cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21683,https://securityvulnerability.io/vulnerability/CVE-2025-21683,Memory Leak in Linux Kernel's TCP Socket with SO_ATTACH_REUSEPORT_EBPF,"A vulnerability exists in the Linux kernel that affects TCP socket handling when using the SO_ATTACH_REUSEPORT_EBPF option. A memory leak can occur when a TCP socket, previously marked for reuse with this option, becomes established. The issue arises due to improper reference counting, leading to an unreferenced object in memory. This can facilitate resource exhaustion and potential system performance degradation, especially in high-traffic environments. The fix involves ensuring that socket references are appropriately handled in both error and normal processing paths, preventing memory leaks associated with TCP socket reuse.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,false,false,false,,2025-01-31T11:25:42.903Z,0
CVE-2025-21682,https://securityvulnerability.io/vulnerability/CVE-2025-21682,Linux Kernel Vulnerability in BNXT Driver Reconfiguration Process,"A vulnerability exists in the Linux kernel's BNXT driver where a null pointer dereference can occur during the reconfiguration of network device features when the eXpress Data Path (XDP) is detached. This issue arises when there is a failure to re-enable hardware offloading features correctly after detaching XDP, leading to unpredictable states in the driver. Specifically, the driver does not manage simultaneous configuration changes robustly, resulting in potential crashes due to access attempts to freed memory. The problem is rooted in the changes introduced with the XDP feature and affects systems utilizing this driver.",Linux,Linux,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-31T11:25:42.160Z,0
CVE-2025-21681,https://securityvulnerability.io/vulnerability/CVE-2025-21681,Infinite Loop Vulnerability in Open vSwitch Affecting Linux Kernel,"In the Linux kernel, a vulnerability was identified in Open vSwitch related to the transmission of packets to unregistering network devices. When a device is being unregistered, the 'real_num_tx_queues' can drop to zero, potentially leading to an infinite loop in the skb_tx_hash function. This condition can occur even when the device reports a carrier status of OK, particularly with the net/dummy device, which does not implement necessary state changes during unregistration. Consequently, encountering this flaw could lock the core indefinitely, and the only recourse is to reboot the system. The vulnerability has been addressed by requiring checks on both the device's running status and carrier state, ensuring better handling during the unregistration process.",Linux,Linux,,,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:41.491Z,0
CVE-2025-21680,https://securityvulnerability.io/vulnerability/CVE-2025-21680,Out-of-Bounds Access Vulnerability in Linux Kernel's Packet Generator Component,"An out-of-bounds access vulnerability exists in the Linux kernel's pktgen module, which can occur when a user provides an excessive number of imix entries. The flaw arises due to insufficient boundary checks, potentially resulting in access to invalid memory locations within the pkt_dev->imix_entries array. This vulnerability was identified in the Linux Kernel version 6.10.0-rc1 and can compromise system stability and security if exploited. Proper validation is required to prevent improper array access during operations related to packet generation.",Linux,Linux,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:40.831Z,0
CVE-2025-21679,https://securityvulnerability.io/vulnerability/CVE-2025-21679,Memory Access Vulnerability in Linux Kernel Affecting Btrfs,"A vulnerability in the Linux kernel's Btrfs file system arises from inadequate error handling within the get_canonical_dev_path() function. When the d_path() function fails and returns an error, it can lead to an invalid memory access during the subsequent strscpy() call, potentially allowing for unexpected behavior or crashes. Proper error handling has been added to mitigate this issue, ensuring the stability and security of the Linux kernel.",Linux,Linux,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-31T11:25:40.171Z,0
CVE-2025-21678,https://securityvulnerability.io/vulnerability/CVE-2025-21678,Device Management Flaw in Linux Kernel's GTP Implementation by The Linux Foundation,"A vulnerability exists in the GTP implementation of the Linux Kernel that affects the device management process related to UDP sockets within network namespaces. Specifically, the GTP interface does not properly associate the device with the correct network namespace after the UDP socket is created. This flaw leads to potential resource management instability when the source network namespace is removed, causing system instability and potential crashes. It is crucial that the Linux kernel's handling of GTP devices and sockets is reviewed and updated to ensure proper linkage and cleanup to prevent such issues.",Linux,Linux,,,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-01-31T11:25:39.500Z,0
CVE-2025-21677,https://securityvulnerability.io/vulnerability/CVE-2025-21677,Buffer Overflow in Linux Kernel Affecting Network Namespace Handling,"A vulnerability exists in the Linux Kernel's handling of network namespaces, specifically in the PFCP (Packet Forwarding Control Protocol) device management. The issue arises when a PFCP device, linked to a UDP socket across different network namespaces, persists even after the original network is removed. This can lead to unforeseen system behavior and potential stability issues during the cleanup processes of network namespaces. The flaw necessitates enhanced iterations to ensure the correct deallocation of devices and resolves concerns around resource management in a multi-namespace environment. Mitigating this vulnerability is crucial for maintaining the integrity and performance of networking operations within the Linux system.",Linux,Linux,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-31T11:25:38.809Z,0
CVE-2025-21676,https://securityvulnerability.io/vulnerability/CVE-2025-21676,Memory Management Issue in Linux Kernel's FEC Driver,"A vulnerability exists in the Linux kernel's FEC driver where the fec_enet_update_cbd function fails to properly manage memory allocation errors. Specifically, when calling the page_pool_dev_alloc_pages function, a NULL pointer can be used — which leads to system crashes under memory pressure. This issue may not occur frequently but can surface during high-load scenarios, such as writing over a SMB share. The proper fix involves dropping the current packet when a memory allocation error is detected to ensure system stability.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:38.126Z,0
CVE-2025-21675,https://securityvulnerability.io/vulnerability/CVE-2025-21675,Kernel Vulnerability in the Linux Kernel Affecting Multiple Network Components,"A vulnerability in the Linux kernel's mlx5 network components allows a NULL pointer dereference, potentially leading to system crashes. If port selection structure fails to initialize correctly, it results in double destruction of lag definers. This creates stale values in the system, triggering a kernel crash and unstable behavior in network operations. Proper error handling and port state management are crucial to mitigate these issues.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:37.457Z,0
CVE-2025-21674,https://securityvulnerability.io/vulnerability/CVE-2025-21674,Linux Kernel Vulnerability in IPsec Tunnel Mode Affecting Multiple Versions,"The Linux kernel vulnerability arises from an improper locking mechanism when enabling IPsec packet offload in tunnel mode, potentially triggering a kernel panic. This is caused by a sequence of lock dependencies that could result in a deadlock scenario. Specifically, an issue exists in the SA add section where the appropriate _bh() variant should be employed for marking SA mode, while the flush_workqueue in the SA delete routine is deemed unnecessary. This vulnerability calls for immediate attention to avoid service interruptions and maintain network security.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:36.661Z,0
CVE-2025-21673,https://securityvulnerability.io/vulnerability/CVE-2025-21673,Double Free Vulnerability in Linux Kernel CIFS Client,"A vulnerability has been identified in the CIFS client of the Linux Kernel, where a double free scenario occurs due to improper management of the TCP_Server_Info::hostname during server shutdown. In the cifs_put_tcp_session() function, if the cifsd thread attempts to reconnect to multiple DFS targets, it may not realize it should exit the loop, leading to potential memory corruption. This can result in critical errors and application crashes, emphasizing the importance of applying patches and updates to maintain system security.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:35.922Z,0
CVE-2025-21672,https://securityvulnerability.io/vulnerability/CVE-2025-21672,Linux Kernel Vulnerability in AFS Component,"A vulnerability in the Linux kernel's AFS component was identified, which results in a failure to properly release held inode locks when returning to user space. This issue arises when the argument count is less than zero, leading to a direct return from the function without cleaning up. The bug has been addressed by modifying the error handling to store the error code and appropriately cleanup the held locks, preventing potential deadlock scenarios.",Linux,Linux,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-31T11:25:35.246Z,0
CVE-2025-21671,https://securityvulnerability.io/vulnerability/CVE-2025-21671,Use After Free Vulnerability in Linux Kernel's Zram Component,"The vulnerability involves a potential use after free issue in the Zram component of the Linux kernel. If the initialization of zram_meta_alloc fails early, the allocated memory for zram->table is freed but not set to NULL. This can result in a scenario where zram_meta_free could try to access the table, leading to undefined behavior or security risks if a user resets a failed and uninitialized device.",Linux,Linux,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:34.546Z,0
CVE-2025-21670,https://securityvulnerability.io/vulnerability/CVE-2025-21670,Null Pointer Dereference Vulnerability in Linux Kernel vsock Related Functions,"A vulnerability in the Linux kernel's vsock handling can cause a null pointer dereference error due to the absence of an assigned transport. If a socket is in a state where the transport is not set, such as after a connection failure, it may lead to unsafe kernel operations. This flaw can be triggered in various situations, particularly during socket message retrieval, and poses a risk of system instability and unexpected behaviors. To mitigate this risk, it is crucial to ensure checks on the transport layer are properly implemented.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:33.874Z,0
CVE-2025-21669,https://securityvulnerability.io/vulnerability/CVE-2025-21669,Linux Kernel Vulnerability Affecting Socket Transport Management,"In the Linux kernel, a flaw in the vsock/virtio component may result in unintended behavior when socket assignments change. Specifically, if a socket is either de-assigned or reassigned, any incoming packets could lead to a NULL pointer dereference if `vsk->transport` is not properly validated. This issue can arise under conditions where a first connection attempt is disrupted and a subsequent attempt fails, leaving `vsk->transport` set to NULL. The implications of this vulnerability could lead to application instability and security risks. It is essential for users running affected Linux kernel versions to apply the latest security updates to mitigate potential threats.",Linux,Linux,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-01-31T11:25:33.185Z,0
CVE-2025-21668,https://securityvulnerability.io/vulnerability/CVE-2025-21668,Out-of-Bounds Exception in Linux Kernel Affecting imx8mp_blk_ctrl Module,"A vulnerability exists in the imx8mp_blk_ctrl component of the Linux kernel, where a missing loop break condition in the imx8mp_blk_ctrl_remove() function can lead to an out-of-bounds exception. This flaw may cause the system to behave unexpectedly, potentially compromising the stability and security of the affected device. The issue arises when the removal process does not exit correctly, which could be exploited in a scenario where device shutdown is improperly managed. Users are encouraged to update to patched versions of the kernel to mitigate any risks associated with this defect.",Linux,Linux,,,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:32.477Z,0
CVE-2025-21667,https://securityvulnerability.io/vulnerability/CVE-2025-21667,Linux Kernel Vulnerability in iomap Affecting XFS Filesystem,"A vulnerability in the Linux kernel's handling of file operations, specifically within the iomap subsystem, could result in issues when embedded in 32-bit architectures. The function iomap_write_delalloc_scan() improperly utilized a 32-bit position derived from folio_next_index(), leading to potential infinite loops during write operations on XFS filesystems. This flaw emphasizes the importance of appropriate data type management to prevent unexpected behavior during file writes.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,false,false,false,,2025-01-31T11:25:31.792Z,0
CVE-2025-21666,https://securityvulnerability.io/vulnerability/CVE-2025-21666,Null Pointer Dereference Vulnerability in Linux Kernel vsock,"A vulnerability has been identified in the Linux kernel related to the vsock implementation, where certain functions can be invoked on de-assigned vsock sockets. This might lead to null pointer dereference issues when checking for data availability. The recent changes ensure that instead of dereferencing a null pointer, the system now returns zero while logging a warning for debugging purposes. This design aims to preserve the operational integrity of the kernel while addressing potential future instances of similar vulnerabilities.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,false,false,false,,2025-01-31T11:25:31.138Z,0
CVE-2025-21665,https://securityvulnerability.io/vulnerability/CVE-2025-21665,Linux Kernel Vulnerability Leading to Infinite Loop on XFS Filesystem,"A vulnerability in the Linux kernel's file handling mechanism caused 32-bit truncation of a 64-bit offset, specifically within the folio_seek_hole_data() function. This oversight can potentially trigger an infinite loop when operations are performed on XFS filesystems, leading to system instability and performance issues. It’s crucial for users and administrators to be aware of this issue and apply appropriate patches to prevent exploitation.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,false,false,false,,2025-01-31T11:25:30.468Z,0
CVE-2024-57948,https://securityvulnerability.io/vulnerability/CVE-2024-57948,Memory Corruption in Linux Kernel 802.15.4 Interface Management,"A vulnerability in the Linux kernel's handling of IEEE 802.15.4 network interfaces can lead to memory corruption. The issue arises when an IEEE 802.15.4 network interface is improperly deleted after the associated hardware device has been unregistered. Specifically, during the interface removal process, checks for local interfaces must be performed to prevent manipulation of a corrupted data list. Failure to do so can result in significant system instability and potential exploitation. This flaw has been reported and fixed in the Linux kernel, ensuring enhanced stability and security in future updates.",Linux,Linux,,,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-01-31T11:25:29.762Z,0
CVE-2024-57947,https://securityvulnerability.io/vulnerability/CVE-2024-57947,Buffer Initialization Issue in Linux Kernel Netfilter Leading to Set Matching Errors,"A vulnerability in the Linux kernel's Netfilter component affects the initial buffer initialization for pipapo map fills. The flaw occurs when the initial buffer is not properly set, leading to potential incorrect matching results when the size of the first element in a set is smaller than the maximum allowed size. This misconfiguration can cause improper results to propagate during subsequent rounds of matching, potentially compromising data integrity. A follow-up patch has been introduced to improve the self-test script, ensuring more robust validation of this functionality.",Linux,Linux,,,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-23T13:54:20.267Z,0
CVE-2024-24423,https://securityvulnerability.io/vulnerability/CVE-2024-24423,Buffer Overflow Vulnerability in Linux Foundation Magma Software,"A buffer overflow has been identified in the Linux Foundation’s Magma software, specifically in the decode_esm_message_container function found in the EsmMessageContainer.cpp file. This vulnerability can be exploited by attackers, allowing them to send crafted NAS packets to the system, resulting in a Denial of Service (DoS). The issue affects versions up to 1.8.0 and has been resolved in version 1.9 as identified in commit 08472ba98b8321f802e95f5622fa90fec2dea486. Users are encouraged to upgrade to the latest version to mitigate potential risks.",Linux Foundation,Magma,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-24422,https://securityvulnerability.io/vulnerability/CVE-2024-24422,Stack Overflow Vulnerability in Magma by The Linux Foundation,"The Linux Foundation Magma product, versions prior to 1.9, has a vulnerability that enables attackers to trigger a stack overflow in the decode_protocol_configuration_options function, specifically located in /3gpp/3gpp_24.008_sm_ies.c. This issue can be exploited through a specially crafted NAS packet, leading to a Denial of Service (DoS), impacting service availability.",The Linux Foundation,Magma,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-24419,https://securityvulnerability.io/vulnerability/CVE-2024-24419,Buffer Overflow Vulnerability in Linux Foundation Magma Version <= 1.8.0,"A critical buffer overflow vulnerability has been identified in the Linux Foundation Magma up to version 1.8.0. This issue resides in the decode_traffic_flow_template_packet_filter function, specifically located in the /3gpp/3gpp_24.008_sm_ies.c file. If exploited, this vulnerability could allow attackers to launch a Denial of Service (DoS) attack by sending specially crafted NAS packets, leading to system instability and disruption of service.",Linux Foundation,Magma,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-24418,https://securityvulnerability.io/vulnerability/CVE-2024-24418,Buffer Overflow Vulnerability in Linux Foundation Magma Software,"A buffer overflow has been identified in the Linux Foundation's Magma software, specifically in the decode_pdn_address function. This vulnerability, present in versions up to 1.8.0, can be exploited by attackers who send specially crafted NAS packets, resulting in a Denial of Service (DoS). The issue has been addressed in version 1.9, ensuring users can safeguard their systems against potential disruptions by upgrading promptly.",Linux Foundation,Magma,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0