7.0
CVE-2025-40064 - smc: Fix use-after-free in __pnet_find_base_ndev().
In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in __pnet_find_base_ndev(). syzbot reported use-after-free of net_device in __pnet_find_base_ndev(), which was called during connect(). [0] smc_pnet_find_ism_resource() fetches sk_dst_get(sk)->dev and pasβ¦
7.5
CVE-2025-61103 - frr: NULL pointer dereference in show_vty_ext_link_lan_adj_sid() in ospf_ext.c
FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
7.5
CVE-2025-60800 -
Incorrect access control in the /jshERP-boot/user/info interface of jshERP up to commit 90c411a allows attackers to access sensitive information via a crafted GET request.
5.5
CVE-2025-40032 - PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dma_chan_tx and dma_chan_rx of the struct pci_epf_test can be NULL even after EPF initialization. Then it is prudent to check that they have nβ¦
7.5
CVE-2025-54604 -
Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption (issue 1 of 2).
5.5
CVE-2025-40028 - binder: fix double-free in dbitmap
In the Linux kernel, the following vulnerability has been resolved: binder: fix double-free in dbitmap A process might fail to allocate a new bitmap when trying to expand its proc->dmap. In that case, dbitmap_grow() fails and frees the old bitmap via dbitmap_free(). However, the driver calls dbitβ¦
5.5
CVE-2025-40079 - riscv, bpf: Sign extend struct ops return values properly
In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Sign extend struct ops return values properly The ns_bpf_qdisc selftest triggers a kernel panic: Unable to handle kernel paging request at virtual address ffffffffa38dbf58 Current test_progs pgtable: 4K pagesβ¦
5.5
CVE-2025-40077 - f2fs: fix to avoid overflow while left shift operation
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid overflow while left shift operation Should cast type of folio->index from pgoff_t to loff_t to avoid overflow while left shift operation.
7.0
CVE-2025-40071 - tty: n_gsm: Don't block input queue by waiting MSC
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Don't block input queue by waiting MSC Currently gsm_queue() processes incoming frames and when opening a DLC channel it calls gsm_dlci_open() which calls gsm_modem_update(). If basic mode is used it calls gsm_modem_uβ¦
5.5
CVE-2025-40067 - fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist Index allocation requires at least one bit in the $BITMAP attribute to track usage of index entries. If the bitmap is empty while index blocks are already preβ¦