Heap buffer out-of-bounds read vulnerability in the Linux kernel's dm-raid subsystem that allows a local attacker with unprivileged access to read sensitive kernel memory and cause a denial of service. The vulnerability exists in the raid_status function which incorrectly casts mddev->private pointers to struct r5conf regardless of actual RAID type, leading to invalid memory access when non-RAID4/5/6 configurations are used. While no public exploit or KEV status indicates active exploitation, the low-complexity attack vector and high information disclosure risk warrant prompt patching of affected kernel versions.
CVE-2022-50094 is a security vulnerability (CVSS 7.1). High severity vulnerability requiring prompt remediation. Vendor patch is available.
Use-after-free vulnerability in the Linux kernel's max20086 regulator driver where stack-allocated memory is passed to a device-managed deallocation function, causing invalid memory access when the device fails to probe. This affects users of max20086 power management hardware; an unprivileged local attacker can trigger device probe failure to cause a kernel memory access violation, potentially leading to information disclosure or denial of service.
Use-after-free / out-of-bounds memory access vulnerability in the Linux kernel's virtual terminal (vt) subsystem triggered when changing console fonts via the KDFONTOP ioctl. An unprivileged local attacker with console access can crash the kernel or potentially achieve information disclosure by exploiting improper selection buffer handling during font size changes. The vulnerability requires local access and user-level privileges, making it a moderate-to-high-risk issue affecting kernel versions prior to the fix.
Race condition vulnerability in the Linux kernel's ext4 filesystem that occurs between the bmap syscall and concurrent write operations. A local attacker with user-level privileges can trigger a kernel WARNING (WARN_ON_ONCE) by exploiting timing differences in inode state checks, potentially causing denial of service through kernel warning/panic or information disclosure. The vulnerability requires a local account and moderate timing precision to exploit.
CVE-2025-38051 is a security vulnerability (CVSS 7.0). High severity vulnerability requiring prompt remediation. Vendor patch is available.
A remote code execution vulnerability (CVSS 7.0). High severity vulnerability requiring prompt remediation. Vendor patch is available.
Use-after-free (UAF) vulnerability in the Linux kernel's binder IPC mechanism triggered by a race condition between transaction processing and process cleanup. An attacker with local access and limited privileges can trigger a kernel panic or potentially achieve code execution by exploiting the race between BINDER_TYPE_WEAK_HANDLE transaction failure and target process deferred release. The vulnerability affects Linux kernel versions prior to the fix being merged; there is no indication of active exploitation in the wild (KEV status unknown from provided data), but the local attack vector and CVSS 7.0 score warrant prompt patching.