5.5
CVE-2025-71117 - block: Remove queue freezing from several sysfs store callbacks
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queue_if_no_path option. Additiβ¦
0.0
CVE-2025-71110 - mm/slub: reset KASAN tag in defer_free() before accessing freed memory
In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in defer_free() before accessing freed memory When CONFIG_SLUB_TINY is enabled, kfree_nolock() calls kasan_slab_free() before defer_free(). On ARM64 with MTE (Memory Tagging Extension), kasan_slab_free() β¦
0.0
CVE-2025-71109 - MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits
In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 ("MIPS: Tracing: Reduce the overhead of dynamic Function Tracer"), the macro UASM_i_LA_mostly has been used, and this macro can β¦
5.5
CVE-2025-71106 - fs: PM: Fix reverse check in filesystems_freeze_callback()
In the Linux kernel, the following vulnerability has been resolved: fs: PM: Fix reverse check in filesystems_freeze_callback() The freeze_all_ptr check in filesystems_freeze_callback() introduced by commit a3f8f8662771 ("power: always freeze efivarfs") is reverse which quite confusingly causes alβ¦
0.0
CVE-2025-71103 - drm/msm: adreno: fix deferencing ifpc_reglist when not declared
In the Linux kernel, the following vulnerability has been resolved: drm/msm: adreno: fix deferencing ifpc_reglist when not declared On plaforms with an a7xx GPU not supporting IFPC, the ifpc_reglist if still deferenced in a7xx_patch_pwrup_reglist() which causes a kernel crash: Unable to handle keβ¦
9.8
CVE-2025-70968 - freeimage: FreeImage: Arbitrary code execution via Use After Free in PluginTARGA.cpp;loadRLE()
FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE().
7.5
CVE-2025-70747 -
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serviceName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
6.5
CVE-2025-14242 - Vsftpd: vsftpd: denial of service via integer overflow in ls command parameter parsing
A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence.
0.0
CVE-2025-71144 - mptcp: ensure context reset on disconnect()
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure context reset on disconnect() After the blamed commit below, if the MPC subflow is already in TCP_CLOSE status or has fallback to TCP at mptcp_disconnect() time, mptcp_do_fastclose() skips setting the `send_fastclosβ¦
5.4
CVE-2025-67834 -
Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the filter parameter.