7.8
CVE-2025-71092 - RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats()
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update") added three new counters and placed them after BNXT_RE_OUT_OF_SEQ_ERR. BNXT_RE_OUT_OF_SEQ_ERR acβ¦
5.5
CVE-2025-71070 - ublk: clean up user copy references on ublk server exit
In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLK_REFCOUNT_INIT. Beβ¦
7.8
CVE-2025-71068 - svcrdma: bound check rq_pages index in inline path
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rq_pages index in inline path svc_rdma_copy_inline_range indexed rqstp->rq_pages[rc_curpage] without verifying rc_curpage stays within the allocated page array. Add guards before the first use and after advanβ¦
0.0
CVE-2025-68808 - media: vidtv: initialize local pointers upon transfer of memory ownership
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local pointers upon transfer of memory ownership vidtv_channel_si_init() creates a temporary list (program, service, event) and ownership of the memory itself is transferred to the PAT/SDT/EIT tables throβ¦
5.5
CVE-2025-68820 - ext4: xattr: fix null pointer deref in ext4_raw_inode()
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4_raw_inode() If ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED), iloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all() lacks error checking, this will lead β¦
0.0
CVE-2025-68781 - usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal
In the Linux kernel, the following vulnerability has been resolved: usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal The delayed work item otg_event is initialized in fsl_otg_conf() and scheduled under two conditions: 1. When a host controller binds to the OTG controlleβ¦
5.5
CVE-2025-71090 - nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg()
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg() nfsd4_add_rdaccess_to_wrdeleg() unconditionally overwrites fp->fi_fds[O_RDONLY] with a newly acquired nfsd_file. However, if the client already has a SHARE_ACCβ¦
8.8
CVE-2025-68707 -
An authentication bypass vulnerability in the Tongyu AX1800 Wi-Fi 6 Router with firmware 1.0.0 allows unauthenticated network-adjacent attackers to perform arbitrary configuration changes without providing credentials, as long as a valid admin session is active. This can result in full compromise oβ¦
5.5
CVE-2025-71072 - shmem: fix recovery on rename failures
In the Linux kernel, the following vulnerability has been resolved: shmem: fix recovery on rename failures maple_tree insertions can fail if we are seriously short on memory; simple_offset_rename() does not recover well if it runs into that. The same goes for simple_offset_rename_exchange(). Morβ¦
0.0
CVE-2025-68812 - kernel: media: iris: Add sanity check for stop streaming
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.