VulDB Recent Entries

A vulnerability has been found in Linux Kernel up to 6.12.12/6.13.1 and classified as problematic. This vulnerability affects the function run_delalloc_nocow. The manipulation leads to insufficient verification of data authenticity. This vulnerability was named CVE-2024-57975. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. This affects an unknown part in the library lib/refcount.c. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-21796. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.6.78/6.12.15/6.13.3/6.14-rc2. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2025-21789. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. Affected by this vulnerability is an unknown functionality in the library lib/vsprintf.c. The manipulation leads to Privilege Escalation. This vulnerability is known as CVE-2025-21787. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.15/6.13.3/6.14-rc2. Affected is the function kthread_stop. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21786. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.13.3/6.14-rc2. It has been rated as problematic. This issue affects the function vmclock_miscdev_fops. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2025-21769. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.15/6.13.3/6.14-rc1. It has been declared as critical. This vulnerability affects unknown code of the file ioam6.sh of the component ipv6. The manipulation leads to memory leak. This vulnerability was named CVE-2025-21768. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.12.12/6.13.1. It has been classified as critical. This affects the function mark_buffer_dirty of the file fs/buffer.c. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-21722. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.12/6.13.1 and classified as critical. Affected by this issue is the function nilfs_prepare_chunk of the component nilfs2. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2025-21721. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. This vulnerability is known as CVE-2025-21718. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.12/6.13.1. Affected is the function __xa_cmpxchg in the library lib/refcount.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21714. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.12/6.13.1. This issue affects the function bitmap_get_stats. The manipulation leads to improper initialization. The identification of this vulnerability is CVE-2025-21712. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.13.1. This vulnerability affects the function th1520_mbox_suspend_noirq of the component mailbox. The manipulation leads to memory corruption. This vulnerability was named CVE-2024-57983. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.13.1. This affects the function cow_file_range of the file fs/btrfs/extent_io.c. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-57976. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.15/6.13.3/6.14-rc2. It has been rated as problematic. Affected by this issue is the function scx_move_task of the file kernel/sched/ext.c. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2025-21771. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been declared as critical. Affected by this vulnerability is the function sys_exit in the library lib/kobject.c. The manipulation leads to use after free. This vulnerability is known as CVE-2024-57979. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been classified as problematic. Affected is the function usb_submit_urb of the file drivers/usb/core/urb.c. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2025-21708. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2 and classified as critical. This issue affects the function batadv_hardif_neigh_node. The manipulation leads to improper update of reference count. The identification of this vulnerability is CVE-2025-21781. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.13.1 and classified as problematic. This vulnerability affects the function rtw89_ops_add_interface. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-21730. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.128/6.6.77/6.12.12/6.13.1. This affects the function mptcp_pm_nl_fullmesh of the file net/mptcp/pm_netlink.c. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2025-21706. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.