5.5
CVE-2025-40361 - kernel: fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7.0
CVE-2025-68301 - net: atlantic: fix fragment overflow handling in RX path
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix fragment overflow handling in RX path The atlantic driver can receive packets with more than MAX_SKB_FRAGS (17) fragments when handling large multi-descriptor packets. This causes an out-of-bounds write in skb_โฆ
0.0
CVE-2025-68314 - drm/msm: make sure last_fence is always updated
In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure last_fence is always updated Update last_fence in the vm-bind path instead of kernel managed path. last_fence is used to wait for work to finish in vm_bind contexts but not used for kernel managed contexts. Tโฆ
7.0
CVE-2025-68242 - NFS: Fix LTP test failures when timestamps are delegated
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The โฆ
0.0
CVE-2025-68189 - drm/msm: Fix GEM free for imported dma-bufs
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix GEM free for imported dma-bufs Imported dma-bufs also have obj->resv != &obj->_resv. So we should check both this condition in addition to flags for handling the _NO_SHARE case. Fixes this splat that was reported wโฆ
9.8
CVE-2025-50401 -
Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter password.
0.0
CVE-2025-68318 - clk: thead: th1520-ap: set all AXI clocks to CLK_IS_CRITICAL
In the Linux kernel, the following vulnerability has been resolved: clk: thead: th1520-ap: set all AXI clocks to CLK_IS_CRITICAL The AXI crossbar of TH1520 has no proper timeout handling, which means gating AXI clocks can easily lead to bus timeout and thus system hang. Set all AXI clock gates tโฆ
7.0
CVE-2025-68231 - mm/mempool: fix poisoning order>0 pages with HIGHMEM
In the Linux kernel, the following vulnerability has been resolved: mm/mempool: fix poisoning order>0 pages with HIGHMEM The kernel test has reported: BUG: unable to handle page fault for address: fffba000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present paโฆ
5.3
CVE-2025-65581 -
An open redirect vulnerability exists in the Account module in Volosoft ABP Framework >= 5.1.0 and < 10.0.0-rc.2. Improper validation of the returnUrl parameter in the register function allows an attacker to redirect users to arbitrary external domains.
0.0
CVE-2025-68257 - comedi: check device's attached status in compat ioctls
In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue [1] that crashes kernel, seemingly due to unexistent callback dev->get_valid_routes(). By all means, this should not occur as said callback must aโฆ