VulDB Recent Entries

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.23/6.13.11/6.14.2. This affects the function list_del of the component btrfs. The manipulation leads to improper update of reference count. This vulnerability is uniquely identified as CVE-2025-37856. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15-rc2. It has been rated as problematic. Affected by this issue is the function kvmalloc. The manipulation leads to privilege escalation. This vulnerability is handled as CVE-2025-37867. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.2. It has been classified as critical. Affected is the function res_pool. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-37855. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.24/6.14.3/6.15-rc2. It has been declared as critical. Affected by this vulnerability is the function txgbe_probe of the component net. The manipulation leads to double free. This vulnerability is known as CVE-2025-37872. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.87/6.12.24/6.14.3/6.15-rc2 and classified as problematic. This issue affects some unknown processing of the component ovl. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2025-37863. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.23/6.13.11/6.14.2 and classified as critical. This vulnerability affects the function reset_domain. The manipulation leads to use after free. This vulnerability was named CVE-2025-37854. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.14.2. This affects the function dispc_ovl_setup of the component fbdev. The manipulation leads to improper initialization. This vulnerability is uniquely identified as CVE-2025-37851. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2. Affected by this issue is the function mv88e6xxx_port_vlan_leave of the component net. The manipulation leads to uninitialized pointer. This vulnerability is handled as CVE-2025-37865. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.23/6.13.11/6.14.2. Affected by this vulnerability is the function io_admin_reset_sync of the component scsi. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2025-37861. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.23/6.13.11/6.14.2. Affected is the function amdgpu_cgs_create_device. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-37852. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.23/6.13.11/6.14.2/6.15-rc1. It has been rated as critical. This issue affects the function ivpu_ms_cleanup. The manipulation leads to deadlock. The identification of this vulnerability is CVE-2025-37848. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15-rc3. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to use after free. This vulnerability was named CVE-2025-37885. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.25/6.14.4. It has been classified as critical. This affects the function sched_yield of the component um. The manipulation leads to excessive iteration. This vulnerability is uniquely identified as CVE-2025-37880. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15-rc1 and classified as critical. Affected by this issue is the function pwm_mediatek_config of the file drivers/pwm/pwm-mediatek.o. The manipulation leads to divide by zero. This vulnerability is handled as CVE-2025-37850. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.23/6.13.11/6.14.2 and classified as critical. Affected by this vulnerability is the function kvm_arch_vcpu_create. The manipulation leads to use after free. This vulnerability is known as CVE-2025-37849. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.23/6.13.11/6.14.2/6.15-rc1. Affected is the function ivpu_ms_cleanup. The manipulation leads to deadlock. This vulnerability is traded as CVE-2025-37847. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 53e83828d352304fec5e19751f38ed8c65e6ec2f. This issue affects the function cifs_server_dbg of the component cifs. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2025-37844. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.25/6.14.4/6.15-rc3. This affects the function ttc_table. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-37888. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.6.88/6.12.25/6.14.4/6.15-rc3. This vulnerability affects the function pds_core. The manipulation leads to improper initialization. This vulnerability was named CVE-2025-37887. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.180/6.1.135/6.6.88/6.12.25/6.14.4. It has been rated as critical. Affected by this issue is the function get_zeroed_page. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-37883. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.