5.5
CVE-2025-68204 - pmdomain: arm: scmi: Fix genpd leak on provider registration failure
In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: scmi: Fix genpd leak on provider registration failure If of_genpd_add_provider_onecell() fails during probe, the previously created generic power domains are not removed, leading to a memory leak and potential kernβ¦
7.0
CVE-2025-68182 - wifi: iwlwifi: fix potential use after free in iwl_mld_remove_link()
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix potential use after free in iwl_mld_remove_link() This code frees "link" by calling kfree_rcu(link, rcu_head) and then it dereferences "link" to get the "link->fw_id". Save the "link->fw_id" first to avoid a pβ¦
0.0
CVE-2025-68289 - usb: gadget: f_eem: Fix memory leak in eem_unwrap
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_eem: Fix memory leak in eem_unwrap The existing code did not handle the failure case of usb_ep_queue in the command path, potentially leading to memory leaks. Improve error handling to free all allocated resourcesβ¦
5.5
CVE-2025-40346 - arch_topology: Fix incorrect error check in topology_parse_cpu_capacity()
In the Linux kernel, the following vulnerability has been resolved: arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() Fix incorrect use of PTR_ERR_OR_ZERO() in topology_parse_cpu_capacity() which causes the code to proceed with NULL clock pointers. The current logic uses !β¦
7.0
CVE-2025-68192 - net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup Raw IP packets have no MAC header, leaving skb->mac_header uninitialized. This can trigger kernel panics on ARM64 when xfrm or other subsystems access the offsetβ¦
5.5
CVE-2025-40361 - kernel: fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
0.0
CVE-2025-68196 - drm/amd/display: Cache streams targeting link when performing LT automation
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Cache streams targeting link when performing LT automation [WHY] Last LT automation update can cause crash by referencing current_state and calling into dc_update_planes_and_stream which may clobber current_stateβ¦
7.0
CVE-2025-68253 - mm: don't spin in add_stack_record when gfp flags don't allow
In the Linux kernel, the following vulnerability has been resolved: mm: don't spin in add_stack_record when gfp flags don't allow syzbot was able to find the following path: add_stack_record_to_list mm/page_owner.c:182 [inline] inc_stack_record_count mm/page_owner.c:214 [inline] __set_page_β¦
9.8
CVE-2025-50401 -
Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter password.
0.0
CVE-2025-68255 - staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy() length when copying into a fixed-size 16-byte stackβ¦