Vuldb Updates

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.185/6.1.141/6.6.94/6.12.34/6.15.3. This issue affects the function rproc_handle_resources of the component remoteproc. Performing manipulation results in memory leak. This vulnerability was named CVE-2025-38419. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 5.15.185/6.1.141/6.6.93/6.12.33/6.15.2. Affected by this issue is the function atomctrl_initialize_mc_reg_table. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-38319. The attack can only be initiated within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.16-rc2. This affects an unknown function of the component wifi. Executing manipulation can lead to stack-based buffer overflow. The identification of this vulnerability is CVE-2025-38406. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability has been found in Linux Kernel up to 6.12.9/6.13-rc6 and classified as critical. This affects the function zlib_compress_folios. Performing manipulation results in denial of service. This vulnerability is known as CVE-2024-57923. Access to the local network is required for this attack. No exploit is available. The affected component should be upgraded.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.9/6.13-rc6. This impacts the function netfs_read_to_pagecache. Performing manipulation results in buffer overflow. This vulnerability is reported as CVE-2024-57928. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.12.9/6.13-rc6. This vulnerability affects unknown code of the component AMD GPU. Performing manipulation results in race condition. This vulnerability is identified as CVE-2024-57921. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. The impacted element is an unknown function of the component ovl. Executing manipulation can lead to encoding error. This vulnerability is tracked as CVE-2025-21654. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.12.9/6.13-rc6. The impacted element is the function encode_fh. This manipulation causes encoding error. This vulnerability is registered as CVE-2024-57924. The attack requires access to the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 5.15.176/6.1.126/6.6.73/6.12.10. This affects the function ieee802154_if_remove in the library lib/list_debug.c of the component Network Interface Handler. This manipulation causes use after free. This vulnerability is tracked as CVE-2024-57948. The attack is restricted to local execution. No exploit exists. You should upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.126/6.6.73/6.12.10. Affected by this issue is the function imx8mp_blk_ctrl_remove. The manipulation leads to out-of-bounds read. This vulnerability is documented as CVE-2025-21668. The attack requires being on the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.69/6.12.8. It has been rated as problematic. This affects an unknown function of the component gve. This manipulation causes divide by zero. This vulnerability appears as CVE-2024-57932. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been declared as problematic. Affected by this vulnerability is the function dm_bm_read_lock of the file /dev/sdc. The manipulation results in improper initialization. This vulnerability was named CVE-2024-57929. The attack needs to be approached within the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9. It has been classified as critical. This impacts the function list_empty_rcu in the library rculist.h. This manipulation causes null pointer dereference. This vulnerability is registered as CVE-2025-21664. The attack requires access to the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected by this issue is some unknown functionality of the component sch_cake. Performing manipulation results in out-of-bounds read. This vulnerability is reported as CVE-2025-21647. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.6.1. Affected by this issue is the function smp_call_function_many_cond+0x42c/0x436 of the component perf. Executing manipulation can lead to information disclosure. This vulnerability is tracked as CVE-2023-52839. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.7.11/6.8.2. It has been rated as critical. The affected element is an unknown function of the component debugfs. Performing manipulation results in deadlock. This vulnerability is identified as CVE-2024-35793. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability labeled as problematic has been found in Linux Kernel up to 6.1.80/6.6.20/6.7.8. This issue affects the function mctp_local_output of the component net. Executing manipulation can lead to memory leak. This vulnerability is tracked as CVE-2024-27418. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability labeled as critical has been found in Linux Kernel up to 5.15.152/6.1.82/6.6.22/6.7.10/6.8.1. The affected element is the function mtk_ppe_stop of the component Ethernet. Executing manipulation can lead to denial of service. This vulnerability is registered as CVE-2024-27432. The attack requires access to the local network. No exploit is available. The affected component should be upgraded.

A vulnerability described as critical has been identified in Linux Kernel up to 6.6.22/6.7.10/6.8.1. This affects an unknown function of the component iwlwifi. The manipulation results in denial of service. This vulnerability is reported as CVE-2024-27434. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.6.71/6.12.9. Impacted is an unknown function of the component hwmon. Such manipulation leads to uninitialized pointer. This vulnerability is uniquely identified as CVE-2025-21656. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.