0.0
CVE-2025-71130 - drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb->vma[i].vma pointers to NULL, simplifyinβ¦
0.0
CVE-2025-71115 - um: init cpu_tasks[] earlier
In the Linux kernel, the following vulnerability has been resolved: um: init cpu_tasks[] earlier This is currently done in uml_finishsetup(), but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse(), which has coverage annotations, and then the checks in check_kβ¦
0.0
CVE-2025-71107 - f2fs: ensure node page reads complete before f2fs_put_super() finishes
In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fs_put_super() finishes Xfstests generic/335, generic/336 sometimes crash with the following message: F2FS-fs (dm-0): detect filesystem reference count leak during umount, type: 9, β¦
7.5
CVE-2025-71021 -
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serverName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
0.0
CVE-2025-71141 - drm/tilcdc: Fix removal actions in case of failed probe
In the Linux kernel, the following vulnerability has been resolved: drm/tilcdc: Fix removal actions in case of failed probe The drm_kms_helper_poll_fini() and drm_atomic_helper_shutdown() helpers should only be called when the device has been successfully registered. Currently, these functions arβ¦
7.0
CVE-2025-71126 - mptcp: avoid deadlock on fallback while reinjecting
In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme #1 Not tainted --------------------------------------------β¦
5.3
CVE-2025-56226 - libsndfile: memory leak when encoding MP3 files due to an incomplete initialization
Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.
5.4
CVE-2025-63644 -
A stored cross-site scripting (XSS) vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field.
5.5
CVE-2025-71131 - crypto: seqiv - Do not use req->iv after crypto_aead_encrypt
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt As soon as crypto_aead_encrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req->iv after it returns is invalid. Iβ¦
5.5
CVE-2025-71113 - crypto: af_alg - zero initialize memory allocated via sock_kmalloc
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - zero initialize memory allocated via sock_kmalloc Several crypto user API contexts and requests allocated with sock_kmalloc() were left uninitialized, relying on callers to set fields explicitly. This resulted inβ¦