VulDB Recent Entries

A vulnerability was found in Linux Kernel up to 6.12.15/6.13.3/6.14-rc1. It has been declared as critical. This vulnerability affects unknown code of the file ioam6.sh of the component ipv6. The manipulation leads to memory leak. This vulnerability was named CVE-2025-21768. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.12.12/6.13.1. It has been classified as critical. This affects the function mark_buffer_dirty of the file fs/buffer.c. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-21722. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.12/6.13.1 and classified as critical. Affected by this issue is the function nilfs_prepare_chunk of the component nilfs2. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2025-21721. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. This vulnerability is known as CVE-2025-21718. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.12/6.13.1. Affected is the function __xa_cmpxchg in the library lib/refcount.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21714. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.12/6.13.1. This issue affects the function bitmap_get_stats. The manipulation leads to improper initialization. The identification of this vulnerability is CVE-2025-21712. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.13.1. This vulnerability affects the function th1520_mbox_suspend_noirq of the component mailbox. The manipulation leads to memory corruption. This vulnerability was named CVE-2024-57983. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.13.1. This affects the function cow_file_range of the file fs/btrfs/extent_io.c. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-57976. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.15/6.13.3/6.14-rc2. It has been rated as problematic. Affected by this issue is the function scx_move_task of the file kernel/sched/ext.c. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2025-21771. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been declared as critical. Affected by this vulnerability is the function sys_exit in the library lib/kobject.c. The manipulation leads to use after free. This vulnerability is known as CVE-2024-57979. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been classified as problematic. Affected is the function usb_submit_urb of the file drivers/usb/core/urb.c. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2025-21708. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2 and classified as critical. This issue affects the function batadv_hardif_neigh_node. The manipulation leads to improper update of reference count. The identification of this vulnerability is CVE-2025-21781. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.13.1 and classified as problematic. This vulnerability affects the function rtw89_ops_add_interface. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-21730. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.128/6.6.77/6.12.12/6.13.1. This affects the function mptcp_pm_nl_fullmesh of the file net/mptcp/pm_netlink.c. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2025-21706. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.12/6.13.1. Affected by this issue is the function ptr_ring_resize_multiple of the file net/core/page_pool.c. The manipulation leads to reachable assertion. This vulnerability is handled as CVE-2024-57994. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.12/6.13.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to insufficient verification of data authenticity. This vulnerability is known as CVE-2024-57999. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. Affected is the function mr_mfc_uses_dev of the component ipmr. The manipulation leads to state issue. This vulnerability is traded as CVE-2025-21719. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been rated as problematic. This issue affects some unknown processing of the file net/mptcp/protocol.c of the component mptcp. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-21705. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been declared as problematic. This vulnerability affects unknown code of the file net/sched/sch_sfq.c of the component net_sched. The manipulation leads to improper validation of array index. This vulnerability was named CVE-2024-57996. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. It has been classified as critical. This affects the function usb_hub_to_struct_hub. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-21776. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.