VulDB Recent Entries

A vulnerability has been found in Linux Kernel up to 6.15-rc4 and classified as critical. Affected by this vulnerability is the function parse_ivrs_acpihid. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2025-37927. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.14.5/6.15-rc4. Affected is the function module_memory_alloc. The manipulation leads to allocation of resources. This vulnerability is traded as CVE-2025-37898. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.27/6.14.5/6.15-rc4. This issue affects the function shutdown_mem_profiling. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2025-37908. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.14.5/6.15-rc3. This vulnerability affects the function ublk_cancel_cmd. The manipulation leads to denial of service. This vulnerability was named CVE-2025-37906. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.27/6.14.5/6.15-rc4. This affects the function acp_i2s_set_tdm_slot of the component ASoC. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-37919. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.89/6.12.27/6.14.5/6.15-rc4. It has been rated as critical. Affected by this issue is the function skb_dequeue of the component Bluetooth. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-37918. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel. It has been declared as critical. Affected by this vulnerability is the function memcpy of the component bnxt_en. The manipulation leads to memory corruption. This vulnerability is known as CVE-2025-37911. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15-rc4. It has been classified as critical. Affected is an unknown function of the component net. The manipulation leads to memory leak. This vulnerability is traded as CVE-2025-37909. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.27/6.14.5/6.15-rc4 and classified as critical. This issue affects the function smb2_sess_setup of the component ksmbd. The manipulation leads to use after free. The identification of this vulnerability is CVE-2025-37899. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.89/6.12.27/6.14.5/6.15-rc4 and classified as critical. This vulnerability affects unknown code of the component pds_core. The manipulation leads to use after free. This vulnerability was named CVE-2025-37916. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.27/6.14.5/6.15-rc4. This affects the function bnxt_init_chip of the file kernel/workqueue.c. The manipulation leads to improper initialization. This vulnerability is uniquely identified as CVE-2025-37895. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.27/6.14.5/6.15-rc4. Affected by this issue is the function sock_gen_put of the file mrdump.ko. The manipulation leads to improper update of reference count. This vulnerability is handled as CVE-2025-37894. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.13.10/6.14.1. Affected by this vulnerability is the function btf_ext_parse_info of the component libbpf. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2025-37939. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.135/6.6.88/6.12.25/6.13.10/6.14.1. Affected is an unknown function of the component tracing. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-37938. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.1. It has been rated as critical. This issue affects the function dib8000_set_dds. The manipulation leads to divide by zero. The identification of this vulnerability is CVE-2025-37937. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.89/6.12.27/6.14.5/6.15-rc4. It has been declared as critical. This vulnerability affects the function octeon_ep. The manipulation leads to denial of service. This vulnerability was named CVE-2025-37933. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.137/6.6.89/6.12.27/6.14.5/6.15-rc1. It has been classified as problematic. This affects the function htb_qlen_notify of the component sch_htb. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-37932. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to ed681e90fb244aa883b918c4d8be2614e816c6df and classified as critical. Affected by this issue is the function spectre_bhb_loop_affected of the component arm64. The manipulation leads to denial of service. This vulnerability is handled as CVE-2025-37929. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.137/6.6.89/6.12.27/6.14.5/6.15-rc4 and classified as critical. Affected by this vulnerability is the function in_atomic of the file drivers/md/dm-bufio.c. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2025-37928. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.137/6.6.89/6.12.27/6.14.5/6.15-rc4. Affected is the function ksmbd_free_user. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-37924. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.