VulDB Recent Entries

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.15-rc4. This issue affects some unknown processing of the file fpe.c of the component parisc. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2025-37991. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to d1347977661342cb09a304a17701eb2d4aa21dec. This vulnerability affects the function should_flush_tlb. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-37964. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to a41cd52f00907a040ca22c73d4805bb79b0d0972. This affects the function parse_lease_state of the component ksmbd. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2025-37962. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.90/6.12.28/6.14.6/6.15-rc5. It has been rated as problematic. Affected by this issue is the function d_alloc of the component ksmbd. The manipulation leads to privilege escalation. This vulnerability is handled as CVE-2025-37956. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component arm64. The manipulation leads to privilege escalation. This vulnerability is known as CVE-2025-37963. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel. It has been classified as critical. Affected is an unknown function of the file arch/x86/kvm/x86.c of the component KVM. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-37957. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.28/6.14.6/6.15-rc5 and classified as problematic. This issue affects the function memblock_double_array. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2025-37960. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc5 and classified as critical. This vulnerability affects the function bpf_redirect_peer. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-37959. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.28/6.14.6/6.15-rc5. This affects the function huge_memory. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-37958. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel. Affected by this issue is the function do_output_route4 of the component ipvs. The manipulation leads to denial of service. This vulnerability is handled as CVE-2025-37961. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.6.90/6.12.28/6.14.6/6.15-rc5. Affected by this vulnerability is the function open_cached_dir of the component smb. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2025-37954. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.15-rc5. Affected is the function htb_deactivate of the component sch_htb. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-37953. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc5. It has been declared as problematic. This vulnerability affects the function ksmbd_vfs_stream_write. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-37947. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc5. It has been rated as critical. This issue affects the function timedout_job. The manipulation leads to memory leak. The identification of this vulnerability is CVE-2025-37951. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.90/6.12.28/6.14.6/6.15-rc5. It has been classified as critical. This affects the function __close_file_table_ids of the component ksmbd. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-37952. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.28/6.14.6/6.15-rc5 and classified as critical. Affected by this issue is the function virtnet_xsk_pool_enable. The manipulation leads to memory leak. This vulnerability is handled as CVE-2025-37955. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.14.6/6.15-rc5 and classified as problematic. Affected by this vulnerability is the function w_pages of the component ocfs2. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2025-37950. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.138/6.6.90/6.12.28/6.14.6/6.15-rc6. Affected is an unknown function of the component arm64. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2025-37948. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.15-rc5. This issue affects the function xs_wake_up of the component xenbus. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2025-37949. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.28/6.14.6/6.15-rc5. This vulnerability affects the function pci_dev_put. The manipulation leads to use after free. This vulnerability was named CVE-2025-37946. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.