cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21699,https://securityvulnerability.io/vulnerability/CVE-2025-21699,GFS2 Inode Address Space Management Vulnerability in Linux Kernel,"A vulnerability exists in the Linux kernel related to the GFS2 file system's handling of inode address space when the GFS2_DIF_JDATA flag is toggled. This issue arises from the improper management of inode states, where the kernel may erroneously mix buffer heads with iomap_folio_state structures. Such a flaw could lead to inconsistencies in the inode's address space management, potentially causing data corruption or system instability.",Linux,Linux,,,0.01,false,,false,false,false,,false,false,false,,2025-02-12T13:52:50.962Z,0
CVE-2025-21698,https://securityvulnerability.io/vulnerability/CVE-2025-21698,Linux Kernel Vulnerability Impacts Tegra Systems,"A recently addressed vulnerability in the Linux kernel has caused unexpected crashes on Tegra systems. This issue emerged due to changes made in the USB gadget layer, specifically related to managing the state of communication ports. The solution involved reverting a previous commit that unintentionally enabled null pointers, leading to system instability. As a result, users are advised to ensure their systems are updated to the latest kernel versions to mitigate potential disruptions.",Linux,Linux,,,0.01,false,,false,false,false,,false,false,false,,2025-02-12T13:52:50.352Z,0
CVE-2024-57952,https://securityvulnerability.io/vulnerability/CVE-2024-57952,Directory Offset Vulnerability in Linux Kernel,"A vulnerability in the Linux kernel's handling of directory offsets can lead to the permanent disappearance of directory entries in specific scenarios. This occurs when the offset allocator wraps around on 32-bit platforms, resulting in the readdir(3) function's inability to list existing entries due to improper comparison logic introduced in a prior commit. The fix involves reverting a previous change to ensure proper handling of directory offsets on all architectures, particularly to prevent this issue from affecting older and low-capacity systems.",Linux,Linux,,,0.01,false,,false,false,false,,false,false,false,,2025-02-12T13:52:45.229Z,0
CVE-2025-21697,https://securityvulnerability.io/vulnerability/CVE-2025-21697,Linux Kernel Vulnerability in DRM V3D Driver Impacting Device Stability,"In the Linux kernel, a vulnerability exists in the DRM V3D driver related to the handling of job pointers. Upon job completion, the driver fails to set the corresponding pointer to NULL, resulting in misleading warnings during driver unloading that suggest the job is still active. This oversight can lead to stability issues within the device, as improper job state management may cause unforeseen behavior or crashes. To enhance device reliability, it is essential to ensure that the job pointer is properly nullified following job completion.",Linux,Linux,,,0.01,false,,false,false,false,,false,false,false,,2025-02-12T13:27:55.488Z,0
CVE-2025-21696,https://securityvulnerability.io/vulnerability/CVE-2025-21696,Linux Kernel Memory Management Inconsistency in Userfaultfd Implementation,"A vulnerability exists in the Linux kernel's handling of memory management, specifically during the mremap() system call for memory regions registered with userfaultfd. An inconsistency arises when the uffd-wp (userfaultfd write-protection) flag is not properly cleared in the page table entries (PTE) and page middle directories (PMD) after a memory remapping operation. This mismatch can lead to erroneous behaviors, such as inappropriate settings of writable permissions, resulting in warnings in page_table_check_pte_flags(). To mitigate this issue, it's crucial that the kernel consistently clears the uffd-wp flags, ensuring alignment between the virtual memory area (VMA) flags and the PTE/PMD flags across all relevant paths, including PTE, huge PMD, and hugetlb implementations.",Linux,Linux,,,0.01,false,,false,false,false,,false,false,false,,2025-02-12T13:27:54.905Z,0
CVE-2025-21695,https://securityvulnerability.io/vulnerability/CVE-2025-21695,Race Condition Vulnerability in Linux Kernel Affects Dell Products,"A race condition vulnerability exists in the Linux kernel impacting Dell devices due to improper ordering in the dell_uart_bl_serdev_probe() function. This flaw occurs when devm_serdev_device_open() is invoked prior to setting the client operations, leading to a potential NULL pointer dereference in the serdev controller's receive_buf handler. The kernel assumes that the client operations are valid when the SERPORT_ACTIVE state is activated. To mitigate this issue, it is crucial to sequence these operations correctly, ensuring that the client ops are established before opening the device, thereby preventing any unintended behavior or system instability.",Linux,Linux,,,0.01,false,,false,false,false,,false,false,false,,2025-02-12T13:27:54.344Z,0
CVE-2025-21694,https://securityvulnerability.io/vulnerability/CVE-2025-21694,Linux Kernel Softlockup in kdump Memory Processing,"In the Linux kernel, an issue was identified concerning softlockups during kdump memory processing. While improvements were made to reduce softlockups with a recent commit, occurrences still arise, particularly in memory-constrained environments where kdump operates. These softlockups can disrupt critical functions such as RCU memory freeing, effectively hindering the dump process. To mitigate this, a new condition for rescheduling was introduced in the second loop of the __read_vmcore function, aiming to enhance responsiveness during data write operations.",Linux,Linux,,,0.01,false,,false,false,false,,false,false,false,,2025-02-12T13:27:53.763Z,0
CVE-2024-57951,https://securityvulnerability.io/vulnerability/CVE-2024-57951,CPU State Handling Vulnerability in Linux Kernel by The Linux Foundation,"A vulnerability exists within the Linux kernel's handling of CPU states during hotplug operations. This issue arises when a CPU transitions through various states, particularly from online to unplugged and back. The hrtimers_prepare_cpu() function fails to execute, resulting in the hrtick being incorrectly assumed as active, which can lead to the clockevent device becoming permanently stuck in a mode that hampers its functionality. Additionally, the CPU's online state may not be properly reset, causing potential instability with dangling pointers. To mitigate this risk, a callback mechanism has been introduced to properly reset the CPU state and ensure consistent behavior during hotplug processes.",Linux,Linux,,,0.01,false,,false,false,false,,false,false,false,,2025-02-12T13:27:53.124Z,0
CVE-2025-21693,https://securityvulnerability.io/vulnerability/CVE-2025-21693,Linux Kernel Vulnerability in zswap Resource Management,"A resource management flaw exists in the Linux kernel's zswap mechanism. This vulnerability arises during CPU hotunplug operations, where a situation can occur that leads to the use-after-free (UAF) condition. Specifically, when utilizing the crypto_acomp API in zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx can lead to complications if the original CPU is removed while resources are in use. If the acomp_ctx's resources are freed during the hotunplug process, it results in critical failures. The vulnerability necessitated refinements in the synchronization process to ensure safe management of resources across CPU hotplug events.",Linux,Linux,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-10T15:58:49.056Z,0
CVE-2025-21692,https://securityvulnerability.io/vulnerability/CVE-2025-21692,Out-Of-Bound Indexing Vulnerability in Linux Kernel Affecting Network Scheduling,"A vulnerability in the Linux kernel's network scheduling component (ets_class_from_arg function) allows indexing of an out-of-bound class when a specific argument is passed. This flaw can lead to local privilege escalation, enabling attackers to execute arbitrary code with elevated privileges. The issue arises when the class identifier (clid) is set to 0, leading to potential system compromises. Recent patches have addressed this vulnerability, ensuring that the affected versions of the Linux kernel maintain integrity against such exploits.",Linux,Linux,,,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-10T15:58:48.087Z,0
CVE-2025-21691,https://securityvulnerability.io/vulnerability/CVE-2025-21691,Linux Kernel Page Cache Statistics Vulnerability in Cachestat System Call,"A vulnerability in the Linux kernel's cachestat system call allows unauthorized access to page cache statistics. Initially designed for improved performance, the cachestat function failed to implement proper checks for writability and ownership, leaving it susceptible to exploitation. This oversight mirrors a previously resolved issue in the mincore system call and necessitates careful attention to ensure proper file context checks are enforced.",Linux,Linux,,,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-10T15:58:47.219Z,0
CVE-2025-21690,https://securityvulnerability.io/vulnerability/CVE-2025-21690,Denial of Service Vulnerability in Linux Kernel SCSI Components,"A vulnerability has been identified within the Linux kernel's SCSI components that could lead to a denial of service condition. If persistent errors occur within the hypervisor, warning logs related to failed I/O operations may generate excessively, flooding the kernel log. This excessive logging can result in maxing out CPU utilization, ultimately hindering troubleshooting efforts from the virtual machine (VM) perspective. The fix introduces a ratelimit on the SCSI warning logs to prevent this flooding and reduce the potential impact on VM performance.",Linux,Linux,,,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-10T15:58:46.392Z,0
CVE-2025-21689,https://securityvulnerability.io/vulnerability/CVE-2025-21689,Null Pointer Dereference in Linux Kernel USB Serial Quatech2 Driver,"A vulnerability in the USB Serial Quatech2 Driver of the Linux kernel arises from an incorrect bounds check in the qt2_process_read_urb() function. This flaw can lead to a null pointer dereference if the 'newport' variable exceeds the valid range of available ports. Specifically, when 'newport' matches the upper bound of the 'serial->num_ports', an out-of-bounds assignment causes the 'port' variable to dereference a NULL pointer. A patch has been implemented to rectify this issue by adjusting the conditional check to ensure 'newport' does not exceed the valid index range.",Linux,Linux,,,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-10T15:58:45.493Z,0
CVE-2025-21688,https://securityvulnerability.io/vulnerability/CVE-2025-21688,Race Condition in Linux Kernel's DRM v3d Component Affecting Raspberry Pi Products,"A race condition exists in the DRM v3d component of the Linux kernel, where the job pointer is assigned NULL post-job completion. This can lead to a NULL pointer dereference if the IRQ execution thread signals the fence just as a new job starts executing, potentially causing the system to crash when the GPU interrupts. This vulnerability affects various Raspberry Pi models running the impacted Linux kernel versions.",Linux,Linux,,,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-10T15:58:44.717Z,0
CVE-2025-21687,https://securityvulnerability.io/vulnerability/CVE-2025-21687,Linux Kernel Vulnerability with VFIO Platform Read/Write Syscall Checks,"A vulnerability exists in the Linux kernel's VFIO platform due to inadequate validation of parameters passed from user space through read/write syscalls. Specifically, while the offset is limited to 40 bits, the count parameter lacks proper bounds checking, enabling an attacker to read from or write to memory locations outside the intended device bounds. This oversight could lead to data corruption or unauthorized access to sensitive data, making it critical for system administrators to apply the necessary updates to safeguard their systems.",Linux,Linux,,,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-10T15:58:43.944Z,0
CVE-2025-21686,https://securityvulnerability.io/vulnerability/CVE-2025-21686,Linux Kernel io_uring Buffer Accounting Vulnerability,"A vulnerability in the Linux kernel's io_uring implementation allows improper accounting of cloned buffers between different memory management instances. When buffers are cloned from one io_uring instance to another, there can be discrepancies in memory counting. If the first io_uring instance is closed while the second is still active, the second instance may incorrectly decrement memory counters associated with the first, potentially leading to negative values in memory locking. This can disrupt the expected performance and resource management of the system, impacting application stability and security.",Linux,Linux,,,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-10T15:58:43.005Z,0
CVE-2024-57950,https://securityvulnerability.io/vulnerability/CVE-2024-57950,Denominator Initialization Vulnerability in Linux Kernel Affecting AMD Graphics,"A vulnerability exists in the Linux kernel related to the AMD graphics display system, where certain denominator variables were not properly initialized. If these variables are left to default values, they risk being assigned a zero value, which can lead to a DIVIDE_BY_ZERO error. This issue has been addressed to ensure that denominator defaults to a non-zero value, safeguarding the functionality of the graphics driver and enhancing system stability.",Linux,Linux,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-10T15:58:42.107Z,0
CVE-2025-21685,https://securityvulnerability.io/vulnerability/CVE-2025-21685,Race Condition in Lenovo Yoga Tab 2 Pro Fast Charger Component,"A race condition exists in the 'yt2_1380_fc_serdev_probe()' function of the Lenovo Yoga Tab 2 Pro's fast charger component, where the function calls 'devm_serdev_device_open()' prior to setting the client operations via 'serdev_device_set_client_ops()'. This improper sequencing can lead to a NULL pointer dereference in the receive_buf handler of the serdev controller, resulting in potential system instability. The vulnerability is akin to a previous issue addressed in related bugs, where device initialization was insufficient before enabling critical operations. To mitigate this vulnerability, the fix ensures that client operations are properly configured before enabling the device port.",Linux,Linux,4.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-09T11:37:25.264Z,0
CVE-2025-21684,https://securityvulnerability.io/vulnerability/CVE-2025-21684,Spinlock Vulnerability in Xilinx GPIO Driver for Linux Kernel,"The Xilinx GPIO Driver for the Linux kernel has a vulnerability where irq_chip functions can be incorrectly called in a raw spinlock context. This required the internal locking mechanism to also utilize a raw spinlock. The issue has led to problematic wait contexts that can result in system instability or unwanted behavior during interrupt handling. The fix ensures that the driver correctly handles lock acquisition and context management, enhancing the reliability and security of the GPIO interface.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-09T11:37:24.610Z,0
CVE-2024-57949,https://securityvulnerability.io/vulnerability/CVE-2024-57949,Linux Kernel Interrupt Management Vulnerability in GIC-v3 ITS,"A vulnerability in the Linux kernel's GIC-v3 ITS arises from improper interrupt management within the irq_set_vcpu_affinity function. Specifically, this issue occurs in a nested interrupt-disabled context, where interrupts can be inadvertently enabled due to the incorrect use of guard functions. The problem was introduced in a recent commit that changed the locking mechanism, leading to potential system instability and unexpected behaviors. It is essential for system administrators to apply the latest patches to mitigate this vulnerability and ensure the integrity and reliability of their systems.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-09T11:37:23.906Z,0
CVE-2023-52925,https://securityvulnerability.io/vulnerability/CVE-2023-52925,Linux Kernel Vulnerability in Netfilter Affecting Nftables Functionality,"A vulnerability in the Linux kernel's netfilter component allows for incorrect handling of expired duplicate entries during insertion operations in nftables. This flaw, linked to the mishandling of expired elements, has the potential to disrupt the expected behavior of nftables' element activation and deletion processes, posing risks to system stability and security. Furthermore, the implementation asymmetry observed in nft_pipapo_activate and other element handlers could lead to unintended consequences in how duplicate elements are processed. It is crucial for users to apply the latest updates to ensure that expired entries are properly ignored, maintaining the integrity of the kernel's netfilter functionality.",Linux,Linux,6.2,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-02-05T09:07:56.434Z,0
CVE-2023-52924,https://securityvulnerability.io/vulnerability/CVE-2023-52924,Linux Kernel Netfilter Vulnerability in Verdict Maps,"This vulnerability in the Linux kernel's netfilter component relates to a flaw in how the system handles the life cycle of verdict map set elements. When operating with timeouts enabled, a problematic sequence occurs between the set removal in userspace and the kernel's walk processes. If an element in the verdict map has expired, it gets skipped during the list traversal, preventing the update of the chain use count. This oversight can result in a WARN splat when removal is attempted later, ultimately leading to memory leaks and instability within the nft_chain structure. The flaw underscores the importance of appropriate management of element states within the kernel to ensure system integrity.",Linux,Linux,,,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-02-05T09:07:55.418Z,0
CVE-2025-21683,https://securityvulnerability.io/vulnerability/CVE-2025-21683,Memory Leak in Linux Kernel's TCP Socket with SO_ATTACH_REUSEPORT_EBPF,"A vulnerability exists in the Linux kernel that affects TCP socket handling when using the SO_ATTACH_REUSEPORT_EBPF option. A memory leak can occur when a TCP socket, previously marked for reuse with this option, becomes established. The issue arises due to improper reference counting, leading to an unreferenced object in memory. This can facilitate resource exhaustion and potential system performance degradation, especially in high-traffic environments. The fix involves ensuring that socket references are appropriately handled in both error and normal processing paths, preventing memory leaks associated with TCP socket reuse.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,false,false,false,,2025-01-31T11:25:42.903Z,0
CVE-2025-21682,https://securityvulnerability.io/vulnerability/CVE-2025-21682,Linux Kernel Vulnerability in BNXT Driver Reconfiguration Process,"A vulnerability exists in the Linux kernel's BNXT driver where a null pointer dereference can occur during the reconfiguration of network device features when the eXpress Data Path (XDP) is detached. This issue arises when there is a failure to re-enable hardware offloading features correctly after detaching XDP, leading to unpredictable states in the driver. Specifically, the driver does not manage simultaneous configuration changes robustly, resulting in potential crashes due to access attempts to freed memory. The problem is rooted in the changes introduced with the XDP feature and affects systems utilizing this driver.",Linux,Linux,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-31T11:25:42.160Z,0
CVE-2025-21681,https://securityvulnerability.io/vulnerability/CVE-2025-21681,Infinite Loop Vulnerability in Open vSwitch Affecting Linux Kernel,"In the Linux kernel, a vulnerability was identified in Open vSwitch related to the transmission of packets to unregistering network devices. When a device is being unregistered, the 'real_num_tx_queues' can drop to zero, potentially leading to an infinite loop in the skb_tx_hash function. This condition can occur even when the device reports a carrier status of OK, particularly with the net/dummy device, which does not implement necessary state changes during unregistration. Consequently, encountering this flaw could lock the core indefinitely, and the only recourse is to reboot the system. The vulnerability has been addressed by requiring checks on both the device's running status and carrier state, ensuring better handling during the unregistration process.",Linux,Linux,,,0.00044999999227002263,false,,false,false,false,,false,false,false,,2025-01-31T11:25:41.491Z,0