| ACPI: pfr_update: Fix the driver update version check |
| CVE-2025-39701 |
No |
No |
– |
– |
– |
|
|
| ALSA: usb-audio: Validate UAC3 power domain descriptors, too |
| CVE-2025-38729 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() |
| CVE-2025-38706 |
No |
No |
– |
– |
– |
4.7 |
4.7 |
| Azure Arc Elevation of Privilege Vulnerability |
| CVE-2025-55316 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Azure Bot Service Elevation of Privilege Vulnerability |
| CVE-2025-55244 |
No |
No |
– |
– |
Critical |
9.0 |
7.8 |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability |
| CVE-2025-49692 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Azure Entra Elevation of Privilege Vulnerability |
| CVE-2025-55241 |
No |
No |
– |
– |
Critical |
9.0 |
7.8 |
| Azure Networking Elevation of Privilege Vulnerability |
| CVE-2025-54914 |
No |
No |
– |
– |
Critical |
10.0 |
8.7 |
| Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability |
| CVE-2025-54108 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| CVE-2025-55223 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability |
| CVE-2025-55238 |
No |
No |
– |
– |
Critical |
7.5 |
6.5 |
| Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file() |
| CVE-2025-7039 |
No |
No |
– |
– |
– |
3.7 |
3.7 |
| Graphics Kernel Remote Code Execution Vulnerability |
| CVE-2025-55226 |
No |
No |
– |
– |
Critical |
6.7 |
5.8 |
| CVE-2025-55236 |
No |
No |
– |
– |
Critical |
7.3 |
6.4 |
| HTTP.sys Denial of Service Vulnerability |
| CVE-2025-53805 |
No |
No |
– |
– |
Important |
7.5 |
6.5 |
| Libsoup: improper handling of http vary header in libsoup caching |
| CVE-2025-9901 |
No |
No |
– |
– |
– |
5.9 |
5.6 |
| Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
| CVE-2025-53809 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| Local Security Authority Subsystem Service Elevation of Privilege Vulnerability |
| CVE-2025-54894 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| LoongArch: BPF: Fix jump offset calculation in tailcall |
| CVE-2025-38723 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| MIPS: Don’t crash in stack_top() for tasks without ABI or vDSO |
| CVE-2025-38696 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| MapUrlToZone Security Feature Bypass Vulnerability |
| CVE-2025-54107 |
No |
No |
– |
– |
Important |
4.3 |
3.8 |
| CVE-2025-54917 |
No |
No |
– |
– |
Important |
4.3 |
3.8 |
| Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability |
| CVE-2025-55317 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Microsoft Brokering File System Elevation of Privilege Vulnerability |
| CVE-2025-54105 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| Microsoft DWM Core Library Elevation of Privilege Vulnerability |
| CVE-2025-53801 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| CVE-2025-53791 |
No |
No |
– |
– |
Moderate |
4.7 |
4.1 |
| Microsoft Excel Information Disclosure Vulnerability |
| CVE-2025-54901 |
No |
No |
– |
– |
Important |
5.5 |
4.8 |
| Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-54896 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54898 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54899 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54902 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54903 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54904 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54900 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability |
| CVE-2025-55232 |
No |
No |
– |
– |
Important |
9.8 |
8.5 |
| Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-54906 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54910 |
No |
No |
– |
– |
Critical |
8.4 |
7.3 |
| Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2025-54907 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Microsoft OfficePlus Spoofing Vulnerability |
| CVE-2025-55243 |
No |
No |
– |
– |
Important |
7.5 |
6.5 |
| Microsoft PowerPoint Remote Code Execution Vulnerability |
| CVE-2025-54908 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-55227 |
No |
No |
– |
– |
Important |
8.8 |
7.7 |
| Microsoft SQL Server Information Disclosure Vulnerability |
| CVE-2025-47997 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| Microsoft SharePoint Remote Code Execution Vulnerability |
| CVE-2025-54897 |
No |
No |
– |
– |
Important |
8.8 |
7.7 |
| Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability |
| CVE-2025-54112 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| Microsoft Word Information Disclosure Vulnerability |
| CVE-2025-54905 |
No |
No |
– |
– |
Important |
7.1 |
6.2 |
| NFS: Fix a race when updating an existing write |
| CVE-2025-39697 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() |
| CVE-2025-39730 |
No |
No |
– |
– |
– |
7.5 |
7.5 |
| Podman: podman kube play command may overwrite host files |
| CVE-2025-9566 |
No |
No |
– |
– |
– |
8.1 |
8.1 |
| PowerShell Direct Elevation of Privilege Vulnerability |
| CVE-2025-49734 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Elevation of Privilege Vulnerability |
| CVE-2025-54895 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| VulnCheck: CVE-2024-21907 Improper Handling of Exceptional Conditions in Newtonsoft.Json |
| CVE-2024-21907 |
Yes |
No |
– |
– |
– |
|
|
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-54099 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| Windows BitLocker Elevation of Privilege Vulnerability |
| CVE-2025-54911 |
No |
No |
– |
– |
Important |
7.3 |
6.4 |
| CVE-2025-54912 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Windows Bluetooth Service Elevation of Privilege Vulnerability |
| CVE-2025-53802 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability |
| CVE-2025-54114 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| Windows Connected Devices Platform Service Elevation of Privilege Vulnerability |
| CVE-2025-54102 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Windows Defender Firewall Service Elevation of Privilege Vulnerability |
| CVE-2025-53808 |
No |
No |
– |
– |
Important |
6.7 |
5.8 |
| CVE-2025-53810 |
No |
No |
– |
– |
Important |
6.7 |
5.8 |
| CVE-2025-54094 |
No |
No |
– |
– |
Important |
6.7 |
5.8 |
| CVE-2025-54104 |
No |
No |
– |
– |
Important |
6.7 |
5.8 |
| CVE-2025-54109 |
No |
No |
– |
– |
Important |
6.7 |
5.8 |
| CVE-2025-54915 |
No |
No |
– |
– |
Important |
6.7 |
5.8 |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2025-53800 |
No |
No |
– |
– |
Critical |
7.8 |
6.8 |
| CVE-2025-53807 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| Windows Graphics Component Remote Code Execution Vulnerability |
| CVE-2025-54919 |
No |
No |
– |
– |
Important |
7.5 |
6.5 |
| CVE-2025-55228 |
No |
No |
– |
– |
Critical |
7.8 |
6.8 |
| Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-54091 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54092 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54098 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| CVE-2025-54115 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| Windows Hyper-V Remote Code Execution Vulnerability |
| CVE-2025-55224 |
No |
No |
– |
– |
Critical |
7.8 |
6.8 |
| Windows Imaging Component Information Disclosure Vulnerability |
| CVE-2025-53799 |
No |
No |
– |
– |
Critical |
5.5 |
4.8 |
| Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2025-54110 |
No |
No |
– |
– |
Important |
8.8 |
7.7 |
| Windows Kernel Memory Information Disclosure Vulnerability |
| CVE-2025-53803 |
No |
No |
– |
– |
Important |
5.5 |
4.8 |
| Windows Kernel-Mode Driver Information Disclosure Vulnerability |
| CVE-2025-53804 |
No |
No |
– |
– |
Important |
5.5 |
4.8 |
| Windows Management Service Elevation of Privilege Vulnerability |
| CVE-2025-54103 |
No |
No |
– |
– |
Important |
7.4 |
6.4 |
| Windows MultiPoint Services Elevation of Privilege Vulnerability |
| CVE-2025-54116 |
No |
No |
– |
– |
Important |
7.3 |
6.4 |
| Windows NTFS Remote Code Execution Vulnerability |
| CVE-2025-54916 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Windows NTLM Elevation of Privilege Vulnerability |
| CVE-2025-54918 |
No |
No |
– |
– |
Critical |
8.8 |
7.7 |
| Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-53797 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| CVE-2025-53798 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| CVE-2025-54095 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| CVE-2025-54096 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| CVE-2025-54097 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| CVE-2025-55225 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| CVE-2025-53796 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| CVE-2025-53806 |
No |
No |
– |
– |
Important |
6.5 |
5.7 |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-54106 |
No |
No |
– |
– |
Important |
8.8 |
7.7 |
| CVE-2025-54113 |
No |
No |
– |
– |
Important |
8.8 |
7.7 |
| Windows SMB Client Remote Code Execution Vulnerability |
| CVE-2025-54101 |
No |
No |
– |
– |
Important |
4.8 |
4.2 |
| Windows SMB Elevation of Privilege Vulnerability |
| CVE-2025-55234 |
Yes |
No |
– |
– |
Important |
8.8 |
7.7 |
| Windows TCP/IP Driver Elevation of Privilege Vulnerability |
| CVE-2025-54093 |
No |
No |
– |
– |
Important |
7.0 |
6.1 |
| Windows UI XAML Maps MapControlSettings Elevation of Privilege Vulnerability |
| CVE-2025-54913 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Windows UI XAML Phone DatePickerFlyout Elevation of Privilege Vulnerability |
| CVE-2025-54111 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| Xbox Certification Bug Copilot Djando Information Disclosure Vulnerability |
| CVE-2025-55242 |
No |
No |
– |
– |
Critical |
6.5 |
5.7 |
| Xbox Gaming Services Elevation of Privilege Vulnerability |
| CVE-2025-55245 |
No |
No |
– |
– |
Important |
7.8 |
6.8 |
| cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters. |
| CVE-2025-57052 |
No |
No |
– |
– |
– |
9.8 |
9.8 |
| comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() |
| CVE-2025-39684 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| comedi: Make insn_rw_emulate_bits() do insn->n samples |
| CVE-2025-39686 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| comedi: fix race between polling and detaching |
| CVE-2025-38687 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| comedi: pcl726: Prevent invalid irq number |
| CVE-2025-39685 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| crypto: qat – flush misc workqueue during device shutdown |
| CVE-2025-39721 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| drbd: add missing kref_get in handle_write_conflicts |
| CVE-2025-38708 |
No |
No |
– |
– |
– |
6.3 |
6.3 |
| drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() |
| CVE-2025-39675 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| drm/amd/display: Avoid a NULL pointer dereference |
| CVE-2025-39693 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| drm/amd/display: fix a Null pointer dereference vulnerability |
| CVE-2025-39705 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| drm/amd/pm: fix null pointer access |
| CVE-2025-38705 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities |
| CVE-2025-39707 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| drm/amdkfd: Destroy KFD debugfs after destroy KFD wq |
| CVE-2025-39706 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). |
| CVE-2025-39679 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| drm/xe: Make dma-fences compliant with the safe access rules |
| CVE-2025-38703 |
No |
No |
– |
– |
– |
7.8 |
7.8 |
| exfat: add cluster chain loop check for dir |
| CVE-2025-38692 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr |
| CVE-2025-38701 |
No |
No |
– |
– |
– |
7.0 |
6.4 |
| f2fs: vm_unmap_ram() may be called from an invalid context |
| CVE-2025-39731 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| fbdev: Fix vmalloc out-of-bounds write in fast_imageblit |
| CVE-2025-38685 |
No |
No |
– |
– |
– |
7.8 |
7.8 |
| fbdev: fix potential buffer overflow in do_register_framebuffer() |
| CVE-2025-38702 |
No |
No |
– |
– |
– |
7.8 |
7.1 |
| fs/buffer: fix use-after-free when call bh_read() helper |
| CVE-2025-39691 |
No |
No |
– |
– |
– |
7.1 |
7.1 |
| fs/ntfs3: Add sanity check for file name |
| CVE-2025-38707 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| ftrace: Also allocate and copy hash for reading of filter files |
| CVE-2025-39689 |
No |
No |
– |
– |
– |
7.1 |
6.5 |
| gfs2: Validate i_depth for exhash directories |
| CVE-2025-38710 |
No |
No |
– |
– |
– |
7.0 |
6.4 |
| gve: prevent ethtool ops after shutdown |
| CVE-2025-38735 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| habanalabs: fix UAF in export_dmabuf() |
| CVE-2025-38722 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| hfs: fix general protection fault in hfs_find_init() |
| CVE-2025-38716 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| hfs: fix slab-out-of-bounds in hfs_bnode_read() |
| CVE-2025-38715 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| hfsplus: don’t use BUG_ON() in hfsplus_create_attributes_file() |
| CVE-2025-38712 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() |
| CVE-2025-38714 |
No |
No |
– |
– |
– |
9.0 |
8.2 |
| hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() |
| CVE-2025-38713 |
No |
No |
– |
– |
– |
6.1 |
6.1 |
| iio: imu: bno055: fix OOB access of hw_xlate array |
| CVE-2025-39719 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| iio: light: as73211: Ensure buffer holes are zeroed |
| CVE-2025-39687 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| io_uring/net: commit partial buffers on retry |
| CVE-2025-38730 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| iommufd: Prevent ALIGN() overflow |
| CVE-2025-38688 |
No |
No |
– |
– |
– |
7.1 |
7.1 |
| ipv6: sr: Fix MAC comparison to be constant-time |
| CVE-2025-39702 |
No |
No |
– |
– |
– |
7.1 |
7.1 |
| jfs: Regular file corruption check |
| CVE-2025-38698 |
No |
No |
– |
– |
– |
7.1 |
6.5 |
| jfs: upper bound check of tree index in dbAllocAG |
| CVE-2025-38697 |
No |
No |
– |
– |
– |
7.1 |
7.1 |
| ksmbd: fix refcount leak causing resource not released |
| CVE-2025-39720 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| loop: Avoid updating block size under exclusive owner |
| CVE-2025-38709 |
No |
No |
– |
– |
– |
7.0 |
6.4 |
| media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls |
| CVE-2025-39711 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() |
| CVE-2025-39713 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| media: usbtv: Lock resolution while streaming |
| CVE-2025-39714 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() |
| CVE-2025-38680 |
No |
No |
– |
– |
– |
3.3 |
3.3 |
| media: venus: Add a check for packet size after reading from shared memory |
| CVE-2025-39710 |
No |
No |
– |
– |
– |
|
|
| media: venus: Fix OOB read due to missing payload bound check |
| CVE-2025-38679 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| media: venus: protect against spurious interrupts during probe |
| CVE-2025-39709 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() |
| CVE-2025-38681 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| net, hsr: reject HSR frame if skb can’t hold tag |
| CVE-2025-39703 |
No |
No |
– |
– |
– |
7.0 |
6.4 |
| net/sched: Fix backlog accounting in qdisc_dequeue_internal |
| CVE-2025-39677 |
No |
No |
– |
– |
– |
7.0 |
6.4 |
| net/sched: ets: use old ‘nbands’ while purging unused classes |
| CVE-2025-38684 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| net/smc: fix UAF on smcsk after smc_listen_out() |
| CVE-2025-38734 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| net: kcm: Fix race condition in kcm_unattach() |
| CVE-2025-38717 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization |
| CVE-2025-38736 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| net: usb: asix_devices: add phy_mask for ax88772 mdio bus |
| CVE-2025-38725 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| netfilter: ctnetlink: fix refcount leak on table dump |
| CVE-2025-38721 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| netfilter: nf_reject: don’t leak dst refcount for loopback packets |
| CVE-2025-38732 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| netfilter: nf_tables: reject duplicate device on updates |
| CVE-2025-38678 |
No |
No |
– |
– |
– |
6.0 |
6.0 |
| nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() |
| CVE-2025-38724 |
No |
No |
– |
– |
– |
6.8 |
6.8 |
| pNFS: Fix uninited ptr deref in block/scsi layout |
| CVE-2025-38691 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| parisc: Revise __get_user() to probe user read access |
| CVE-2025-39716 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| parisc: Revise gateway LWS calls to probe user read access |
| CVE-2025-39715 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| ppp: fix race conditions in ppp_fill_forward_path |
| CVE-2025-39673 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| rcu/nocb: Fix possible invalid rdp’s->nocb_cb_kthread pointer access |
| CVE-2025-38704 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| s390/ism: fix concurrency management in ism_cmd() |
| CVE-2025-39726 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| s390/sclp: Fix SCCB present check |
| CVE-2025-39694 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| scsi: bfa: Double-free fix |
| CVE-2025-38699 |
No |
No |
– |
– |
– |
7.8 |
7.8 |
| scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated |
| CVE-2025-38700 |
No |
No |
– |
– |
– |
4.7 |
4.7 |
| scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure |
| CVE-2025-38695 |
No |
No |
– |
– |
– |
7.0 |
6.4 |
| scsi: qla4xxx: Prevent a potential error pointer dereference |
| CVE-2025-39676 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| sctp: linearize cloned gso packets in sctp_rcv |
| CVE-2025-38718 |
No |
No |
– |
– |
– |
7.0 |
6.4 |
| serial: 8250: fix panic due to PSLVERR |
| CVE-2025-39724 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| smb/server: avoid deadlock when linking with ReplaceIfExists |
| CVE-2025-38711 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| smb3: fix for slab out of bounds on mount to ksmbd |
| CVE-2025-38728 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy() |
| CVE-2025-39692 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| tls: fix handling of zero-length records on the rx_list |
| CVE-2025-39682 |
No |
No |
– |
– |
– |
6.5 |
6.5 |
| tracing: Limit access to parser->buffer when trace_get_user failed |
| CVE-2025-39683 |
No |
No |
– |
– |
– |
7.1 |
7.1 |
| vsock/virtio: Validate length in packet header before skb_put() |
| CVE-2025-39718 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
| wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() |
| CVE-2025-39732 |
No |
No |
– |
– |
– |
7.0 |
7.0 |
| x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper |
| CVE-2025-39681 |
No |
No |
– |
– |
– |
5.5 |
5.5 |
