5.5
CVE-2025-71132 - smc91x: fix broken irq-context in PREEMPT_RT
In the Linux kernel, the following vulnerability has been resolved: smc91x: fix broken irq-context in PREEMPT_RT When smc91x.c is built with PREEMPT_RT, the following splat occurs in FVP_RevC: [ 13.055000] smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000 [ 13.062137] BUG: woβ¦
7.1
CVE-2025-71133 - RDMA/irdma: avoid invalid read in irdma_net_event
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdma_net_event irdma_net_event() should not dereference anything from "neigh" (alias "ptr") until it has checked that the event is NETEVENT_NEIGH_UPDATE. Other events come with different structuβ¦
5.5
CVE-2025-71113 - crypto: af_alg - zero initialize memory allocated via sock_kmalloc
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - zero initialize memory allocated via sock_kmalloc Several crypto user API contexts and requests allocated with sock_kmalloc() were left uninitialized, relying on callers to set fields explicitly. This resulted inβ¦
6.5
CVE-2025-14242 - Vsftpd: vsftpd: denial of service via integer overflow in ls command parameter parsing
A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence.
5.5
CVE-2025-71134 - mm/page_alloc: change all pageblocks migrate type on coalescing
In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: change all pageblocks migrate type on coalescing When a page is freed it coalesces with a buddy into a higher order page while possible. When the buddy page migrate type differs, it is expected to be updated to maβ¦
6.1
CVE-2025-67833 -
Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthenticated attacker via the tag parameter.
5.5
CVE-2025-71142 - cpuset: fix warning when disabling remote partition
In the Linux kernel, the following vulnerability has been resolved: cpuset: fix warning when disabling remote partition A warning was triggered as follows: WARNING: kernel/cgroup/cpuset.c:1651 at remote_partition_disable+0xf7/0x110 RIP: 0010:remote_partition_disable+0xf7/0x110 RSP: 0018:ffffc900β¦
9.8
CVE-2025-70968 - freeimage: FreeImage: Arbitrary code execution via Use After Free in PluginTARGA.cpp;loadRLE()
FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE().
5.5
CVE-2025-71108 - usb: typec: ucsi: Handle incorrect num_connectors capability
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect num_connectors capability The UCSI spec states that the num_connectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and iβ¦
5.5
CVE-2025-71127 - wifi: mac80211: Discard Beacon frames to non-broadcast address
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames to non-broadcast address Beacon frames are required to be sent to the broadcast address, see IEEE Std 802.11-2020, 11.1.3.1 ("The Address 1 field of the Beacon .. frame shall be set to the brβ¦