{"vulnerability": "cve-2025-3808", "sightings": [{"uuid": "6cc3cbc9-7ad8-462b-befe-7b7eca0b8b7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38080", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lruvvynxvj2r", "content": "", "creation_timestamp": "2025-06-18T11:31:23.266699Z"}, {"uuid": "1095e22e-583d-4171-b0ac-e13aa0c1505a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38081", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lruwl5qoxc2r", "content": "", "creation_timestamp": "2025-06-18T11:43:12.817092Z"}, {"uuid": "f11eb506-ca22-493d-8928-bc9c09cb12ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3808", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln7iaenrzkr2", "content": "", "creation_timestamp": "2025-04-20T01:20:09.823604Z"}, {"uuid": "d26723cc-0b2e-4e30-b616-eb65ba2e7f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38089", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/3", "content": "", "creation_timestamp": "2025-07-02T11:07:30.000000Z"}, {"uuid": "86b98106-28b6-4f59-b319-96bfc8c79002", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lwom472ww22k", "content": "", "creation_timestamp": "2025-08-18T14:25:56.026353Z"}, {"uuid": "ef452700-2a43-42a7-a6d0-2e1ab2949195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lwosfyue622k", "content": "", "creation_timestamp": "2025-08-18T16:18:48.361501Z"}, {"uuid": "2ee70ba7-77eb-4057-b4a9-025cf4c118bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lwowhozcxc2k", "content": "", "creation_timestamp": "2025-08-18T17:31:20.178049Z"}, {"uuid": "e93db2e2-3b80-491a-84a7-eec0208e2ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38084", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19807", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38084\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: unshare page tables during VMA split, not before\n\nCurrently, __split_vma() triggers hugetlb page table unsharing through\nvm_ops-&gt;may_split().  This happens before the VMA lock and rmap locks are\ntaken - which is too early, it allows racing VMA-locked page faults in our\nprocess and racing rmap walks from other processes to cause page tables to\nbe shared again before we actually perform the split.\n\nFix it by explicitly calling into the hugetlb unshare logic from\n__split_vma() in the same place where THP splitting also happens.  At that\npoint, both the VMA and the rmap(s) are write-locked.\n\nAn annoying detail is that we can now call into the helper\nhugetlb_unshare_pmds() from two different locking contexts:\n\n1. from hugetlb_split(), holding:\n    - mmap lock (exclusively)\n    - VMA lock\n    - file rmap lock (exclusively)\n2. hugetlb_unshare_all_pmds(), which I think is designed to be able to\n   call us with only the mmap lock held (in shared mode), but currently\n   only runs while holding mmap lock (exclusively) and VMA lock\n\nBackporting note:\nThis commit fixes a racy protection that was introduced in commit\nb30c14cd6102 (\"hugetlb: unshare some PMDs when splitting VMAs\"); that\ncommit claimed to fix an issue introduced in 5.13, but it should actually\nalso go all the way back.\n\n[jannh@google.com: v2]\n\ud83d\udccf Published: 2025-06-28T07:44:25.379Z\n\ud83d\udccf Modified: 2025-06-28T07:44:25.379Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/e8847d18cd9fff1edbb45e963d9141273c3b539c\n2. https://git.kernel.org/stable/c/366298f2b04d2bf1f2f2b7078405bdf9df9bd5d0\n3. https://git.kernel.org/stable/c/2511ac64bc1617ca716d3ba8464e481a647c1902\n4. https://git.kernel.org/stable/c/af6cfcd0efb7f051af221c418ec8b37a10211947\n5. https://git.kernel.org/stable/c/9cf5b2a3b72c23fb7b84736d5d19ee6ea718762b\n6. https://git.kernel.org/stable/c/8a21d5584826f4880f45bbf8f72375f4e6c0ff2a\n7. https://git.kernel.org/stable/c/081056dc00a27bccb55ccc3c6f230a3d5fd3f7e0", "creation_timestamp": "2025-06-28T07:51:37.000000Z"}, {"uuid": "7ee4347f-abfc-43fc-ab38-c17dd2e2ed71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38088", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19909", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38088\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap\n\nmemtrace mmap issue has an out of bounds issue. This patch fixes the by\nchecking that the requested mapping region size should stay within the\nallocated region size.\n\ud83d\udccf Published: 2025-06-30T07:29:44.086Z\n\ud83d\udccf Modified: 2025-06-30T07:29:44.086Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/81260c41b518b6f32c701425f1427562fa92f293\n2. https://git.kernel.org/stable/c/620b77b23c41a6546e5548ffe2ea3ad71880dde4\n3. https://git.kernel.org/stable/c/8635e325b85dfb9ddebdfaa6b5605d40d16cd147\n4. https://git.kernel.org/stable/c/9c340b56d60545e4a159e41523dd8b23f81d3261\n5. https://git.kernel.org/stable/c/bbd5a9ddb0f9750783a48a871c9e12c0b68c5f39\n6. https://git.kernel.org/stable/c/cd097df4596f3a1e9d75eb8520162de1eb8485b2", "creation_timestamp": "2025-06-30T07:56:16.000000Z"}, {"uuid": "e4c392f6-6fba-49ea-99fd-f9beb2efc419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38089", "type": "published-proof-of-concept", "source": "Telegram/9DyvUYmKj0qKMHM6yohokQ2fP6lG8umb-pZsulnVoiqOvNU", "content": "", "creation_timestamp": "2025-07-02T19:00:08.000000Z"}, {"uuid": "99ec6de5-9b86-4411-a3de-95e93888a778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38084", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsnxfzsojf25", "content": "", "creation_timestamp": "2025-06-28T10:34:48.177291Z"}, {"uuid": "e3562412-9e41-4ee8-b7c6-febfe4c84dc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38085", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsnxoy7ntv2k", "content": "", "creation_timestamp": "2025-06-28T10:39:48.423723Z"}, {"uuid": "8979e3f8-40d9-4024-accb-b23d0dcf4836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38084", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114760569911813656", "content": "", "creation_timestamp": "2025-06-28T10:42:09.652728Z"}, {"uuid": "04b5f150-eb33-40bd-aa0c-179415912ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38082", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lruwujkjsc2q", "content": "", "creation_timestamp": "2025-06-18T11:48:27.133744Z"}, {"uuid": "238c5545-0678-42bd-aa98-602ae222a336", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38089", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lsyddevklv2a", "content": "", "creation_timestamp": "2025-07-02T13:34:41.312649Z"}, {"uuid": "e260cc68-53a9-4802-921b-52bf049d00f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lvaxjaen5l2l", "content": "", "creation_timestamp": "2025-07-31T10:47:34.146616Z"}, {"uuid": "84a97d89-6924-4d63-b8b6-d3230268b09c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3lvaxjcteof72", "content": "", "creation_timestamp": "2025-07-31T10:47:38.460638Z"}, {"uuid": "759c726a-b0dd-4531-a63a-159333628fd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lw77mrwcki2i", "content": "", "creation_timestamp": "2025-08-12T11:32:35.054179Z"}, {"uuid": "c2747601-5387-4af0-9030-198a51e90586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lw77n2mcwm2l", "content": "", "creation_timestamp": "2025-08-12T11:32:44.134480Z"}, {"uuid": "07915e36-9edf-470c-9558-90f2a78fdf47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3lw77muzmsok2", "content": "", "creation_timestamp": "2025-08-12T11:33:54.818425Z"}, {"uuid": "0e6e9aeb-c346-44d3-a78b-5e0670e12b3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lwz32rop7225", "content": "", "creation_timestamp": "2025-08-22T18:20:13.404206Z"}, {"uuid": "093d8416-d9a7-4993-83fe-142a6790dc45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lx5xkv2d3k2c", "content": "", "creation_timestamp": "2025-08-24T17:00:56.382268Z"}, {"uuid": "56a8db6e-2cbc-4134-aec7-86daae99e7d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38085", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3mcjhcmjsjc2p", "content": "", "creation_timestamp": "2026-01-16T06:19:01.021918Z"}, {"uuid": "29d47a34-11ff-487f-9d20-d13871dd7b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38080", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "c2804989-4925-4bf8-846f-f03db2bd7268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38085", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "fe6dcd4b-7384-40d9-a48c-4497a394c49c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38085", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19806", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38085\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race\n\nhuge_pmd_unshare() drops a reference on a page table that may have\npreviously been shared across processes, potentially turning it into a\nnormal page table used in another process in which unrelated VMAs can\nafterwards be installed.\n\nIf this happens in the middle of a concurrent gup_fast(), gup_fast() could\nend up walking the page tables of another process.  While I don't see any\nway in which that immediately leads to kernel memory corruption, it is\nreally weird and unexpected.\n\nFix it with an explicit broadcast IPI through tlb_remove_table_sync_one(),\njust like we do in khugepaged when removing page tables for a THP\ncollapse.\n\ud83d\udccf Published: 2025-06-28T07:44:26.178Z\n\ud83d\udccf Modified: 2025-06-28T07:44:26.178Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/952596b08c74e8fe9e2883d1dc8a8f54a37384ec\n2. https://git.kernel.org/stable/c/a3d864c901a300c295692d129159fc3001a56185\n3. https://git.kernel.org/stable/c/b7754d3aa7bf9f62218d096c0c8f6c13698fac8b\n4. https://git.kernel.org/stable/c/fe684290418ef9ef76630072086ee530b92f02b8\n5. https://git.kernel.org/stable/c/034a52b5ef57c9c8225d94e9067f3390bb33922f\n6. https://git.kernel.org/stable/c/a6bfeb97941a9187833b526bc6cc4ff5706d0ce9\n7. https://git.kernel.org/stable/c/1013af4f585fccc4d3e5c5824d174de2257f7d6d", "creation_timestamp": "2025-06-28T07:51:36.000000Z"}, {"uuid": "6855f485-f9b4-4ffc-b41b-6edf2ca91596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38089", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/42751", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aPoC for CVE-2025-38089\nURL\uff1ahttps://github.com/keymaker-arch/NFSundown\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-02T08:43:25.000000Z"}, {"uuid": "0edcfbed-228f-4ef4-baa6-8f1876999308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38089", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19908", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38089\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: handle SVC_GARBAGE during svc auth processing as auth error\n\ntianshuo han reported a remotely-triggerable crash if the client sends a\nkernel RPC server a specially crafted packet. If decoding the RPC reply\nfails in such a way that SVC_GARBAGE is returned without setting the\nrq_accept_statp pointer, then that pointer can be dereferenced and a\nvalue stored there.\n\nIf it's the first time the thread has processed an RPC, then that\npointer will be set to NULL and the kernel will crash. In other cases,\nit could create a memory scribble.\n\nThe server sunrpc code treats a SVC_GARBAGE return from svc_authenticate\nor pg_authenticate as if it should send a GARBAGE_ARGS reply. RFC 5531\nsays that if authentication fails that the RPC should be rejected\ninstead with a status of AUTH_ERR.\n\nHandle a SVC_GARBAGE return as an AUTH_ERROR, with a reason of\nAUTH_BADCRED instead of returning GARBAGE_ARGS in that case. This\nsidesteps the whole problem of touching the rpc_accept_statp pointer in\nthis situation and avoids the crash.\n\ud83d\udccf Published: 2025-06-30T07:29:44.836Z\n\ud83d\udccf Modified: 2025-06-30T07:29:44.836Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/599c489eea793821232a2f69a00fa57d82b0ac98\n2. https://git.kernel.org/stable/c/353e75b55e583635bf71cde6abcec274dba05edd\n3. https://git.kernel.org/stable/c/c90459cd58bb421d275337093d8e901e0ba748dd\n4. https://git.kernel.org/stable/c/94d10a4dba0bc482f2b01e39f06d5513d0f75742", "creation_timestamp": "2025-06-30T07:56:15.000000Z"}, {"uuid": "0c38cb03-722b-4ea9-8e67-4a745e94977a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38080", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18701", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38080\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase block_sequence array size\n\n[Why]\nIt's possible to generate more than 50 steps in hwss_build_fast_sequence,\nfor example with a 6-pipe asic where all pipes are in one MPC chain. This\noverflows the block_sequence buffer and corrupts block_sequence_steps,\ncausing a crash.\n\n[How]\nExpand block_sequence to 100 items. A naive upper bound on the possible\nnumber of steps for a 6-pipe asic, ignoring the potential for steps to be\nmutually exclusive, is 91 with current code, therefore 100 is sufficient.\n\ud83d\udccf Published: 2025-06-18T09:33:53.920Z\n\ud83d\udccf Modified: 2025-06-18T09:33:53.920Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/de67e80ab48f1f23663831007a2fa3c1471a7757\n2. https://git.kernel.org/stable/c/e55c5704b12eeea27e212bfab8f7e51ad3e8ac1f\n3. https://git.kernel.org/stable/c/bf1666072e7482317cf2302621766482a21a62c7\n4. https://git.kernel.org/stable/c/3a7810c212bcf2f722671dadf4b23ff70a7d23ee", "creation_timestamp": "2025-06-18T10:39:59.000000Z"}, {"uuid": "2aafeb66-2dfc-474f-8c4c-975cb427e98e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38081", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18700", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38081\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nspi-rockchip: Fix register out of bounds access\n\nDo not write native chip select stuff for GPIO chip selects.\nGPIOs can be numbered much higher than native CS.\nAlso, it makes no sense.\n\ud83d\udccf Published: 2025-06-18T09:33:54.564Z\n\ud83d\udccf Modified: 2025-06-18T09:33:54.564Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/4a120221661fcecb253448d7b041a52d47f1d91f\n2. https://git.kernel.org/stable/c/ace57bd1fb49d193edec5f6a1f255f48dd5fca90\n3. https://git.kernel.org/stable/c/254e04ec799c1ff8c1e2bd08a57c6a849895d6ff\n4. https://git.kernel.org/stable/c/7a874e8b54ea21094f7fd2d428b164394c6cb316", "creation_timestamp": "2025-06-18T10:39:58.000000Z"}, {"uuid": "88bab487-f617-4dff-bd54-0db55b7fe97a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38082", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18699", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38082\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: virtuser: fix potential out-of-bound write\n\nIf the caller wrote more characters, count is truncated to the max\navailable space in \"simple_write_to_buffer\". Check that the input\nsize does not exceed the buffer size. Write a zero termination\nafterwards.\n\ud83d\udccf Published: 2025-06-18T09:35:41.902Z\n\ud83d\udccf Modified: 2025-06-18T09:35:41.902Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/afe090366f470f77e140ff3407db813f57852c04\n2. https://git.kernel.org/stable/c/b96feaaa0fda1e3871b438143c3446954b32d3a7\n3. https://git.kernel.org/stable/c/7118be7c6072f40391923543fdd1563b8d56377c", "creation_timestamp": "2025-06-18T10:39:57.000000Z"}, {"uuid": "b4c74045-5f1b-45ad-98ad-a5c7bf726317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18933", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38083\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0                                 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n |                                    [5]: lock root\n |                                    [6]: rehash\n |                                    [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent's qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.\n\ud83d\udccf Published: 2025-06-20T11:21:51.554Z\n\ud83d\udccf Modified: 2025-06-20T11:21:51.554Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/46c15c9d0f65c9ba857d63f53264f4b17e8a715f\n2. https://git.kernel.org/stable/c/e3f6745006dc9423d2b065b90f191cfa11b1b584\n3. https://git.kernel.org/stable/c/93f9eeb678d4c9c1abf720b3615fa8299a490845\n4. https://git.kernel.org/stable/c/d35acc1be3480505b5931f17e4ea9b7617fea4d3", "creation_timestamp": "2025-06-20T11:46:54.000000Z"}, {"uuid": "2cc9aacc-743c-4992-999a-88182de9285d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3808", "type": "seen", "source": "https://t.me/cvedetector/23389", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3808 - Zhenfeng13 My-BBS Cross-Site Request Forgery Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3808 \nPublished : April 19, 2025, 6:15 p.m. | 45\u00a0minutes ago \nDescription : A vulnerability has been found in zhenfeng13 My-BBS 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-19T21:50:02.000000Z"}, {"uuid": "8050596e-ea6e-4dbb-b264-c7e0a37e15f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38086", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsnyjtiycz2i", "content": "", "creation_timestamp": "2025-06-28T10:54:49.816482Z"}, {"uuid": "74beb390-344e-4fb0-8944-2a4b6a7cf924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38085", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114760624503959489", "content": "", "creation_timestamp": "2025-06-28T10:56:02.434009Z"}, {"uuid": "129e7102-360b-4c5c-8312-c6f2572bee47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38082", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lrwbmp62fk2d", "content": "", "creation_timestamp": "2025-06-19T00:33:38.333780Z"}, {"uuid": "9095df25-4f00-4f2b-9ce9-3e63b7465a93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38087", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114771831552626842", "content": "", "creation_timestamp": "2025-06-30T10:26:08.393142Z"}, {"uuid": "d7cbcbf3-bd69-47fa-b082-bda035f77ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38088", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsszeue2dl2o", "content": "", "creation_timestamp": "2025-06-30T10:53:14.940845Z"}, {"uuid": "43ebedac-abd5-45b2-ab3a-fc3c62481efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38087", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lst27pnloo2p", "content": "", "creation_timestamp": "2025-06-30T11:08:16.233708Z"}, {"uuid": "42218ffb-4dcb-41be-90ac-577a5b87ac0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38089", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lst2io2txr2r", "content": "", "creation_timestamp": "2025-06-30T11:13:16.295608Z"}, {"uuid": "b8c5d248-7401-4355-af1e-a6b7a078cb26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lv73zcnzx327", "content": "", "creation_timestamp": "2025-07-30T17:02:49.047672Z"}, {"uuid": "208ffc3d-c92b-4ff7-8eda-3bfb6cd7ed42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3lv73zh5w4x52", "content": "", "creation_timestamp": "2025-07-30T17:03:19.145088Z"}, {"uuid": "d3958603-091b-49b2-bd39-aab7fb15e4e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38083", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvdxbpv56k2f", "content": "", "creation_timestamp": "2025-08-01T15:21:23.514087Z"}, {"uuid": "59325d00-c5b2-49a8-849e-d3c917166a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38087", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lyifmxl65c2p", "content": "", "creation_timestamp": "2025-09-10T14:04:27.505323Z"}, {"uuid": "273c5df5-922a-4f19-9e75-79371608372b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38084", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-06", "content": "", "creation_timestamp": "2026-02-12T11:00:00.000000Z"}, {"uuid": "96b55459-cfe3-453c-90ac-d1c6dd48cfb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38085", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-06", "content": "", "creation_timestamp": "2026-02-12T11:00:00.000000Z"}, {"uuid": "11368a9e-5788-4f2f-85fd-381dd0899d74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38086", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-06", "content": "", "creation_timestamp": "2026-02-12T11:00:00.000000Z"}, {"uuid": "977b6046-a371-44bf-8eb5-860254a33095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38080", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "a41cdef5-8a3b-4656-bc59-20383c9817d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38081", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "45a42e7b-52f3-4988-8b5f-1cf8802db3a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38082", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "f4efe107-c264-4a0b-9fbf-6cbab2ad16a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38084", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "e1591417-76bd-4a5f-8944-9f70029fad83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3808", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12589", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3808\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability has been found in zhenfeng13 My-BBS 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected.\n\ud83d\udccf Published: 2025-04-19T17:31:04.680Z\n\ud83d\udccf Modified: 2025-04-19T17:31:04.680Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.305662\n2. https://vuldb.com/?ctiid.305662\n3. https://vuldb.com/?submit.555259\n4. https://github.com/caigo8/CVE-md/blob/main/My-bbs/CSRF.md", "creation_timestamp": "2025-04-19T18:02:39.000000Z"}, {"uuid": "b59bc96c-6de3-4006-a050-fd4000ee6b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38087", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19910", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38087\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fix use-after-free in taprio_dev_notifier\n\nSince taprio\u2019s taprio_dev_notifier() isn\u2019t protected by an\nRCU read-side critical section, a race with advance_sched()\ncan lead to a use-after-free.\n\nAdding rcu_read_lock() inside taprio_dev_notifier() prevents this.\n\ud83d\udccf Published: 2025-06-30T07:29:43.325Z\n\ud83d\udccf Modified: 2025-06-30T07:29:43.325Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/8c5713ce1ced75f9e9ed5c642ea3d2ba06ead69c\n2. https://git.kernel.org/stable/c/8a008c89e5e5c5332e4c0a33d707db9ddd529f8a\n3. https://git.kernel.org/stable/c/b1547d28ba468bc3b88764efd13e4319bab63be8\n4. https://git.kernel.org/stable/c/b160766e26d4e2e2d6fe2294e0b02f92baefcec5", "creation_timestamp": "2025-06-30T07:56:17.000000Z"}, {"uuid": "2b4ef8d6-9d32-44f5-a494-ddff77a8c150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38089", "type": "published-proof-of-concept", "source": "Telegram/7fgJPbYm76Noyc5NVfwJ4imA4GEc6x2X4VIWCPGaO6mzOX0", "content": "", "creation_timestamp": "2025-07-02T15:00:06.000000Z"}]}