7.0
CVE-2025-68283 - libceph: replace BUG_ON with bounds check for map->max_osd
In the Linux kernel, the following vulnerability has been resolved: libceph: replace BUG_ON with bounds check for map->max_osd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against map->max_osd. [ idryomov: drop BUG_ON in ceph_get_primary_affinity()β¦
0.0
CVE-2025-68258 - comedi: multiq3: sanitize config options in multiq3_attach()
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3_attach() Syzbot identified an issue [1] in multiq3_attach() that induces a task timeout due to open() or COMEDI_DEVCONFIG ioctl operations, specifically, in the case of multiq3 β¦
5.5
CVE-2025-68206 - netfilter: nft_ct: add seqadj extension for natted connections
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload (IP, port) on the ftp control connection. This can reβ¦
7.0
CVE-2025-68208 - bpf: account for current allocated stack depth in widen_imprecise_scalars()
In the Linux kernel, the following vulnerability has been resolved: bpf: account for current allocated stack depth in widen_imprecise_scalars() The usage pattern for widen_imprecise_scalars() looks as follows: prev_st = find_prev_entry(env, ...); queued_st = push_stack(...); widen_imβ¦
5.5
CVE-2025-68224 - kernel: scsi: core: Fix a regression triggered by scsi_host_busy()
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
0.0
CVE-2025-68203 - kernel: drm/amdgpu: fix lock warning in amdgpu_userq_fence_driver_process
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
0.0
CVE-2025-68247 - posix-timers: Plug potential memory leak in do_timer_create()
In the Linux kernel, the following vulnerability has been resolved: posix-timers: Plug potential memory leak in do_timer_create() When posix timer creation is set to allocate a given timer ID and the access to the user space value faults, the function terminates without freeing the already allocaβ¦
9.8
CVE-2025-62864 -
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context.
9.8
CVE-2025-50398 -
Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter fac_password.
7.0
CVE-2025-68243 - NFS: Check the TLS certificate fields in nfs_match_client()
In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfs_match_client() If the TLS security policy is of type RPC_XPRTSEC_TLS_X509, then the cert_serial and privkey_serial fields need to match as well since they define the client's identity,β¦