Aggregator

A vulnerability was found in Linux Kernel up to 6.12.33/6.15.2. It has been rated as critical. This issue affects the function arm_ni_init. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2025-38168. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.141/6.6.93/6.12.33/6.15.2. It has been classified as problematic. This affects the function do_sme_acc. The manipulation leads to insufficient verification of data authenticity. This vulnerability is uniquely identified as CVE-2025-38170. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.2. It has been declared as problematic. This vulnerability affects unknown code of the file kernel/locking/mutex.c of the component af_packet. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-38150. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.2 and classified as critical. Affected by this issue is the function refcount_t of the component RDMA. The manipulation leads to use after free. This vulnerability is handled as CVE-2025-38161. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

By breaking down internal silos, leveraging advanced technology and embracing industrywide cooperation, organizations can shift from reactive to proactive fraud prevention to protect revenue and reputation while supporting sustainable business growth. 

The post Beyond Silos: The Power of Internal Collaboration on Transforming Fraud Prevention appeared first on Security Boulevard.

A vulnerability has been found in Linux Kernel up to 6.6.93/6.12.33/6.15.2 and classified as critical. Affected by this vulnerability is the function phy_detach. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-38149. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.141/6.6.93/6.12.33/6.15.2. Affected is an unknown function of the component net. The manipulation leads to memory leak. This vulnerability is traded as CVE-2025-38148. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.15.2. This issue affects the function __be32 of the component openvswitch. The manipulation leads to improper validation of array index. The identification of this vulnerability is CVE-2025-38146. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.15.2. This vulnerability affects the function aspeed_lpc_enable_snoop of the component soc. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-38145. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.141/6.6.93/6.12.33/6.15.2. This affects the function read_string of the component hwmon. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-38142. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.2. It has been declared as critical. Affected by this vulnerability is the function udma_probe of the component dmaengine. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-38138. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.2. It has been rated as critical. Affected by this issue is the function wled_configure of the component backlight. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-38143. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.2. It has been classified as critical. Affected is the function devm_ioremap of the component watchdog. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-38144. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A significant security vulnerability discovered in the widely used Sudo utility has remained hidden for over 12 years, potentially exposing millions of Linux and Unix systems to privilege escalation attacks.  The vulnerability identified as CVE-2025-32462 allows unauthorized users to gain root access on affected systems by exploiting the Sudo host option functionality. Key Takeaways1. 12-Year-Old […]

The post 12-Year-Old Sudo Linux Vulnerability Enables Privilege Escalation to Root User appeared first on Cyber Security News.

A vulnerability was found in Linux Kernel up to 6.15.2 and classified as problematic. This issue affects the function usbhs_probe of the component usb. The manipulation leads to improper initialization. The identification of this vulnerability is CVE-2025-38136. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.15.2 and classified as critical. This vulnerability affects the function mlb_usio_probe of the component serial. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-38135. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.15.2. This affects the function ad4851_parse_channels_common. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-38133. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.