Vuldb Updates

A vulnerability classified as critical was found in Linux Kernel up to 5.15.196/6.1.158/6.6.118/6.12.60/6.17.10. This issue affects the function intel_punit_ioc. Executing a manipulation can lead to memory corruption. This vulnerability appears as CVE-2025-68303. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.17.10 and classified as critical. This affects the function afs_parse_source. Executing a manipulation can lead to privilege escalation. The identification of this vulnerability is CVE-2025-68299. The attack needs to be done within the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.12.60/6.17.10. Affected by this issue is the function lookup_mnt_ns. This manipulation causes improper update of reference count. This vulnerability is registered as CVE-2025-68300. The attack requires access to the local network. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.17.10. It has been rated as critical. This affects the function skb_add_rx_frag_netmem of the component Atlantic Driver. Performing a manipulation results in out-of-bounds write. This vulnerability is identified as CVE-2025-68301. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.12.60/6.17.10. It has been classified as critical. This vulnerability affects the function btusb_mtk_claim_iso_intf. The manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2025-68298. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.6.118/6.12.60/6.17.10. The affected element is the function process_v2_sparse_read of the component Ceph. Performing a manipulation results in state issue. This vulnerability is reported as CVE-2025-68297. The attacker must have access to the local network to execute the attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.17.10. It has been rated as critical. Impacted is the function cifs_construct_tcon of the component smb. This manipulation causes memory leak. This vulnerability is tracked as CVE-2025-68295. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.60/6.17.10. This vulnerability affects the function vga_switcheroo_client_fb_set. Performing a manipulation results in improper initialization. This vulnerability is reported as CVE-2025-68296. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.12.60/6.17.10. Impacted is the function hugetlb_add_to_page_cache of the component memfd. Such manipulation leads to information disclosure. This vulnerability is documented as CVE-2025-68292. The attack requires being on the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.12.60/6.17.10. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the component huge_memory. Performing a manipulation results in null pointer dereference. This vulnerability is identified as CVE-2025-68293. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability described as critical has been identified in Linux Kernel up to 6.17.10. This affects an unknown part of the component io_uring. Such manipulation leads to buffer overflow. This vulnerability is documented as CVE-2025-68294. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.17.10. This impacts the function ioctl_sg01 of the component USB Protocol. The manipulation leads to memory leak. This vulnerability is documented as CVE-2025-68288. The attack requires being on the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.17.10. This impacts an unknown function of the component MOST Driver. Executing a manipulation can lead to use after free. This vulnerability is tracked as CVE-2025-68290. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.17.10. Affected is the function f_eem of the component usb. The manipulation results in memory leak. This vulnerability is reported as CVE-2025-68289. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.12.60/6.17.10 and classified as critical. Affected is the function tcp_send_active_reset. Such manipulation leads to divide by zero. This vulnerability is referenced as CVE-2025-68291. The attack needs to be initiated within the local network. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.17.10 and classified as critical. This impacts the function dwc3_remove_requests of the component usb. This manipulation causes use after free. The identification of this vulnerability is CVE-2025-68287. The attack needs to be done within the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.17.10. This vulnerability affects the function kms_cursor_legacy of the component display. The manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-68286. The attack must originate from the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.158/6.6.118/6.12.60/6.17.10. This affects the function usb_gadget_state_work. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-68282. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.196/6.1.158/6.6.118/6.12.60/6.17.10. It has been declared as critical. This issue affects the function handle_auth_session_key of the component libceph. The manipulation of the argument len results in out-of-bounds write. This vulnerability is identified as CVE-2025-68284. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.17.10. The impacted element is the function have_mon_and_osd_map of the component libceph. Performing a manipulation results in use after free. This vulnerability is cataloged as CVE-2025-68285. The attack must originate from the local network. There is no exploit available. You should upgrade the affected component.