VulDB Recent Entries

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.14.2. This affects the function dispc_ovl_setup of the component fbdev. The manipulation leads to improper initialization. This vulnerability is uniquely identified as CVE-2025-37851. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.24/6.14.3/6.15-rc2. Affected by this issue is the function mv88e6xxx_port_vlan_leave of the component net. The manipulation leads to uninitialized pointer. This vulnerability is handled as CVE-2025-37865. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.23/6.13.11/6.14.2. Affected by this vulnerability is the function io_admin_reset_sync of the component scsi. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2025-37861. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.23/6.13.11/6.14.2. Affected is the function amdgpu_cgs_create_device. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-37852. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.23/6.13.11/6.14.2/6.15-rc1. It has been rated as critical. This issue affects the function ivpu_ms_cleanup. The manipulation leads to deadlock. The identification of this vulnerability is CVE-2025-37848. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15-rc3. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to use after free. This vulnerability was named CVE-2025-37885. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.25/6.14.4. It has been classified as critical. This affects the function sched_yield of the component um. The manipulation leads to excessive iteration. This vulnerability is uniquely identified as CVE-2025-37880. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15-rc1 and classified as critical. Affected by this issue is the function pwm_mediatek_config of the file drivers/pwm/pwm-mediatek.o. The manipulation leads to divide by zero. This vulnerability is handled as CVE-2025-37850. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.134/6.6.87/6.12.23/6.13.11/6.14.2 and classified as critical. Affected by this vulnerability is the function kvm_arch_vcpu_create. The manipulation leads to use after free. This vulnerability is known as CVE-2025-37849. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.23/6.13.11/6.14.2/6.15-rc1. Affected is the function ivpu_ms_cleanup. The manipulation leads to deadlock. This vulnerability is traded as CVE-2025-37847. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 53e83828d352304fec5e19751f38ed8c65e6ec2f. This issue affects the function cifs_server_dbg of the component cifs. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2025-37844. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.25/6.14.4/6.15-rc3. This affects the function ttc_table. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-37888. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.6.88/6.12.25/6.14.4/6.15-rc3. This vulnerability affects the function pds_core. The manipulation leads to improper initialization. This vulnerability was named CVE-2025-37887. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.180/6.1.135/6.6.88/6.12.25/6.14.4. It has been rated as critical. Affected by this issue is the function get_zeroed_page. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-37883. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15-rc2. It has been declared as problematic. Affected by this vulnerability is the function igc_probe of the component Igc Driver. The manipulation leads to state issue. This vulnerability is known as CVE-2025-37875. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.25/6.14.4/6.15-rc1 and classified as critical. This issue affects the function iommu_device_register of the component IOMMU Driver. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2025-37877. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.88/6.12.25/6.14.4/6.15-rc3. It has been classified as critical. Affected is the function pdsc_adminq_post. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-37886. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.135/6.6.88/6.12.25/6.14.4 and classified as critical. This vulnerability affects the function _free_event of the component bpf. The manipulation leads to deadlock. This vulnerability was named CVE-2025-37884. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.135/6.6.88/6.12.25/6.14.4. This affects the function p9_client_write. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-37879. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.24/6.14.3/6.15-rc2. Affected by this issue is the function tx_prod of the component eth. The manipulation leads to denial of service. This vulnerability is handled as CVE-2025-37873. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.