check_anon_rmap+0xa0/0xb0 \n[ 13.341920] lr : __page_check_anon_rmap+0xa0/0xb0 \n[ 13.342018] sp : ffff80008752bb20 \n[ 13.342093] x29: ffff80008752bb20 x28: fffffdffc0199f00 x27: 0000000000000001 \n[ 13.342404] x26: 0000000000000000 x25: 0000000000000001 x24: 0000000000000001 \n[ 13.342575] x23: 0000ffffaf0d0000 x22: 0000ffffaf0d0000 x21: fffffdffc0199f00 \n[ 13.342731] x20: fffffdffc0199f00 x19: ffff000006210700 x18: 00000000ffffffff \n[ 13.342881] x17: 6c203d2120296567 x16: 6170202c6f696c6f x15: 662866666f67705f \n[ 13.343033] x14: 6567617028454741 x13: 2929737365726464 x12: ffff800083728ab0 \n[ 13.343183] x11: ffff800082996bf8 x10: 0000000000000fd7 x9 : ffff80008011bc40 \n[ 13.343351] x8 : 0000000000017fe8 x7 : 00000000fffff000 x6 : ffff8000829eebf8 \n[ 13.343498] x5 : c0000000fffff000 x4 : 0000000000000000 x3 : 0000000000000000 [...]", "creation_timestamp": "2025-04-01T19:44:30.000000Z"} 2025-04-01T19:44:30+00:00 https://db.gcve.eu/sighting/779d6fb0-8d2a-49ae-9a99-8b95c1c59e0e/export 2026-05-20T09:16:03.245006+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "779d6fb0-8d2a-49ae-9a99-8b95c1c59e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21985", "type": "seen", "source": "https://t.me/cvedetector/21787", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-21985 - AMD Display Out-of-Bounds Array Index Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-21985 \nPublished : April 1, 2025, 4:15 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/amd/display: Fix out-of-bound accesses \n \n[WHAT & HOW] \nhpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4), \nbut location can have size up to 6. As a result, it is necessary to \ncheck location against MAX_HPO_DP2_ENCODERS. \n \nSimiliarly, disp_cfg_stream_location can be used as an array index which \nshould be 0..5, so the ASSERT's conditions should be less without equal. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T19:44:32.000000Z"} 2025-04-01T19:44:32+00:00 https://db.gcve.eu/sighting/5c0ff74b-8874-445b-bc7a-b1242a361e1d/export 2026-05-20T09:16:03.244951+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "5c0ff74b-8874-445b-bc7a-b1242a361e1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21987", "type": "seen", "source": "https://t.me/cvedetector/21866", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-21987 - AMDGPU Uninitialized Value Return Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-21987 \nPublished : April 2, 2025, 1:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/amdgpu: init return value in amdgpu_ttm_clear_buffer \n \nOtherwise an uninitialized value can be returned if \namdgpu_res_cleared returns true for all regions. \n \nPossibly closes: \n \n(cherry picked from commit 7c62aacc3b452f73a1284198c81551035fac6d71) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T16:39:24.000000Z"} 2025-04-02T16:39:24+00:00 https://db.gcve.eu/sighting/d23e8a0d-c4d8-4947-b291-78943b51fb3d/export 2026-05-20T09:16:03.244894+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "d23e8a0d-c4d8-4947-b291-78943b51fb3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21988", "type": "seen", "source": "https://t.me/cvedetector/21867", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-21988 - Linux Kernel Netfs Read Collect Data Corruption Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-21988 \nPublished : April 2, 2025, 1:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nfs/netfs/read_collect: add to next->prev_donated \n \nIf multiple subrequests donate data to the same \"next\" request \n(depending on the subrequest completion order), each of them would \noverwrite the `prev_donated` field, causing data corruption and a \nBUG() crash (\"Can't donate prior to front\"). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T16:39:25.000000Z"} 2025-04-02T16:39:25+00:00 https://db.gcve.eu/sighting/58c6ab81-1b7a-4981-a0f4-61ecfdb93674/export 2026-05-20T09:16:03.244834+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "58c6ab81-1b7a-4981-a0f4-61ecfdb93674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21989", "type": "seen", "source": "https://t.me/cvedetector/21868", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-21989 - AMDGPU NULL Pointer Dereference\", \n \"Content\": \"CVE ID : CVE-2025-21989 \nPublished : April 2, 2025, 1:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/amd/display: fix missing .is_two_pixels_per_container \n \nStarting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1, \ndue to lack of .is_two_pixels_per_container function in dce60_tg_funcs, \ncauses a NULL pointer dereference on PCs with old GPUs, such as R9 280X. \n \nSo this fix adds missing .is_two_pixels_per_container to dce60_tg_funcs. \n \n(cherry picked from commit bd4b125eb949785c6f8a53b0494e32795421209d) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T16:39:26.000000Z"} 2025-04-02T16:39:26+00:00 https://db.gcve.eu/sighting/8ea2f7a7-1635-4f95-8bb8-619a196017d0/export 2026-05-20T09:16:03.244754+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "8ea2f7a7-1635-4f95-8bb8-619a196017d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21986", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14811", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21986\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: switchdev: Convert blocking notification chain to a raw one\n\nA blocking notification chain uses a read-write semaphore to protect the\nintegrity of the chain. The semaphore is acquired for writing when\nadding / removing notifiers to / from the chain and acquired for reading\nwhen traversing the chain and informing notifiers about an event.\n\nIn case of the blocking switchdev notification chain, recursive\nnotifications are possible which leads to the semaphore being acquired\ntwice for reading and to lockdep warnings being generated [1].\n\nSpecifically, this can happen when the bridge driver processes a\nSWITCHDEV_BRPORT_UNOFFLOADED event which causes it to emit notifications\nabout deferred events when calling switchdev_deferred_process().\n\nFix this by converting the notification chain to a raw notification\nchain in a similar fashion to the netdev notification chain. Protect\nthe chain using the RTNL mutex by acquiring it when modifying the chain.\nEvents are always informed under the RTNL mutex, but add an assertion in\ncall_switchdev_blocking_notifiers() to make sure this is not violated in\nthe future.\n\nMaintain the \"blocking\" prefix as events are always emitted from process\ncontext and listeners are allowed to block.\n\n[1]:\nWARNING: possible recursive locking detected\n6.14.0-rc4-custom-g079270089484 #1 Not tainted\n--------------------------------------------\nip/52731 is trying to acquire lock:\nffffffff850918d8 ((switchdev_blocking_notif_chain).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain+0x58/0xa0\n\nbut task is already holding lock:\nffffffff850918d8 ((switchdev_blocking_notif_chain).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain+0x58/0xa0\n\nother info that might help us debug this:\nPossible unsafe locking scenario:\nCPU0\n----\nlock((switchdev_blocking_notif_chain).rwsem);\nlock((switchdev_blocking_notif_chain).rwsem);\n\n*** DEADLOCK ***\nMay be due to missing lock nesting notation\n3 locks held by ip/52731:\n #0: ffffffff84f795b0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x727/0x1dc0\n #1: ffffffff8731f628 (&net->rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x790/0x1dc0\n #2: ffffffff850918d8 ((switchdev_blocking_notif_chain).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain+0x58/0xa0\n\nstack backtrace:\n...\n? __pfx_down_read+0x10/0x10\n? __pfx_mark_lock+0x10/0x10\n? __pfx_switchdev_port_attr_set_deferred+0x10/0x10\nblocking_notifier_call_chain+0x58/0xa0\nswitchdev_port_attr_notify.constprop.0+0xb3/0x1b0\n? __pfx_switchdev_port_attr_notify.constprop.0+0x10/0x10\n? mark_held_locks+0x94/0xe0\n? switchdev_deferred_process+0x11a/0x340\nswitchdev_port_attr_set_deferred+0x27/0xd0\nswitchdev_deferred_process+0x164/0x340\nbr_switchdev_port_unoffload+0xc8/0x100 [bridge]\nbr_switchdev_blocking_event+0x29f/0x580 [bridge]\nnotifier_call_chain+0xa2/0x440\nblocking_notifier_call_chain+0x6e/0xa0\nswitchdev_bridge_port_unoffload+0xde/0x1a0\n...\n\ud83d\udccf Published: 2025-04-01T15:47:12.636Z\n\ud83d\udccf Modified: 2025-05-04T13:06:50.853Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/af757f5ee3f754c5dceefb05c12ff37cb46fc682\n2. https://git.kernel.org/stable/c/1f7d051814e7a0cb1f0717ed5527c1059992129d\n3. https://git.kernel.org/stable/c/a597d4b75669ec82c72cbee9fe75a15d04b35b2b\n4. https://git.kernel.org/stable/c/f9ed3fb50b872bd78bcb01f25087f9e4e25085d8\n5. https://git.kernel.org/stable/c/62531a1effa87bdab12d5104015af72e60d926ff", "creation_timestamp": "2025-05-04T13:18:56.000000Z"} 2025-05-04T13:18:56+00:00 https://db.gcve.eu/sighting/c63dad18-8936-4723-87cd-d3e543dc768c/export 2026-05-20T09:16:03.244701+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "c63dad18-8936-4723-87cd-d3e543dc768c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21985", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} 2025-12-03T14:14:49.267740+00:00 https://db.gcve.eu/sighting/c3333aed-2c6a-4301-8389-6bd38d838dc3/export 2026-05-20T09:16:03.244629+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "c3333aed-2c6a-4301-8389-6bd38d838dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21986", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} 2026-03-19T00:00:00+00:00 https://db.gcve.eu/sighting/8ba2b583-e6b2-4606-a4f2-16115d0a1156/export 2026-05-20T09:16:03.242816+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "8ba2b583-e6b2-4606-a4f2-16115d0a1156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21985", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} 2026-03-19T00:00:00+00:00