7.0
CVE-2025-39683 - tracing: Limit access to parser->buffer when trace_get_user failed
In the Linux kernel, the following vulnerability has been resolved: tracing: Limit access to parser->buffer when trace_get_user failed When the length of the string written to set_ftrace_filter exceeds FTRACE_BUFF_MAX, the following KASAN alarm will be triggered: BUG: KASAN: slab-out-of-bounds iβ¦
7.0
CVE-2025-39682 - tls: fix handling of zero-length records on the rx_list
In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rx_list Each recvmsg() call must process either - only contiguous DATA records (any number of them) - one non-DATA record If the next record has different type than what has alreβ¦
5.5
CVE-2025-39676 - scsi: qla4xxx: Prevent a potential error pointer dereference
In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxx_get_ep_fwdb() function is supposed to return NULL on error, but qla4xxx_ep_connect() returns error pointers. Propagating the error pointers will lead to anβ¦
5.5
CVE-2025-39693 - drm/amd/display: Avoid a NULL pointer dereference
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid a NULL pointer dereference [WHY] Although unlikely drm_atomic_get_new_connector_state() or drm_atomic_get_old_connector_state() can return NULL. [HOW] Check returns before dereference. (cherry picked fromβ¦
7.0
CVE-2025-38735 - gve: prevent ethtool ops after shutdown
In the Linux kernel, the following vulnerability has been resolved: gve: prevent ethtool ops after shutdown A crash can occur if an ethtool operation is invoked after shutdown() is called. shutdown() is invoked during system shutdown to stop DMA operations without performing expensive deallocatiβ¦
7.0
CVE-2025-39721 - crypto: qat - flush misc workqueue during device shutdown
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - flush misc workqueue during device shutdown Repeated loading and unloading of a device specific QAT driver, for example qat_4xxx, in a tight loop can lead to a crash due to a use-after-free scenario. This occurs wheβ¦
7.0
CVE-2025-39711 - media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls
In the Linux kernel, the following vulnerability has been resolved: media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls Both the ACE and CSI driver are missing a mei_cldev_disable() call in their remove() function. This causes the mei_cl client to stay part of the mei_devβ¦
7.5
CVE-2025-58362 - Hono contains a flaw in URL path parsing, potentially leading to path confusion
Hono is a Web application framework that provides support for any JavaScript runtime. Versions 4.8.0 through 4.9.5 contain a flaw in the getPath utility function which could allow path confusion and potential bypass of proxy-level ACLs (e.g. Nginx location blocks). The original implementation relieβ¦
6
CVE-2025-58359 - frost-core: refresh shares with smaller min_signers will reduce group security
ZF FROST is a Rust implementation of FROST (Flexible Round-Optimised Schnorr Threshold signatures). In versions 2.0.0 through 2.1.0, refresh shares with smaller min_signers will reduce security of group. The inability to change min_signers (i.e. the threshold) with the refresh share functionality (β¦
7.2
CVE-2025-58179 - Astro Cloudflare adapter is vulnerable to Server-Side Request Forgery via /_image endpoint
Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URLs β¦