VulDB Recent Entries

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected is the function iio_for_each_active_channel. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-57908. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been rated as problematic. This issue affects the function iio_for_each_active_channel. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-57907. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been declared as problematic. This vulnerability affects the function iio_for_each_active_channel. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-57906. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6. It has been classified as problematic. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-57905. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 and classified as problematic. Affected by this issue is the function iio_simply_dummy_buffer. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-57911. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 and classified as problematic. Affected by this vulnerability is the function input_free_device. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2024-57904. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.9/6.13-rc6. Affected is the function hclge_fetch_pf_reg. The manipulation leads to improper initialization. This vulnerability is traded as CVE-2025-21650. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. This issue affects the function __kvmalloc_node_noprof. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2025-21648. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.9/6.13-rc6. This vulnerability affects the function netfs_extract_user_iter. The manipulation leads to buffer overflow. This vulnerability was named CVE-2025-21643. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.9/6.13-rc6. This affects the function thread_group_cputime of the component sqpoll. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-21633. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been rated as critical. Affected by this issue is the function usb_ffs_open_thread. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-57913. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component fpu. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2025-21632. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been classified as critical. Affected is the function ipvlan_get_iflink of the component ipvlan. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21652. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6 and classified as problematic. This issue affects some unknown processing of the component hns3. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2025-21651. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 and classified as problematic. This vulnerability affects unknown code of the component sch_cake. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-21647. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. This affects an unknown part of the file /proc/net/afs/ of the component afs. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2025-21646. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.9/6.13-rc6. Affected by this issue is some unknown functionality of the component sysctl. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-21641. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected by this vulnerability is an unknown functionality of the component cookie_hmac_alg. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-21640. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected is an unknown function of the component sysctl. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-21639. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been rated as problematic. This issue affects some unknown processing of the component ovl. The manipulation leads to encoding error. The identification of this vulnerability is CVE-2025-21654. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.