Vulnerabilities > Linux > High

DATE CVE VULNERABILITY TITLE RISK
2025-02-27 CVE-2025-21741 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the fixed-size NDP16 header.
local
low complexity
linux
7.1
2025-02-27 CVE-2025-21742 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the `wNdpIndex` value in NTH16.
local
low complexity
linux
7.1
2025-02-27 CVE-2025-21743 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength > U16_MAX.
local
low complexity
linux
7.1
2025-02-27 CVE-2025-21780 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().
local
low complexity
linux
7.8
2025-02-27 CVE-2025-21782 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefs_debug_write I got a syzbot report: slab-out-of-bounds Read in orangefs_debug_write...
local
low complexity
linux
7.1
2025-02-27 CVE-2025-21785 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache.
local
low complexity
linux
7.8
2025-02-27 CVE-2025-21789 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit 69e3a6aa6be2 ("LoongArch: Add checksum optimization for 64-bit system") would cause an undefined shift and an out-of-bounds read. Commit 8bd795fedb84 ("arm64: csum: Fix OoB access in IP checksum code for negative lengths") fixes the same issue on ARM64.
local
low complexity
linux
7.1
2025-02-27 CVE-2025-21791 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_out() Add rcu_read_lock() / rcu_read_unlock() pair to avoid a potential UAF.
local
low complexity
linux CWE-416
7.8
2025-02-27 CVE-2025-21794 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() Syzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from hid-thrustmaster driver.
local
low complexity
linux
7.1
2025-02-27 CVE-2025-21797 Use After Free vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Add missing delayed work cancel for headset status The cancel_delayed_work_sync() call was missed, causing a use-after-free in corsair_void_remove().
local
low complexity
linux CWE-416
7.8