Aggregator

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.68/6.18.8. This vulnerability affects the function skb_segment_list. This manipulation causes privilege escalation. This vulnerability is tracked as CVE-2026-23154. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.

摩尔线程完成 MiniMax M2.5 模型 Day-0 适配，支持 MTT S5000 GPU；宇树科技 CEO 王兴兴：具身智能时代的牛顿还没诞生；字节将卖掉沐瞳，金额或超 414 亿元

A vulnerability marked as critical has been reported in Linux Kernel up to 6.1.133/6.6.86/6.12.22/6.13.10/6.14.1. This vulnerability affects the function ksmbd_sessions_deregister. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-22041. Access to the local network is required for this attack to succeed. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.1.133/6.6.86/6.12.22/6.13.10/6.14.1. This affects the function ksmbd_sessions_deregister of the component ksmbd. Executing a manipulation can lead to improper update of reference count. This vulnerability appears as CVE-2025-22040. The attacker needs to be present on the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability described as critical has been identified in Linux Kernel up to 6.1.133/6.6.86/6.12.22/6.13.10/6.14.1. This issue affects some unknown processing. The manipulation results in memory corruption. This vulnerability is known as CVE-2025-22042. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.1.133/6.6.86/6.12.22/6.13.10/6.14.1. It has been rated as problematic. Affected is the function num_subauth of the component ksmbd. This manipulation causes out-of-bounds read. This vulnerability is registered as CVE-2025-22038. The attack requires access to the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1. The affected element is the function alloc_preauth_hash. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-22037. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.12.22/6.13.10/6.14.1. Affected by this issue is the function smb_check_perm_dacl of the component ksmbd. Performing a manipulation of the argument dacloffset results in null pointer dereference. This vulnerability is reported as CVE-2025-22039. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.14.1. Affected is the function print_graph_function_flags of the component tracing. Such manipulation leads to use after free. This vulnerability is traded as CVE-2025-22035. Access to the local network is required for this attack to succeed. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1 and classified as critical. This issue affects the function PageTail of the component gup. Such manipulation leads to improper update of reference count. This vulnerability is listed as CVE-2025-22034. The attack must be carried out from within the local network. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.12.22/6.13.10/6.14.1. Affected by this issue is the function block_read_full_folio of the component exfat. Executing a manipulation can lead to race condition. This vulnerability is handled as CVE-2025-22036. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability has been found in Linux Kernel up to 6.1.133/6.6.86/6.12.22/6.13.10/6.14.1 and classified as critical. This vulnerability affects the function do_compat_alignment_fixup of the component Virtual Address Handler. This manipulation causes null pointer dereference. This vulnerability is tracked as CVE-2025-22033. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.13.10/6.14.1. It has been declared as critical. The affected element is the function pci_bus of the component bwctrl. Executing a manipulation can lead to null pointer dereference. This vulnerability is registered as CVE-2025-22031. The attack requires access to the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.12.22/6.13.10/6.14.1. Affected by this vulnerability is the function mt792x_rx_get_wcid of the component mt7921. Such manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2025-22032. The attack requires being on the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1. It has been declared as problematic. This impacts the function crypto_free_acomp of the component zswap. The manipulation of the argument acomp_ctx results in improper initialization. This vulnerability is cataloged as CVE-2025-22030. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.

Refloow Geo Forensics: A Free Batch Image Geolocation and EXIF Forensics Tool for OSINT

马年限定！红包封面大派送~