7.1
CVE-2025-55284 - Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration β¦
Claude Code is an agentic coding tool. Prior to version 1.0.4, it's possible to bypass the Claude Code confirmation prompts to read a file and then send file contents over the network without user confirmation due to an overly broad allowlist of safe commands. Reliably exploiting this requires the β¦
7.3
CVE-2025-55286 - z2d OOB drawing with new multi-sample anti-aliasing could lead to invalid memory access and corruptβ¦
z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing (MSAA) method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing (SSAA) method. Under cerβ¦
5.5
CVE-2023-4515 - ksmbd: validate command request size
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed ("ksmbd: validate command payload size"), except for SMB2_OPLOCK_BREAK_HE command, the request size of other commands is not checked, it's not expected. Fix it by add chβ¦
5.5
CVE-2025-38531 - iio: common: st_sensors: Fix use of uninitialize device structs
In the Linux kernel, the following vulnerability has been resolved: iio: common: st_sensors: Fix use of uninitialize device structs Throughout the various probe functions &indio_dev->dev is used before it is initialized. This caused a kernel panic in st_sensors_power_enable() when the call to devβ¦
5.5
CVE-2025-38525 - rxrpc: Fix irq-disabled in local_bh_enable()
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in local_bh_enable() The rxrpc_assess_MTU_size() function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpc_new_incoming_call() β¦
5.5
CVE-2025-38544 - rxrpc: Fix bug due to prealloc collision
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix bug due to prealloc collision When userspace is using AF_RXRPC to provide a server, it has to preallocate incoming calls and assign to them call IDs that will be used to thread related recvmsg() and sendmsg() together.β¦
5.5
CVE-2025-38506 - KVM: Allow CPU to reschedule while setting per-page memory attributes
In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory (1TB+), the host can experience CPU soft lockups when running an operation in kvm_vm_sβ¦
7.8
CVE-2025-38552 - mptcp: plug races between subflow fail and subflow creation
In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution β¦
5.5
CVE-2025-38551 - virtio-net: fix recursived rtnl_lock() during probe()
In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix recursived rtnl_lock() during probe() The deadlock appears in a stack trace like: virtnet_probe() rtnl_lock() virtio_config_changed_work() netdev_notify_peers() rtnl_lock() It happens if β¦
7.8
CVE-2025-38550 - ipv6: mcast: Delay put pmc->idev in mld_del_delrec()
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc->idev in mld_del_delrec() pmc->idev is still used in ip6_mc_clear_src(), so as mld_clear_delrec() does, the reference should be put after ip6_mc_clear_src() return.