7.8
CVE-2025-7425 - Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acceβ¦
5.5
CVE-2025-38321 - smb: Log an error when close_all_cached_dirs fails
In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when close_all_cached_dirs fails Under low-memory conditions, close_all_cached_dirs() can't move the dentries to a separate list to dput() them once the locks are dropped. This will result in a "Dentry still in β¦
7.1
CVE-2025-38320 - arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
In the Linux kernel, the following vulnerability has been resolved: arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth() KASAN reports a stack-out-of-bounds read in regs_get_kernel_stack_nth(). Call Trace: [ 97.283505] BUG: KASAN: stack-out-of-bounds in regs_get_kernel_staβ¦
5.5
CVE-2025-38278 - octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback This patch addresses below issues, 1. Active traffic on the leaf node must be stopped before its send queue is reassigned to the parent. This patch resolves the issue β¦
5.5
CVE-2025-38268 - usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work A state check was previously added to tcpm_queue_vdm_unlocked to prevent a deadlock where the DisplayPort Alt Mode driver would be executing work and attempting β¦
5.5
CVE-2025-38331 - net: ethernet: cortina: Use TOE/TSO on all TCP
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb->len to the "TOE/TSO" offloader and it will handle them. Without this quiβ¦
5.5
CVE-2025-38285 - bpf: Fix WARN() in get_bpf_raw_tp_regs
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN() in get_bpf_raw_tp_regs syzkaller reported an issue: WARNING: CPU: 3 PID: 5971 at kernel/trace/bpf_trace.c:1861 get_bpf_raw_tp_regs+0xa4/0x100 kernel/trace/bpf_trace.c:1861 Modules linked in: CPU: 3 UID: 0 PID: 59β¦
5.5
CVE-2025-38287 - IB/cm: Drop lockdep assert and WARN when freeing old msg
In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cm_id has advanced to another message. The cm_id lock is not needed in this case, but a recent change re-used cm_free_priv_msg(),β¦
4.7
CVE-2025-38306 - fs/fhandle.c: fix a race in call of has_locked_children()
In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks. That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem β¦
5.5
CVE-2025-38327 - fgraph: Do not enable function_graph tracer when setting funcgraph-args
In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable function_graph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never rβ¦