Skip to main content
CVE-2025-21764 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-58003 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ds90ub9x3: Fix extra fwnode_handle_put() The ub913 and ub953 drivers call fwnode_handle_put(priv->sd.fwnode) as part of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-54456 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() name is char[64] where the size of clnt->cl_program->name remains. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57984 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition In dw_i3c_common_probe, &master->hj_work is bound with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21812 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Google +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21739 HIGH PATCH This Week

Use-after-free in Linux kernel UFS driver (versions 6.14-rc1 and earlier) allows local authenticated attackers to achieve arbitrary code execution, information disclosure, or denial of service. The flaw occurs during driver initialization error handling and removal paths when the crypto profile structure is freed before the device cleanup handler runs. Patches available from kernel.org (commits 0c77c0d, 9c185be, f8fb240) and distributions (Red Hat RHSA-2025:20518, multiple SUSE advisories). EPSS score 0.04% indicates low observed exploitation probability; no public exploit code or CISA KEV listing confirmed.

Use After Free Memory Corruption Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21729 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion The rtwdev->scanning flag isn't protected by mutex originally,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Lenovo +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21714 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using __xa_cmpxchg() to make. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Use After Free Memory Corruption Linux Denial Of Service Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21734 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix copy buffer page size For non-registered buffer, fastrpc driver copies the buffer and pass it to the remote. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21724 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() Resolve a UBSAN shift-out-of-bounds issue in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57998 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure we. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21796 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21772 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Linux
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-54458 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21800 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset When bit offset for HWS_SET32 macro is negative, UBSAN complains. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Linux Linux Kernel Red Hat Suse
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-58034 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() As of_find_node_by_name() release the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Nvidia +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-58004 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: remove cpu latency qos request on error Fix cpu latency qos list corruption like below. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Intel Linux Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-49570 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-57990 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925_load_clc() This comparison should be >= instead of > to prevent an out of bounds read. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21786 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: workqueue: Put the pwq after detaching the rescuer from the pool The commit 68f83057b913("workqueue: Reap workers via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21780 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-58013 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync This fixes the following crash:. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Google Denial Of Service +3
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21756 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Linux Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-25759 HIGH This Week

An issue in the component admin_template.php of SUCMS v1.0 allows attackers to execute a directory traversal and arbitrary file deletion via a crafted GET request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Path Traversal Sucms
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2025-1691 HIGH PATCH This Week

The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature to input and run obfuscated. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection Mongosh
NVD
CVSS 3.1
7.6
EPSS
0.2%
CVE-2025-22280 HIGH This Week

Missing Authorization vulnerability in revmakx DefendWP Firewall allows Exploiting Incorrectly Configured Access Control Security Levels.1.0. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
7.6
EPSS
0.1%
CVE-2024-41335 HIGH This Week

Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-25333 HIGH This Week

An issue in IKEA CN iOS 4.13.0 allows attackers to access sensitive user information via supplying a crafted link. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure iOS
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-41338 HIGH This Week

A NULL pointer dereference in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Vigor165 Firmware Vigor166 Firmware Vigor2620 Firmware +17
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2024-41336 HIGH This Week

Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-25760 HIGH This Week

A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of SUCMS v1.0 allows attackers to access internal data and services via a crafted GET request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF PHP Sucms
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-1756 HIGH PATCH This Week

mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Mongosh Codeready Linux Builder Eus Codeready Linux Builder For Arm64 Eus Codeready Linux Builder For Ibm Z Systems Eus +9
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-1755 HIGH This Week

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Compass Enterprise Linux For Arm 64 Enterprise Linux For Ibm Z Systems Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions +1
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-25761 HIGH This Week

HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the component Appcenter.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PHP Hkcms
NVD GitHub
CVSS 3.1
7.2
EPSS
0.2%
CVE-2024-2297 HIGH This Week

The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

WordPress PHP RCE Privilege Escalation Bricks
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-23687 HIGH This Week

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in simonhunter Woo Store Mode allows Reflected XSS.0.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-1739 HIGH This Week

An Authentication Bypass vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-58007 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2024-58014 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-21719 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mr_mfc_uses_dev() for unres entries syzbot found that calling mr_mfc_uses_dev() for unres entries would crash. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Buffer Overflow Linux
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-21717 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq kvzalloc_node is not doing a runtime check on the. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2024-58015 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-21789 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit 69e3a6aa6be2 ("LoongArch: Add checksum optimization. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-21743 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-21742 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Linux Buffer Overflow Apple Linux Kernel +3
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-21741 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs to the amount that fits into the. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2024-57982 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in parallel. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-21794 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() Syzbot[1] has detected a stack-out-of-bounds read. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-21782 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefs_debug_write I got a syzbot report: slab-out-of-bounds Read in orangefs_debug_write... Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-21815 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: mm/compaction: fix UBSAN shift-out-of-bounds warning syzkaller reported a UBSAN shift-out-of-bounds warning of (1UL << order) in. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
Prev Page 2 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy