VulDB Recent Entries

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.98/6.12.38/6.15.6/6.16-rc4. Affected is the function dma_buf_vmap. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2025-38449. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.16-rc5. Affected by this vulnerability is the function vsock_find_cid. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-38462. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.16-rc4. It has been rated as problematic. This issue affects some unknown processing of the component perf. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2025-38466. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.16-rc5. It has been declared as critical. This vulnerability affects the function vsock_use_local_transport. The manipulation leads to memory corruption. This vulnerability was named CVE-2025-38461. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.3. It has been classified as critical. This affects the function ims_pcu_flash_firmware. The manipulation of the argument len leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-38428. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.38/6.15.6/6.16-rc5 and classified as critical. Affected by this issue is the function snd_card_ad1816a_pnp of the component ALSA. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-38454. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.12.38/6.15.6/6.16-rc5 and classified as critical. Affected by this vulnerability is the function rtsn_probe of the component net. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-38452. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.15.6/6.16-rc5. Affected is the function try_to_unmap_one. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2025-38447. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.6.98/6.12.38/6.15.6/6.16-rc5. This issue affects the function tcp_bound_to_half_wnd of the component tcp. The manipulation of the argument involved leads to allocation of resources. The identification of this vulnerability is CVE-2025-38463. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.16-rc5. This vulnerability affects the function to_atmarpd of the component atm. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-38460. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 896a6fbefc9050cf940ed57947eda6dc23aa58b0. This affects the function bitmap_get_stats. The manipulation leads to state issue. This vulnerability is uniquely identified as CVE-2025-38451. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.38/6.15.6/6.16-rc5. It has been rated as critical. Affected by this issue is the function mt7925_sta_set_decap_offload of the component wifi. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-38450. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.16-rc4. It has been declared as problematic. Affected by this vulnerability is the function gs_start_io of the component usb. The manipulation leads to race condition. This vulnerability is known as CVE-2025-38448. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.16-rc5. It has been classified as problematic. Affected is the function atomic_add_return of the component netlink. The manipulation leads to insufficient verification of data authenticity. This vulnerability is traded as CVE-2025-38465. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.6/6.16-rc5 and classified as problematic. This issue affects the function kfree_rcu of the component msg_ring. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2025-38453. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.94/6.12.34/6.15.3 and classified as critical. This vulnerability affects the function pcibios_bus_to_resource of the component Video. The manipulation leads to buffer overflow. This vulnerability was named CVE-2025-38427. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.16-rc5. This affects the function tipc_conn_close of the component tipc. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-38464. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.16-rc5. Affected by this issue is the function qdisc_tree_reduce_backlog. The manipulation leads to privilege escalation. This vulnerability is handled as CVE-2025-38457. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.145/6.6.98/6.12.38/6.15.6/6.16-rc5. Affected by this vulnerability is the function kvm_vm_ioctl_create_vcpu. The manipulation leads to memory corruption. This vulnerability is known as CVE-2025-38455. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.16-rc5. Affected is the function clip_push of the component atm. The manipulation leads to uncontrolled recursion. This vulnerability is traded as CVE-2025-38459. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.