VulDB Recent Entries

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. Affected by this issue is the function might_sleep. The manipulation leads to deadlock. This vulnerability is handled as CVE-2025-21823. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.128/6.6.77/6.12.13/6.13.2. Affected by this vulnerability is an unknown functionality of the file ptp_s390.c of the component ptp. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-21814. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. Affected is the function nilfs_lookup_dirty_data_buffers. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21811. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.77/6.12.13/6.13.2/6.14-rc1. It has been rated as problematic. This issue affects some unknown processing of the component AMD Display. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2025-21819. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.75/6.12.12/6.13.1. It has been declared as problematic. This vulnerability affects the function class_dev_iter_next. The manipulation leads to improper initialization. This vulnerability was named CVE-2025-21810. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.12/6.13.1. It has been classified as problematic. This affects the function deinit of the component RDMA. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2025-21805. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1 and classified as critical. Affected by this issue is the function devm_request_mem_region of the file /proc/iomem. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2025-21804. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.12.13/6.13.2/6.14-rc1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file kernel/time/timer_migration.c of the component migration. The manipulation leads to off-by-one. This vulnerability is known as CVE-2025-21813. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.13/6.13.2/6.14-rc1. This issue affects the function cpu_stop_signal_done of the component hrtimers. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-21816. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.128/6.6.77/6.12.13/6.13.2/6.14-rc1. Affected is the function xen_hypercall_hvm. The manipulation leads to denial of service. This vulnerability is traded as CVE-2025-21818. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. This vulnerability affects the function process_backlog. The manipulation leads to state issue. This vulnerability was named CVE-2025-21806. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.13.1. This affects the function queue_attr_store. The manipulation leads to deadlock. This vulnerability is uniquely identified as CVE-2025-21807. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been rated as critical. Affected by this issue is the function ax25_setsockopt of the component ax25. The manipulation leads to deadlock. This vulnerability is handled as CVE-2025-21812. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Tuoshi Dionlink LT15D 4G Wi-Fi and LT21B up to 1.0.1481.15.02/1.0.1802.10.08. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/formJSONAjaxReq. The manipulation leads to os command injection. This vulnerability is known as CVE-2024-53944. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been classified as problematic. Affected is the function pci_disable_sriov of the component hns3. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2025-21802. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.13.1 and classified as critical. This issue affects the function IS_ERR of the component th1520. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-58022. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1 and classified as critical. This vulnerability affects the function tegra_emc_find_node_by_ram_code of the component tegra20-emc. The manipulation of the argument device leads to use after free. This vulnerability was named CVE-2024-58034. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.12/6.13.1. This affects the function HWS_SET32 of the component mlx5. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2025-21800. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.12/6.13.1. Affected by this vulnerability is the function rht_grow_above_75 of the component rhashtable. The manipulation leads to deadlock. This vulnerability is known as CVE-2024-58042. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.12/6.13.1. Affected by this issue is the function kunit_kzalloc of the component firewire. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-21798. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.