Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0743
Vulnerability from certfr_avis - Published: 2025-08-29 - Updated: 2025-08-29
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
}
],
"initial_release_date": "2025-08-29T00:00:00",
"last_revision_date": "2025-08-29T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0743",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-08-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7711-1",
"url": "https://ubuntu.com/security/notices/USN-7711-1"
},
{
"published_at": "2025-08-26",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7719-1",
"url": "https://ubuntu.com/security/notices/USN-7719-1"
},
{
"published_at": "2025-08-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7712-1",
"url": "https://ubuntu.com/security/notices/USN-7712-1"
}
]
}
CVE-2025-37909 (GCVE-0-2025-37909)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
net: lan743x: Fix memleak issue when GSO enabled
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: lan743x: Fix memleak issue when GSO enabled
Always map the `skb` to the LS descriptor. Previously skb was
mapped to EXT descriptor when the number of fragments is zero with
GSO enabled. Mapping the skb to EXT descriptor prevents it from
being freed, leading to a memory leak
Severity
No CVSS data available.
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
23f0703c125be490f70501b6b24ed5645775c56a , < 093855ce90177488eac772de4eefbb909033ce5f
(git)
Affected: 23f0703c125be490f70501b6b24ed5645775c56a , < 6c65ee5ad632eb8dcd3a91cf5dc99b22535f44d9 (git) Affected: 23f0703c125be490f70501b6b24ed5645775c56a , < df993daa4c968b4b23078eacc248f6502ede8664 (git) Affected: 23f0703c125be490f70501b6b24ed5645775c56a , < a0e0efbabbbe6a1859bc31bf65237ce91e124b9b (git) Affected: 23f0703c125be490f70501b6b24ed5645775c56a , < dae1ce27ceaea7e1522025b15252e3cc52802622 (git) Affected: 23f0703c125be490f70501b6b24ed5645775c56a , < 189b05f189cac9fd233ef04d31cb5078c4d09c39 (git) Affected: 23f0703c125be490f70501b6b24ed5645775c56a , < f42c18e2f14c1b1fdd2a5250069a84bc854c398c (git) Affected: 23f0703c125be490f70501b6b24ed5645775c56a , < 2d52e2e38b85c8b7bc00dca55c2499f46f8c8198 (git) |
|
| Linux | Linux |
Affected:
4.17
Unaffected: 0 , < 4.17 (semver) Unaffected: 5.4.294 , ≤ 5.4.* (semver) Unaffected: 5.10.238 , ≤ 5.10.* (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:10.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/microchip/lan743x_main.c",
"drivers/net/ethernet/microchip/lan743x_main.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "093855ce90177488eac772de4eefbb909033ce5f",
"status": "affected",
"version": "23f0703c125be490f70501b6b24ed5645775c56a",
"versionType": "git"
},
{
"lessThan": "6c65ee5ad632eb8dcd3a91cf5dc99b22535f44d9",
"status": "affected",
"version": "23f0703c125be490f70501b6b24ed5645775c56a",
"versionType": "git"
},
{
"lessThan": "df993daa4c968b4b23078eacc248f6502ede8664",
"status": "affected",
"version": "23f0703c125be490f70501b6b24ed5645775c56a",
"versionType": "git"
},
{
"lessThan": "a0e0efbabbbe6a1859bc31bf65237ce91e124b9b",
"status": "affected",
"version": "23f0703c125be490f70501b6b24ed5645775c56a",
"versionType": "git"
},
{
"lessThan": "dae1ce27ceaea7e1522025b15252e3cc52802622",
"status": "affected",
"version": "23f0703c125be490f70501b6b24ed5645775c56a",
"versionType": "git"
},
{
"lessThan": "189b05f189cac9fd233ef04d31cb5078c4d09c39",
"status": "affected",
"version": "23f0703c125be490f70501b6b24ed5645775c56a",
"versionType": "git"
},
{
"lessThan": "f42c18e2f14c1b1fdd2a5250069a84bc854c398c",
"status": "affected",
"version": "23f0703c125be490f70501b6b24ed5645775c56a",
"versionType": "git"
},
{
"lessThan": "2d52e2e38b85c8b7bc00dca55c2499f46f8c8198",
"status": "affected",
"version": "23f0703c125be490f70501b6b24ed5645775c56a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/microchip/lan743x_main.c",
"drivers/net/ethernet/microchip/lan743x_main.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.17"
},
{
"lessThan": "4.17",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.294",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.238",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.294",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.238",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "4.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: Fix memleak issue when GSO enabled\n\nAlways map the `skb` to the LS descriptor. Previously skb was\nmapped to EXT descriptor when the number of fragments is zero with\nGSO enabled. Mapping the skb to EXT descriptor prevents it from\nbeing freed, leading to a memory leak"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:27.234Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/093855ce90177488eac772de4eefbb909033ce5f"
},
{
"url": "https://git.kernel.org/stable/c/6c65ee5ad632eb8dcd3a91cf5dc99b22535f44d9"
},
{
"url": "https://git.kernel.org/stable/c/df993daa4c968b4b23078eacc248f6502ede8664"
},
{
"url": "https://git.kernel.org/stable/c/a0e0efbabbbe6a1859bc31bf65237ce91e124b9b"
},
{
"url": "https://git.kernel.org/stable/c/dae1ce27ceaea7e1522025b15252e3cc52802622"
},
{
"url": "https://git.kernel.org/stable/c/189b05f189cac9fd233ef04d31cb5078c4d09c39"
},
{
"url": "https://git.kernel.org/stable/c/f42c18e2f14c1b1fdd2a5250069a84bc854c398c"
},
{
"url": "https://git.kernel.org/stable/c/2d52e2e38b85c8b7bc00dca55c2499f46f8c8198"
}
],
"title": "net: lan743x: Fix memleak issue when GSO enabled",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37909",
"datePublished": "2025-05-20T15:21:41.804Z",
"dateReserved": "2025-04-16T04:51:23.967Z",
"dateUpdated": "2026-05-11T21:17:27.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37911 (GCVE-0-2025-37911)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-23 15:58
VLAI
EPSS
Title
bnxt_en: Fix out-of-bound memcpy() during ethtool -w
Summary
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Fix out-of-bound memcpy() during ethtool -w
When retrieving the FW coredump using ethtool, it can sometimes cause
memory corruption:
BUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]
Corrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):
__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]
ethtool_get_dump_data+0xdc/0x1a0
__dev_ethtool+0xa1e/0x1af0
dev_ethtool+0xa8/0x170
dev_ioctl+0x1b5/0x580
sock_do_ioctl+0xab/0xf0
sock_ioctl+0x1ce/0x2e0
__x64_sys_ioctl+0x87/0xc0
do_syscall_64+0x5c/0xf0
entry_SYSCALL_64_after_hwframe+0x78/0x80
...
This happens when copying the coredump segment list in
bnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.
The info->dest_buf buffer is allocated based on the number of coredump
segments returned by the FW. The segment list is then DMA'ed by
the FW and the length of the DMA is returned by FW. The driver then
copies this DMA'ed segment list to info->dest_buf.
In some cases, this DMA length may exceed the info->dest_buf length
and cause the above BUG condition. Fix it by capping the copy
length to not exceed the length of info->dest_buf. The extra
DMA data contains no useful information.
This code path is shared for the HWRM_DBG_COREDUMP_LIST and the
HWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different
for these 2 FW commands. To simplify the logic, we need to move
the line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE
up, so that the new check to cap the copy length will work for both
commands.
Severity
No CVSS data available.
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
c74751f4c39232c31214ec6a3bc1c7e62f5c728b , < 69b10dd23ab826d0c7f2d9ab311842251978d0c1
(git)
Affected: c74751f4c39232c31214ec6a3bc1c7e62f5c728b , < 43292b83424158fa6ec458799f3cb9c54d18c484 (git) Affected: c74751f4c39232c31214ec6a3bc1c7e62f5c728b , < 4d69864915a3a052538e4ba76cd6fd77cfc64ebe (git) Affected: c74751f4c39232c31214ec6a3bc1c7e62f5c728b , < 44807af79efd0d78fa36383dd865ddfe7992c0a6 (git) Affected: c74751f4c39232c31214ec6a3bc1c7e62f5c728b , < 44d81a9ebf0cad92512e0ffdf7412bfe20db66ec (git) Affected: c74751f4c39232c31214ec6a3bc1c7e62f5c728b , < 6b87bd94f34370bbf1dfa59352bed8efab5bf419 (git) Affected: 4bf973a1f84aefb64750bdb3afe72d54de3199d7 (git) Affected: a76837dd731b68cc3b5690470bc9efa2a8e3801a (git) Affected: 4.19.95 , < 4.20 (semver) Affected: 5.4.8 , < 5.5 (semver) |
|
| Linux | Linux |
Affected:
5.5
Unaffected: 0 , < 5.5 (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:12.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/broadcom/bnxt/bnxt_coredump.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "69b10dd23ab826d0c7f2d9ab311842251978d0c1",
"status": "affected",
"version": "c74751f4c39232c31214ec6a3bc1c7e62f5c728b",
"versionType": "git"
},
{
"lessThan": "43292b83424158fa6ec458799f3cb9c54d18c484",
"status": "affected",
"version": "c74751f4c39232c31214ec6a3bc1c7e62f5c728b",
"versionType": "git"
},
{
"lessThan": "4d69864915a3a052538e4ba76cd6fd77cfc64ebe",
"status": "affected",
"version": "c74751f4c39232c31214ec6a3bc1c7e62f5c728b",
"versionType": "git"
},
{
"lessThan": "44807af79efd0d78fa36383dd865ddfe7992c0a6",
"status": "affected",
"version": "c74751f4c39232c31214ec6a3bc1c7e62f5c728b",
"versionType": "git"
},
{
"lessThan": "44d81a9ebf0cad92512e0ffdf7412bfe20db66ec",
"status": "affected",
"version": "c74751f4c39232c31214ec6a3bc1c7e62f5c728b",
"versionType": "git"
},
{
"lessThan": "6b87bd94f34370bbf1dfa59352bed8efab5bf419",
"status": "affected",
"version": "c74751f4c39232c31214ec6a3bc1c7e62f5c728b",
"versionType": "git"
},
{
"status": "affected",
"version": "4bf973a1f84aefb64750bdb3afe72d54de3199d7",
"versionType": "git"
},
{
"status": "affected",
"version": "a76837dd731b68cc3b5690470bc9efa2a8e3801a",
"versionType": "git"
},
{
"lessThan": "4.20",
"status": "affected",
"version": "4.19.95",
"versionType": "semver"
},
{
"lessThan": "5.5",
"status": "affected",
"version": "5.4.8",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/broadcom/bnxt/bnxt_coredump.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.5"
},
{
"lessThan": "5.5",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:58:33.547Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/69b10dd23ab826d0c7f2d9ab311842251978d0c1"
},
{
"url": "https://git.kernel.org/stable/c/43292b83424158fa6ec458799f3cb9c54d18c484"
},
{
"url": "https://git.kernel.org/stable/c/4d69864915a3a052538e4ba76cd6fd77cfc64ebe"
},
{
"url": "https://git.kernel.org/stable/c/44807af79efd0d78fa36383dd865ddfe7992c0a6"
},
{
"url": "https://git.kernel.org/stable/c/44d81a9ebf0cad92512e0ffdf7412bfe20db66ec"
},
{
"url": "https://git.kernel.org/stable/c/6b87bd94f34370bbf1dfa59352bed8efab5bf419"
}
],
"title": "bnxt_en: Fix out-of-bound memcpy() during ethtool -w",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37911",
"datePublished": "2025-05-20T15:21:43.278Z",
"dateReserved": "2025-04-16T04:51:23.967Z",
"dateUpdated": "2026-05-23T15:58:33.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37912 (GCVE-0-2025-37912)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-23 15:58
VLAI
EPSS
Title
ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()
Summary
In the Linux kernel, the following vulnerability has been resolved:
ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()
As mentioned in the commit baeb705fd6a7 ("ice: always check VF VSI
pointer values"), we need to perform a null pointer check on the return
value of ice_get_vf_vsi() before using it.
Severity
No CVSS data available.
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
e81b674ead8e2172b2a69e7b45e079239ace4dbc , < a32dcc3b8293600ddc4024731b4d027d4de061a4
(git)
Affected: 8e02cd98a6e24389d476e28436d41e620ed8e559 , < 0561f2e374c3732b90e50f0a244791a4308ec67e (git) Affected: d62389073a5b937413e2d1bc1da06ccff5103c0c , < eae60cfe25d022d7f0321dba4cc23ad8e87ade48 (git) Affected: 6ebbe97a488179f5dc85f2f1e0c89b486e99ee97 , < 073791e9cfe6e4a11a6d85816ba87b1aa207493e (git) Affected: 6ebbe97a488179f5dc85f2f1e0c89b486e99ee97 , < f68237982dc012230550f4ecf7ce286a9c37ddc9 (git) Affected: 6ebbe97a488179f5dc85f2f1e0c89b486e99ee97 , < 425c5f266b2edeee0ce16fedd8466410cdcfcfe3 (git) Affected: 292081c4e7f575a79017d5cbe1a0ec042783976f (git) Affected: 5.15.172 , < 5.15.182 (semver) Affected: 6.1.103 , < 6.1.138 (semver) Affected: 6.6.44 , < 6.6.90 (semver) Affected: 6.10.3 , < 6.11 (semver) |
|
| Linux | Linux |
Affected:
6.11
Unaffected: 0 , < 6.11 (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:13.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a32dcc3b8293600ddc4024731b4d027d4de061a4",
"status": "affected",
"version": "e81b674ead8e2172b2a69e7b45e079239ace4dbc",
"versionType": "git"
},
{
"lessThan": "0561f2e374c3732b90e50f0a244791a4308ec67e",
"status": "affected",
"version": "8e02cd98a6e24389d476e28436d41e620ed8e559",
"versionType": "git"
},
{
"lessThan": "eae60cfe25d022d7f0321dba4cc23ad8e87ade48",
"status": "affected",
"version": "d62389073a5b937413e2d1bc1da06ccff5103c0c",
"versionType": "git"
},
{
"lessThan": "073791e9cfe6e4a11a6d85816ba87b1aa207493e",
"status": "affected",
"version": "6ebbe97a488179f5dc85f2f1e0c89b486e99ee97",
"versionType": "git"
},
{
"lessThan": "f68237982dc012230550f4ecf7ce286a9c37ddc9",
"status": "affected",
"version": "6ebbe97a488179f5dc85f2f1e0c89b486e99ee97",
"versionType": "git"
},
{
"lessThan": "425c5f266b2edeee0ce16fedd8466410cdcfcfe3",
"status": "affected",
"version": "6ebbe97a488179f5dc85f2f1e0c89b486e99ee97",
"versionType": "git"
},
{
"status": "affected",
"version": "292081c4e7f575a79017d5cbe1a0ec042783976f",
"versionType": "git"
},
{
"lessThan": "5.15.182",
"status": "affected",
"version": "5.15.172",
"versionType": "semver"
},
{
"lessThan": "6.1.138",
"status": "affected",
"version": "6.1.103",
"versionType": "semver"
},
{
"lessThan": "6.6.90",
"status": "affected",
"version": "6.6.44",
"versionType": "semver"
},
{
"lessThan": "6.11",
"status": "affected",
"version": "6.10.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/ice/ice_virtchnl_fdir.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.11"
},
{
"lessThan": "6.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "5.15.172",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "6.1.103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "6.6.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "6.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "6.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "6.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:58:34.525Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a32dcc3b8293600ddc4024731b4d027d4de061a4"
},
{
"url": "https://git.kernel.org/stable/c/0561f2e374c3732b90e50f0a244791a4308ec67e"
},
{
"url": "https://git.kernel.org/stable/c/eae60cfe25d022d7f0321dba4cc23ad8e87ade48"
},
{
"url": "https://git.kernel.org/stable/c/073791e9cfe6e4a11a6d85816ba87b1aa207493e"
},
{
"url": "https://git.kernel.org/stable/c/f68237982dc012230550f4ecf7ce286a9c37ddc9"
},
{
"url": "https://git.kernel.org/stable/c/425c5f266b2edeee0ce16fedd8466410cdcfcfe3"
}
],
"title": "ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37912",
"datePublished": "2025-05-20T15:21:44.062Z",
"dateReserved": "2025-04-16T04:51:23.967Z",
"dateUpdated": "2026-05-23T15:58:34.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37913 (GCVE-0-2025-37913)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
net_sched: qfq: Fix double list add in class with netem as child qdisc
Summary
In the Linux kernel, the following vulnerability has been resolved:
net_sched: qfq: Fix double list add in class with netem as child qdisc
As described in Gerrard's report [1], there are use cases where a netem
child qdisc will make the parent qdisc's enqueue callback reentrant.
In the case of qfq, there won't be a UAF, but the code will add the same
classifier to the list twice, which will cause memory corruption.
This patch checks whether the class was already added to the agg->active
list (cl_is_active) before doing the addition to cater for the reentrant
case.
[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/
Severity
No CVSS data available.
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 041f410aec2c1751ee22b8b73ba05d38c3a6a602
(git)
Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 005a479540478a820c52de098e5e767e63e36f0a (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 0bf32d6fb1fcbf841bb9945570e0e2a70072c00f (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 0aa23e0856b7cedb3c88d8e3d281c212c7e4fbeb (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < a43783119e01849fbf2fe8855634e8989b240cb4 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 53bc0b55178bd59bdd4bcd16349505cabf54b1a2 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 370218e8ce711684acc4cdd3cc3c6dd7956bc165 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < f139f37dcdf34b67f5bf92bc8e0f7f6b3ac63aa4 (git) |
|
| Linux | Linux |
Affected:
5.0
Unaffected: 0 , < 5.0 (semver) Unaffected: 5.4.294 , ≤ 5.4.* (semver) Unaffected: 5.10.238 , ≤ 5.10.* (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:15.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_qfq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "041f410aec2c1751ee22b8b73ba05d38c3a6a602",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "005a479540478a820c52de098e5e767e63e36f0a",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "0bf32d6fb1fcbf841bb9945570e0e2a70072c00f",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "0aa23e0856b7cedb3c88d8e3d281c212c7e4fbeb",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "a43783119e01849fbf2fe8855634e8989b240cb4",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "53bc0b55178bd59bdd4bcd16349505cabf54b1a2",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "370218e8ce711684acc4cdd3cc3c6dd7956bc165",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "f139f37dcdf34b67f5bf92bc8e0f7f6b3ac63aa4",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/sch_qfq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"lessThan": "5.0",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.294",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.238",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.294",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.238",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:31.826Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/041f410aec2c1751ee22b8b73ba05d38c3a6a602"
},
{
"url": "https://git.kernel.org/stable/c/005a479540478a820c52de098e5e767e63e36f0a"
},
{
"url": "https://git.kernel.org/stable/c/0bf32d6fb1fcbf841bb9945570e0e2a70072c00f"
},
{
"url": "https://git.kernel.org/stable/c/0aa23e0856b7cedb3c88d8e3d281c212c7e4fbeb"
},
{
"url": "https://git.kernel.org/stable/c/a43783119e01849fbf2fe8855634e8989b240cb4"
},
{
"url": "https://git.kernel.org/stable/c/53bc0b55178bd59bdd4bcd16349505cabf54b1a2"
},
{
"url": "https://git.kernel.org/stable/c/370218e8ce711684acc4cdd3cc3c6dd7956bc165"
},
{
"url": "https://git.kernel.org/stable/c/f139f37dcdf34b67f5bf92bc8e0f7f6b3ac63aa4"
}
],
"title": "net_sched: qfq: Fix double list add in class with netem as child qdisc",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37913",
"datePublished": "2025-05-20T15:21:44.793Z",
"dateReserved": "2025-04-16T04:51:23.967Z",
"dateUpdated": "2026-05-11T21:17:31.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37914 (GCVE-0-2025-37914)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
net_sched: ets: Fix double list add in class with netem as child qdisc
Summary
In the Linux kernel, the following vulnerability has been resolved:
net_sched: ets: Fix double list add in class with netem as child qdisc
As described in Gerrard's report [1], there are use cases where a netem
child qdisc will make the parent qdisc's enqueue callback reentrant.
In the case of ets, there won't be a UAF, but the code will add the same
classifier to the list twice, which will cause memory corruption.
In addition to checking for qlen being zero, this patch checks whether
the class was already added to the active_list (cl_is_active) before
doing the addition to cater for the reentrant case.
[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/
Severity
No CVSS data available.
Assigner
References
9 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33 , < 24388ba0a1b1b6d4af1b205927ac7f7b119ee4ea
(git)
Affected: dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33 , < 554acc5a2ea9703e08023eb9a003f9e5a830a502 (git) Affected: dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33 , < 9efb6a0fa88e0910d079fdfeb4f7ce4d4ac6c990 (git) Affected: dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33 , < 72c3da7e6ceb74e74ddbb5a305a35c9fdfcac6e3 (git) Affected: dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33 , < 1f01e9f961605eb397c6ecd1d7b0233dfbf9077c (git) Affected: dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33 , < bc321f714de693aae06e3786f88df2975376d996 (git) Affected: dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33 , < 1a6d0c00fa07972384b0c308c72db091d49988b6 (git) |
|
| Linux | Linux |
Affected:
5.6
Unaffected: 0 , < 5.6 (semver) Unaffected: 5.10.238 , ≤ 5.10.* (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:16.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_ets.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "24388ba0a1b1b6d4af1b205927ac7f7b119ee4ea",
"status": "affected",
"version": "dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33",
"versionType": "git"
},
{
"lessThan": "554acc5a2ea9703e08023eb9a003f9e5a830a502",
"status": "affected",
"version": "dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33",
"versionType": "git"
},
{
"lessThan": "9efb6a0fa88e0910d079fdfeb4f7ce4d4ac6c990",
"status": "affected",
"version": "dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33",
"versionType": "git"
},
{
"lessThan": "72c3da7e6ceb74e74ddbb5a305a35c9fdfcac6e3",
"status": "affected",
"version": "dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33",
"versionType": "git"
},
{
"lessThan": "1f01e9f961605eb397c6ecd1d7b0233dfbf9077c",
"status": "affected",
"version": "dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33",
"versionType": "git"
},
{
"lessThan": "bc321f714de693aae06e3786f88df2975376d996",
"status": "affected",
"version": "dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33",
"versionType": "git"
},
{
"lessThan": "1a6d0c00fa07972384b0c308c72db091d49988b6",
"status": "affected",
"version": "dcc68b4d8084e1ac9af0d4022d6b1aff6a139a33",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/sch_ets.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.238",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.238",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "5.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:33.128Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/24388ba0a1b1b6d4af1b205927ac7f7b119ee4ea"
},
{
"url": "https://git.kernel.org/stable/c/554acc5a2ea9703e08023eb9a003f9e5a830a502"
},
{
"url": "https://git.kernel.org/stable/c/9efb6a0fa88e0910d079fdfeb4f7ce4d4ac6c990"
},
{
"url": "https://git.kernel.org/stable/c/72c3da7e6ceb74e74ddbb5a305a35c9fdfcac6e3"
},
{
"url": "https://git.kernel.org/stable/c/1f01e9f961605eb397c6ecd1d7b0233dfbf9077c"
},
{
"url": "https://git.kernel.org/stable/c/bc321f714de693aae06e3786f88df2975376d996"
},
{
"url": "https://git.kernel.org/stable/c/1a6d0c00fa07972384b0c308c72db091d49988b6"
}
],
"title": "net_sched: ets: Fix double list add in class with netem as child qdisc",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37914",
"datePublished": "2025-05-20T15:21:45.796Z",
"dateReserved": "2025-04-16T04:51:23.967Z",
"dateUpdated": "2026-05-11T21:17:33.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37915 (GCVE-0-2025-37915)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
net_sched: drr: Fix double list add in class with netem as child qdisc
Summary
In the Linux kernel, the following vulnerability has been resolved:
net_sched: drr: Fix double list add in class with netem as child qdisc
As described in Gerrard's report [1], there are use cases where a netem
child qdisc will make the parent qdisc's enqueue callback reentrant.
In the case of drr, there won't be a UAF, but the code will add the same
classifier to the list twice, which will cause memory corruption.
In addition to checking for qlen being zero, this patch checks whether the
class was already added to the active_list (cl_is_active) before adding
to the list to cover for the reentrant case.
[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/
Severity
No CVSS data available.
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 5da3aad1a13e7edb8ff0778a444ccf49930313e9
(git)
Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 4b07ac06b0a712923255aaf2691637693fc7100d (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 2968632880f1792007eedd12eeedf7f6e2b7e9f3 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 4f0ecf50cdf76da95828578a92f130b653ac2fcf (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < db205b92dfe0501e5b92fb7cf00971d0e44ba3eb (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 26e75716b94d6ff9be5ea07d63675c4d189f30b4 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < ab2248110738d4429668140ad22f530a9ee730e1 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < f99a3fbf023e20b626be4b0f042463d598050c9a (git) |
|
| Linux | Linux |
Affected:
5.0
Unaffected: 0 , < 5.0 (semver) Unaffected: 5.4.294 , ≤ 5.4.* (semver) Unaffected: 5.10.238 , ≤ 5.10.* (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:17.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_drr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5da3aad1a13e7edb8ff0778a444ccf49930313e9",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "4b07ac06b0a712923255aaf2691637693fc7100d",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "2968632880f1792007eedd12eeedf7f6e2b7e9f3",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "4f0ecf50cdf76da95828578a92f130b653ac2fcf",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "db205b92dfe0501e5b92fb7cf00971d0e44ba3eb",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "26e75716b94d6ff9be5ea07d63675c4d189f30b4",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "ab2248110738d4429668140ad22f530a9ee730e1",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "f99a3fbf023e20b626be4b0f042463d598050c9a",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/sch_drr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"lessThan": "5.0",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.294",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.238",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.294",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.238",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:34.269Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5da3aad1a13e7edb8ff0778a444ccf49930313e9"
},
{
"url": "https://git.kernel.org/stable/c/4b07ac06b0a712923255aaf2691637693fc7100d"
},
{
"url": "https://git.kernel.org/stable/c/2968632880f1792007eedd12eeedf7f6e2b7e9f3"
},
{
"url": "https://git.kernel.org/stable/c/4f0ecf50cdf76da95828578a92f130b653ac2fcf"
},
{
"url": "https://git.kernel.org/stable/c/db205b92dfe0501e5b92fb7cf00971d0e44ba3eb"
},
{
"url": "https://git.kernel.org/stable/c/26e75716b94d6ff9be5ea07d63675c4d189f30b4"
},
{
"url": "https://git.kernel.org/stable/c/ab2248110738d4429668140ad22f530a9ee730e1"
},
{
"url": "https://git.kernel.org/stable/c/f99a3fbf023e20b626be4b0f042463d598050c9a"
}
],
"title": "net_sched: drr: Fix double list add in class with netem as child qdisc",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37915",
"datePublished": "2025-05-20T15:21:46.440Z",
"dateReserved": "2025-04-16T04:51:23.967Z",
"dateUpdated": "2026-05-11T21:17:34.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37923 (GCVE-0-2025-37923)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
tracing: Fix oob write in trace_seq_to_buffer()
Summary
In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix oob write in trace_seq_to_buffer()
syzbot reported this bug:
==================================================================
BUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]
BUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822
Write of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260
CPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
print_address_description mm/kasan/report.c:408 [inline]
print_report+0xc3/0x670 mm/kasan/report.c:521
kasan_report+0xe0/0x110 mm/kasan/report.c:634
check_region_inline mm/kasan/generic.c:183 [inline]
kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189
__asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106
trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]
tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822
....
==================================================================
It has been reported that trace_seq_to_buffer() tries to copy more data
than PAGE_SIZE to buf. Therefore, to prevent this, we should use the
smaller of trace_seq_used(&iter->seq) and PAGE_SIZE as an argument.
Severity
No CVSS data available.
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
3c56819b14b00dd449bd776303e61f8532fad09f , < f4b0174e9f18aaba59ee6ffdaf8827a7f94eb606
(git)
Affected: 3c56819b14b00dd449bd776303e61f8532fad09f , < 665ce421041890571852422487f4c613d1824ba9 (git) Affected: 3c56819b14b00dd449bd776303e61f8532fad09f , < 1a3f9482b50b74fa9421bff8ceecfefd0dc06f8f (git) Affected: 3c56819b14b00dd449bd776303e61f8532fad09f , < 441021e5b3c7d9bd1b963590652c415929f3b157 (git) Affected: 3c56819b14b00dd449bd776303e61f8532fad09f , < 056ebbddb8faf4ddf83d005454dd78fc25c2d897 (git) Affected: 3c56819b14b00dd449bd776303e61f8532fad09f , < 1f27a3e93b8d674b24b27fcdbc6f72743cd96c0d (git) Affected: 3c56819b14b00dd449bd776303e61f8532fad09f , < c5d2b66c5ef5037b4b4360e5447605ff00ba1bd4 (git) Affected: 3c56819b14b00dd449bd776303e61f8532fad09f , < f5178c41bb43444a6008150fe6094497135d07cb (git) |
|
| Linux | Linux |
Affected:
2.6.30
Unaffected: 0 , < 2.6.30 (semver) Unaffected: 5.4.294 , ≤ 5.4.* (semver) Unaffected: 5.10.238 , ≤ 5.10.* (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:21.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/trace/trace.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f4b0174e9f18aaba59ee6ffdaf8827a7f94eb606",
"status": "affected",
"version": "3c56819b14b00dd449bd776303e61f8532fad09f",
"versionType": "git"
},
{
"lessThan": "665ce421041890571852422487f4c613d1824ba9",
"status": "affected",
"version": "3c56819b14b00dd449bd776303e61f8532fad09f",
"versionType": "git"
},
{
"lessThan": "1a3f9482b50b74fa9421bff8ceecfefd0dc06f8f",
"status": "affected",
"version": "3c56819b14b00dd449bd776303e61f8532fad09f",
"versionType": "git"
},
{
"lessThan": "441021e5b3c7d9bd1b963590652c415929f3b157",
"status": "affected",
"version": "3c56819b14b00dd449bd776303e61f8532fad09f",
"versionType": "git"
},
{
"lessThan": "056ebbddb8faf4ddf83d005454dd78fc25c2d897",
"status": "affected",
"version": "3c56819b14b00dd449bd776303e61f8532fad09f",
"versionType": "git"
},
{
"lessThan": "1f27a3e93b8d674b24b27fcdbc6f72743cd96c0d",
"status": "affected",
"version": "3c56819b14b00dd449bd776303e61f8532fad09f",
"versionType": "git"
},
{
"lessThan": "c5d2b66c5ef5037b4b4360e5447605ff00ba1bd4",
"status": "affected",
"version": "3c56819b14b00dd449bd776303e61f8532fad09f",
"versionType": "git"
},
{
"lessThan": "f5178c41bb43444a6008150fe6094497135d07cb",
"status": "affected",
"version": "3c56819b14b00dd449bd776303e61f8532fad09f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/trace/trace.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.30"
},
{
"lessThan": "2.6.30",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.294",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.238",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.294",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.238",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "2.6.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix oob write in trace_seq_to_buffer()\n\nsyzbot reported this bug:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\nBUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\nWrite of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260\n\nCPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n __asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106\n trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\n tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\n ....\n==================================================================\n\nIt has been reported that trace_seq_to_buffer() tries to copy more data\nthan PAGE_SIZE to buf. Therefore, to prevent this, we should use the\nsmaller of trace_seq_used(\u0026iter-\u003eseq) and PAGE_SIZE as an argument."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:43.384Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f4b0174e9f18aaba59ee6ffdaf8827a7f94eb606"
},
{
"url": "https://git.kernel.org/stable/c/665ce421041890571852422487f4c613d1824ba9"
},
{
"url": "https://git.kernel.org/stable/c/1a3f9482b50b74fa9421bff8ceecfefd0dc06f8f"
},
{
"url": "https://git.kernel.org/stable/c/441021e5b3c7d9bd1b963590652c415929f3b157"
},
{
"url": "https://git.kernel.org/stable/c/056ebbddb8faf4ddf83d005454dd78fc25c2d897"
},
{
"url": "https://git.kernel.org/stable/c/1f27a3e93b8d674b24b27fcdbc6f72743cd96c0d"
},
{
"url": "https://git.kernel.org/stable/c/c5d2b66c5ef5037b4b4360e5447605ff00ba1bd4"
},
{
"url": "https://git.kernel.org/stable/c/f5178c41bb43444a6008150fe6094497135d07cb"
}
],
"title": "tracing: Fix oob write in trace_seq_to_buffer()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37923",
"datePublished": "2025-05-20T15:21:51.927Z",
"dateReserved": "2025-04-16T04:51:23.969Z",
"dateUpdated": "2026-05-11T21:17:43.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37927 (GCVE-0-2025-37927)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid
Summary
In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid
There is a string parsing logic error which can lead to an overflow of hid
or uid buffers. Comparing ACPIID_LEN against a total string length doesn't
take into account the lengths of individual hid and uid buffers so the
check is insufficient in some cases. For example if the length of hid
string is 4 and the length of the uid string is 260, the length of str
will be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer
which size is 256.
The same applies to the hid string with length 13 and uid string with
length 250.
Check the length of hid and uid strings separately to prevent
buffer overflow.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Severity
No CVSS data available.
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
ca3bf5d47cec8b7614bcb2e9132c40081d6d81db , < 2b65060c84ee4d8dc64fae6d2728b528e9e832e1
(git)
Affected: ca3bf5d47cec8b7614bcb2e9132c40081d6d81db , < a65ebfed65fa62797ec1f5f1dcf7adb157a2de1e (git) Affected: ca3bf5d47cec8b7614bcb2e9132c40081d6d81db , < 466d9da267079a8d3b69fa72dfa3a732e1f6dbb5 (git) Affected: ca3bf5d47cec8b7614bcb2e9132c40081d6d81db , < c3f37faa71f5d26dd2144b3f2b14525ec8f5e41f (git) Affected: ca3bf5d47cec8b7614bcb2e9132c40081d6d81db , < 13d67528e1ae4486e9ab24b70122fab104c73c29 (git) Affected: ca3bf5d47cec8b7614bcb2e9132c40081d6d81db , < 10d901a95f8e766e5aa0bb9a983fb41271f64718 (git) Affected: ca3bf5d47cec8b7614bcb2e9132c40081d6d81db , < c8bdfc0297965bb13fa439d36ca9c4f7c8447f0f (git) Affected: ca3bf5d47cec8b7614bcb2e9132c40081d6d81db , < 8dee308e4c01dea48fc104d37f92d5b58c50b96c (git) |
|
| Linux | Linux |
Affected:
4.7
Unaffected: 0 , < 4.7 (semver) Unaffected: 5.4.294 , ≤ 5.4.* (semver) Unaffected: 5.10.238 , ≤ 5.10.* (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:24.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/iommu/amd/init.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "2b65060c84ee4d8dc64fae6d2728b528e9e832e1",
"status": "affected",
"version": "ca3bf5d47cec8b7614bcb2e9132c40081d6d81db",
"versionType": "git"
},
{
"lessThan": "a65ebfed65fa62797ec1f5f1dcf7adb157a2de1e",
"status": "affected",
"version": "ca3bf5d47cec8b7614bcb2e9132c40081d6d81db",
"versionType": "git"
},
{
"lessThan": "466d9da267079a8d3b69fa72dfa3a732e1f6dbb5",
"status": "affected",
"version": "ca3bf5d47cec8b7614bcb2e9132c40081d6d81db",
"versionType": "git"
},
{
"lessThan": "c3f37faa71f5d26dd2144b3f2b14525ec8f5e41f",
"status": "affected",
"version": "ca3bf5d47cec8b7614bcb2e9132c40081d6d81db",
"versionType": "git"
},
{
"lessThan": "13d67528e1ae4486e9ab24b70122fab104c73c29",
"status": "affected",
"version": "ca3bf5d47cec8b7614bcb2e9132c40081d6d81db",
"versionType": "git"
},
{
"lessThan": "10d901a95f8e766e5aa0bb9a983fb41271f64718",
"status": "affected",
"version": "ca3bf5d47cec8b7614bcb2e9132c40081d6d81db",
"versionType": "git"
},
{
"lessThan": "c8bdfc0297965bb13fa439d36ca9c4f7c8447f0f",
"status": "affected",
"version": "ca3bf5d47cec8b7614bcb2e9132c40081d6d81db",
"versionType": "git"
},
{
"lessThan": "8dee308e4c01dea48fc104d37f92d5b58c50b96c",
"status": "affected",
"version": "ca3bf5d47cec8b7614bcb2e9132c40081d6d81db",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/iommu/amd/init.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.7"
},
{
"lessThan": "4.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.294",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.238",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.294",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.238",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "4.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid\n\nThere is a string parsing logic error which can lead to an overflow of hid\nor uid buffers. Comparing ACPIID_LEN against a total string length doesn\u0027t\ntake into account the lengths of individual hid and uid buffers so the\ncheck is insufficient in some cases. For example if the length of hid\nstring is 4 and the length of the uid string is 260, the length of str\nwill be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer\nwhich size is 256.\n\nThe same applies to the hid string with length 13 and uid string with\nlength 250.\n\nCheck the length of hid and uid strings separately to prevent\nbuffer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:48.029Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2b65060c84ee4d8dc64fae6d2728b528e9e832e1"
},
{
"url": "https://git.kernel.org/stable/c/a65ebfed65fa62797ec1f5f1dcf7adb157a2de1e"
},
{
"url": "https://git.kernel.org/stable/c/466d9da267079a8d3b69fa72dfa3a732e1f6dbb5"
},
{
"url": "https://git.kernel.org/stable/c/c3f37faa71f5d26dd2144b3f2b14525ec8f5e41f"
},
{
"url": "https://git.kernel.org/stable/c/13d67528e1ae4486e9ab24b70122fab104c73c29"
},
{
"url": "https://git.kernel.org/stable/c/10d901a95f8e766e5aa0bb9a983fb41271f64718"
},
{
"url": "https://git.kernel.org/stable/c/c8bdfc0297965bb13fa439d36ca9c4f7c8447f0f"
},
{
"url": "https://git.kernel.org/stable/c/8dee308e4c01dea48fc104d37f92d5b58c50b96c"
}
],
"title": "iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37927",
"datePublished": "2025-05-20T15:21:53.973Z",
"dateReserved": "2025-04-16T04:51:23.969Z",
"dateUpdated": "2026-05-11T21:17:48.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37930 (GCVE-0-2025-37930)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()
Nouveau is mostly designed in a way that it's expected that fences only
ever get signaled through nouveau_fence_signal(). However, in at least
one other place, nouveau_fence_done(), can signal fences, too. If that
happens (race) a signaled fence remains in the pending list for a while,
until it gets removed by nouveau_fence_update().
Should nouveau_fence_context_kill() run in the meantime, this would be
a bug because the function would attempt to set an error code on an
already signaled fence.
Have nouveau_fence_context_kill() check for a fence being signaled.
Severity
No CVSS data available.
Assigner
References
9 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
ea13e5abf807ea912ce84eef6a1946b9a38c6508 , < 39d6e889c0b19a2c79e1c74c843ea7c2d0f99c28
(git)
Affected: ea13e5abf807ea912ce84eef6a1946b9a38c6508 , < 2ec0f5f6d4768f292c8406ed92fa699f184577e5 (git) Affected: ea13e5abf807ea912ce84eef6a1946b9a38c6508 , < 47ca11836c35c5698088fd87f7fb4b0ffa217e17 (git) Affected: ea13e5abf807ea912ce84eef6a1946b9a38c6508 , < 126f5c6e0cb84e5c6f7a3a856d799d85668fb38e (git) Affected: ea13e5abf807ea912ce84eef6a1946b9a38c6508 , < b771b2017260ffc3a8d4e81266619649bffcb242 (git) Affected: ea13e5abf807ea912ce84eef6a1946b9a38c6508 , < 0453825167ecc816ec15c736e52316f69db0deb9 (git) Affected: ea13e5abf807ea912ce84eef6a1946b9a38c6508 , < bbe5679f30d7690a9b6838a583b9690ea73fe0e9 (git) |
|
| Linux | Linux |
Affected:
5.6
Unaffected: 0 , < 5.6 (semver) Unaffected: 5.10.238 , ≤ 5.10.* (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:29.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nouveau_fence.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "39d6e889c0b19a2c79e1c74c843ea7c2d0f99c28",
"status": "affected",
"version": "ea13e5abf807ea912ce84eef6a1946b9a38c6508",
"versionType": "git"
},
{
"lessThan": "2ec0f5f6d4768f292c8406ed92fa699f184577e5",
"status": "affected",
"version": "ea13e5abf807ea912ce84eef6a1946b9a38c6508",
"versionType": "git"
},
{
"lessThan": "47ca11836c35c5698088fd87f7fb4b0ffa217e17",
"status": "affected",
"version": "ea13e5abf807ea912ce84eef6a1946b9a38c6508",
"versionType": "git"
},
{
"lessThan": "126f5c6e0cb84e5c6f7a3a856d799d85668fb38e",
"status": "affected",
"version": "ea13e5abf807ea912ce84eef6a1946b9a38c6508",
"versionType": "git"
},
{
"lessThan": "b771b2017260ffc3a8d4e81266619649bffcb242",
"status": "affected",
"version": "ea13e5abf807ea912ce84eef6a1946b9a38c6508",
"versionType": "git"
},
{
"lessThan": "0453825167ecc816ec15c736e52316f69db0deb9",
"status": "affected",
"version": "ea13e5abf807ea912ce84eef6a1946b9a38c6508",
"versionType": "git"
},
{
"lessThan": "bbe5679f30d7690a9b6838a583b9690ea73fe0e9",
"status": "affected",
"version": "ea13e5abf807ea912ce84eef6a1946b9a38c6508",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/nouveau/nouveau_fence.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.6"
},
{
"lessThan": "5.6",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.238",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.238",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "5.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:51.391Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/39d6e889c0b19a2c79e1c74c843ea7c2d0f99c28"
},
{
"url": "https://git.kernel.org/stable/c/2ec0f5f6d4768f292c8406ed92fa699f184577e5"
},
{
"url": "https://git.kernel.org/stable/c/47ca11836c35c5698088fd87f7fb4b0ffa217e17"
},
{
"url": "https://git.kernel.org/stable/c/126f5c6e0cb84e5c6f7a3a856d799d85668fb38e"
},
{
"url": "https://git.kernel.org/stable/c/b771b2017260ffc3a8d4e81266619649bffcb242"
},
{
"url": "https://git.kernel.org/stable/c/0453825167ecc816ec15c736e52316f69db0deb9"
},
{
"url": "https://git.kernel.org/stable/c/bbe5679f30d7690a9b6838a583b9690ea73fe0e9"
}
],
"title": "drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37930",
"datePublished": "2025-05-20T15:21:55.941Z",
"dateReserved": "2025-04-16T04:51:23.970Z",
"dateUpdated": "2026-05-11T21:17:51.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37932 (GCVE-0-2025-37932)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
sch_htb: make htb_qlen_notify() idempotent
Summary
In the Linux kernel, the following vulnerability has been resolved:
sch_htb: make htb_qlen_notify() idempotent
htb_qlen_notify() always deactivates the HTB class and in fact could
trigger a warning if it is already deactivated. Therefore, it is not
idempotent and not friendly to its callers, like fq_codel_dequeue().
Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers'
life.
Severity
No CVSS data available.
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
959466588aa7f84ccf79ae36a1d89542eaf9aaec , < e6b45f4de763b00dc1c55e685e2dd1aaf525d3c1
(git)
Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 32ae12ce6a9f6bace186ca7335220ff59b6cc3cd (git) Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 967955c9e57f8eebfccc298037d4aaf3d42bc1c9 (git) Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 73cf6af13153d62f9b76eff422eea79dbc70f15e (git) Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < bbbf5e0f87078b715e7a665d662a2c0e77f044ae (git) Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 0a188c0e197383683fd093ab1ea6ce9a5869a6ea (git) Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < a61f1b5921761fbaf166231418bc1db301e5bf59 (git) Affected: 959466588aa7f84ccf79ae36a1d89542eaf9aaec , < 5ba8b837b522d7051ef81bacf3d95383ff8edce5 (git) |
|
| Linux | Linux |
Affected:
4.14
Unaffected: 0 , < 4.14 (semver) Unaffected: 5.4.294 , ≤ 5.4.* (semver) Unaffected: 5.10.241 , ≤ 5.10.* (semver) Unaffected: 5.15.190 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:30.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_htb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e6b45f4de763b00dc1c55e685e2dd1aaf525d3c1",
"status": "affected",
"version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
"versionType": "git"
},
{
"lessThan": "32ae12ce6a9f6bace186ca7335220ff59b6cc3cd",
"status": "affected",
"version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
"versionType": "git"
},
{
"lessThan": "967955c9e57f8eebfccc298037d4aaf3d42bc1c9",
"status": "affected",
"version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
"versionType": "git"
},
{
"lessThan": "73cf6af13153d62f9b76eff422eea79dbc70f15e",
"status": "affected",
"version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
"versionType": "git"
},
{
"lessThan": "bbbf5e0f87078b715e7a665d662a2c0e77f044ae",
"status": "affected",
"version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
"versionType": "git"
},
{
"lessThan": "0a188c0e197383683fd093ab1ea6ce9a5869a6ea",
"status": "affected",
"version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
"versionType": "git"
},
{
"lessThan": "a61f1b5921761fbaf166231418bc1db301e5bf59",
"status": "affected",
"version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
"versionType": "git"
},
{
"lessThan": "5ba8b837b522d7051ef81bacf3d95383ff8edce5",
"status": "affected",
"version": "959466588aa7f84ccf79ae36a1d89542eaf9aaec",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/sch_htb.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.14"
},
{
"lessThan": "4.14",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.294",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.241",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.190",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.294",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.241",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.190",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "4.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:53.987Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e6b45f4de763b00dc1c55e685e2dd1aaf525d3c1"
},
{
"url": "https://git.kernel.org/stable/c/32ae12ce6a9f6bace186ca7335220ff59b6cc3cd"
},
{
"url": "https://git.kernel.org/stable/c/967955c9e57f8eebfccc298037d4aaf3d42bc1c9"
},
{
"url": "https://git.kernel.org/stable/c/73cf6af13153d62f9b76eff422eea79dbc70f15e"
},
{
"url": "https://git.kernel.org/stable/c/bbbf5e0f87078b715e7a665d662a2c0e77f044ae"
},
{
"url": "https://git.kernel.org/stable/c/0a188c0e197383683fd093ab1ea6ce9a5869a6ea"
},
{
"url": "https://git.kernel.org/stable/c/a61f1b5921761fbaf166231418bc1db301e5bf59"
},
{
"url": "https://git.kernel.org/stable/c/5ba8b837b522d7051ef81bacf3d95383ff8edce5"
}
],
"title": "sch_htb: make htb_qlen_notify() idempotent",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37932",
"datePublished": "2025-05-20T15:21:57.469Z",
"dateReserved": "2025-04-16T04:51:23.970Z",
"dateUpdated": "2026-05-11T21:17:53.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…