Vuldb Updates

A vulnerability has been found in Linux Kernel up to 6.14.2 and classified as problematic. This vulnerability affects the function s_sequence of the component jbd2. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-37839. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel. It has been rated as critical. Affected by this issue is the function tipc_mon_reinit_self of the component tipc. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-37824. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15-rc3. It has been classified as problematic. Affected is the function chameleon_parse_gdd of the component mcb. The manipulation leads to double free. This vulnerability is traded as CVE-2025-37817. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.15-rc3. This affects the function hfsc_dequeue of the component net_sched. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-37823. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.15-rc1. Affected is the function size_limit_mb of the component udmabuf. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2025-37803. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.4. It has been classified as problematic. Affected is the function af_alg of the component crypto. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2025-37808. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15-rc3. It has been classified as critical. This affects an unknown part of the component cdns3. The manipulation leads to deadlock. This vulnerability is uniquely identified as CVE-2025-37812. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.15-rc3 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-37810. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.15-rc3. Affected is the function hfsc_change_class of the component net_sched. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-37797. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2. Affected is the function at76_disconnect of the component Wifi. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-37796. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2 and classified as critical. Affected by this vulnerability is the function ieee80211_do_stop of the component wifi. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-37794. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2 and classified as problematic. This issue affects the function Set of the component net. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2025-37789. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2. This affects the function cxgb4_init_ethtool_filters. The manipulation leads to incorrect control flow. This vulnerability is uniquely identified as CVE-2025-37788. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2. This vulnerability affects the function btrtl_initialize of the file drivers/bluetooth/btrtl.c of the component Bluetooth. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-37792. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2 and classified as critical. Affected by this issue is some unknown functionality of the component i2c. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-37781. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2. Affected is the function handle_to_path of the component isofs. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2025-37780. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2. This affects an unknown part of the component virtiofs. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-37773. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2. It has been classified as problematic. Affected is the function hfs_bnode_read_key of the component hfsplus. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2025-37782. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3. Affected is an unknown function. The manipulation of the argument speed leads to divide by zero. This vulnerability is traded as CVE-2025-37770. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3. It has been declared as critical. This vulnerability affects unknown code. The manipulation of the argument speed leads to divide by zero. This vulnerability was named CVE-2025-37768. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.