CVEs from 2025
Total
8,956
critical
critical 1,368
high
high 2,067
medium
medium 2,068
low
low 204
% Critical
15.3%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 110
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-38344 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I w… | |||
| CVE-2025-38313 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix double-free on mc_dev The blamed commit tried to simplify how the deallocations are done but, in the process, in… | |||
| CVE-2025-40276 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Flush shmem writes before mapping buffers CPU-uncached The shmem layer zeroes out the new pages using cached mapping… | |||
| CVE-2025-40362 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not… | |||
| CVE-2025-40267 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: ensure allocated iovec gets cleared for early failure A previous commit reused the recyling infrastructure for early… | |||
| CVE-2025-38341 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnic_mbx_map_msg() retains the own… | |||
| CVE-2025-38315 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check dsbr size from EFI variable Since the size of struct btintel_dsbr is already known, we can just start t… | |||
| CVE-2025-38227 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtv_mu… | |||
| CVE-2025-38311 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iavf: get rid of the crit lock Get rid of the crit lock. That frees us from the error prone logic of try_locks. Thanks to netdev… | |||
| CVE-2025-22037 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in alloc_preauth_hash() The Client send malformed smb2 negotiate request. ksmbd return error … | |||
| CVE-2025-40260 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix scx_enable() crash on helper kthread creation failure A crash was observed when the sched_ext selftests runner was… | |||
| CVE-2025-21649 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is sent on HIP08 devices Currently, HIP08 devices does not register the ptp devices, so the… | |||
| CVE-2025-39814 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset Issuing a reset when the driver is loaded without RDMA support… | |||
| CVE-2025-37827 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: return EIO on RAID1 block group write pointer mismatch There was a bug report about a NULL pointer dereference in _… | |||
| CVE-2025-40255 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower() The ethtool tsconfig Netlink path can trigger a null pointer dere… | |||
| CVE-2025-40249 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput() on a file descriptor, the … | |||
| CVE-2025-38181 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocatin… | |||
| CVE-2025-10892 | unknown | — | — | — | Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-10200 | unknown | — | — | — | Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severi… | |||
| CVE-2025-10890 | unknown | — | — | — | Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-68221 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix address removal logic in mptcp_pm_nl_rm_addr Fix inverted WARN_ON_ONCE condition that prevented normal address removal… | |||
| CVE-2025-8580 | unknown | — | — | — | Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2025-40241 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: erofs: fix crafted invalid cases for encoded extents Robert recently reported two corrupted images that can cause system crashes,… | |||
| CVE-2025-40236 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: virtio-net: zero unused hash fields When GSO tunnel is negotiated virtio_net_hdr_tnl_from_skb() tries to initialize the tunnel me… | |||
| CVE-2025-38309 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xe_svm_init() earlier In xe_vm_close_and_put() we need to be able to call xe_svm_fini(), however during vm creati… | |||
| CVE-2025-32364 | unknown | — | — | — | A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. | |||
| CVE-2025-38308 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw Search result of avs_dai_find_path_template() shall be verified bef… | |||
| CVE-2025-39816 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths Since the buffers are mapped from userspace, it is pru… | |||
| CVE-2025-40228 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: catch commit test ctx alloc failure Patch series "mm/damon/sysfs: fix commit test damon_ctx [de]allocation". DAM… | |||
| CVE-2025-40227 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc commit test ctx always The damon_ctx for testing online DAMON parameters commit inputs is deallocated onl… | |||
| CVE-2025-38307 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify content returned by parse_int_array() The first element of the returned array stores its length. If it i… | |||
| CVE-2025-38306 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks… | |||
| CVE-2025-40224 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() The driver allocates memory for sensor data using devm_kzalloc(),… | |||
| CVE-2025-68370 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: coresight: tmc: add the handle of the event to the path The handle is essential for retrieving the AUX_EVENT of each CPU and is r… | |||
| CVE-2025-21771 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix incorrect autogroup migration detection scx_move_task() is called from sched_move_task() and tells the BPF schedul… | |||
| CVE-2025-38305 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() There is no disagreement that we should check both ptp->is_virtual_… | |||
| CVE-2025-40213 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete There is a BUG: KASAN: stack-out-of-bounds in set_mesh_sync due… | |||
| CVE-2025-40212 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix refcount leak in nfsd_set_fh_dentry() nfsd exports a "pseudo root filesystem" which is used by NFSv4 to find the variou… | |||
| CVE-2025-10531 | unknown | — | — | — | Mitigation bypass in the Web Compatibility: Tooling component. This vulnerability was fixed in Firefox 143 and Thunderbird 143. | |||
| CVE-2025-40210 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or… | |||
| CVE-2025-26843 | unknown | — | — | — | ||||
| CVE-2025-40208 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec:… | |||
| CVE-2025-22036 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: exfat: fix random stack corruption after get_block When get_block is called with a buffer_head allocated on the stack, such as do… | |||
| CVE-2025-38304 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eir_get_service_data The len parameter is considered optional so it can be NULL so it ca… | |||
| CVE-2025-38034 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref btrfs_prelim_ref() calls the old and new reference variable… | |||
| CVE-2025-38147 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: calipso: Don't call calipso functions for AF_INET sk. syzkaller reported a null-ptr-deref in txopt_get(). [0] The offset 0x70 wa… | |||
| CVE-2025-38303 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eir_create_adv_data eir_create_adv_data may attempt to add EIR_FLAGS and EIR_TX_POWER wit… | |||
| CVE-2025-6191 | unknown | — | — | — | Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-40203 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: listmount: don't call path_put() under namespace semaphore Massage listmount() and make sure we don't call path_put() under the n… | |||
| CVE-2025-40335 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq input args This will help on validating the userq input args, and rejecting for the invalid userq requ… | |||
| CVE-2025-40199 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix PP_MAGIC_MASK to avoid crashing on some 32-bit arches Helge reported that the introduction of PP_MAGIC_MASK let to… | |||
| CVE-2025-38302 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work Bios queued up in the zone write plug have already gone thr… | |||
| CVE-2025-38300 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() Fix two DMA cleanup issues on the error path in sun8i_c… | |||
| CVE-2025-40197 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: mc: Clear minor number before put device The device minor should not be cleared after the device is released. | |||
| CVE-2025-38059 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid csum tree [BUG] When trying read-only scrub on a btrfs with rescue=idatacsums m… | |||
| CVE-2025-26845 | unknown | — | — | — | An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script. | |||
| CVE-2025-38379 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2_reconnect_server(), a dummy tcon is passed… | |||
| CVE-2025-40195 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mnt_ns_release() When calling in listmount() mnt_ns_release() may be passed a NULL pointer. Handle t… | |||
| CVE-2025-37925 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668! Oops: inv… | |||
| CVE-2025-38298 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: EDAC/skx_common: Fix general protection fault After loading i10nm_edac (which automatically loads skx_edac_common), if unload onl… | |||
| CVE-2025-8043 | unknown | — | — | — | Focus incorrectly truncated URLs towards the beginning instead of around the origin. This vulnerability was fixed in Firefox 141. | |||
| CVE-2025-40191 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd process ref leaking when userptr unmapping kfd_lookup_process_by_pid hold the kfd process reference to ensure… | |||
| CVE-2025-38297 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix potential division-by-zero error in em_compute_costs() When the device is of a non-CPU type, table[i].performance won… | |||
| CVE-2025-38532 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature changes such as toggling Rx VLAN offload,… | |||
| CVE-2025-38515 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increment job count before swapping tail spsc queue A small race exists between spsc_queue_push and the run-job worker… | |||
| CVE-2025-8041 | unknown | — | — | — | In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141. | |||
| CVE-2025-8040 | unknown | — | — | — | Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort… | |||
| CVE-2025-38296 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ACPI: platform_profile: Avoid initializing on non-ACPI platforms The platform profile driver is loaded even on platforms that do … | |||
| CVE-2025-40190 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4_xattr_inode_update_ref() reads … | |||
| CVE-2025-21768 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels Some lwtunnels have a dst cache for post-transformation dst. If the… | |||
| CVE-2025-39728 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsung_clk_init() With UBSAN_ARRAY_BOUNDS=y, I'm hitting the below panic due to dereferencing `… | |||
| CVE-2025-40189 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error(-ETIMEDOUT) in lan78xx_read_raw_eeprom Syzbot reported read of uninitialize… | |||
| CVE-2025-40184 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIG_NVHE_EL2_DEB… | |||
| CVE-2025-22030 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() Currently, zswap_cpu_comp_dead() calls crypto_free_acomp() w… | |||
| CVE-2025-40182 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d ("crypto: api - Add reqsize to crypto_alg") introduced cra_reqsize f… | |||
| CVE-2025-40175 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: idpf: cleanup remaining SKBs in PTP flows When the driver requests Tx timestamp value, one of the first steps is to clone SKB usi… | |||
| CVE-2025-38290 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath12k_core_halt() only reinitializes th… | |||
| CVE-2025-64486 | unknown | — | — | — | calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesyst… | |||
| CVE-2025-37964 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Eliminate window where TLB flushes may be inadvertently skipped tl;dr: There is a window in the mm switching code where t… | |||
| CVE-2025-40174 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix SMP ordering in switch_mm_irqs_off() Stephen noted that it is possible to not have an smp_mb() between the loaded_mm … | |||
| CVE-2025-37851 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB of the enum pa… | |||
| CVE-2025-38289 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk Smatch detected a potential use-after-free of an ndlp ojec… | |||
| CVE-2025-6436 | unknown | — | — | — | Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited t… | |||
| CVE-2025-6435 | unknown | — | — | — | If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the us… | |||
| CVE-2025-38287 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cm_id has advanced to another … | |||
| CVE-2025-12436 | unknown | — | — | — | Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process … | |||
| CVE-2025-6434 | unknown | — | — | — | The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an except… | |||
| CVE-2025-6433 | unknown | — | — | — | If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in vi… | |||
| CVE-2025-22028 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: vimc: skip .s_stream() for stopped entities Syzbot reported [1] a warning prompted by a check in call_s_stream() that chec… | |||
| CVE-2025-6431 | unknown | — | — | — | When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user… | |||
| CVE-2025-57109 | unknown | — | — | — | Kitware VTK (Visualization Toolkit) 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the application accesse… | |||
| CVE-2025-52886 | unknown | — | — | — | Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count a… | |||
| CVE-2025-71129 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling convent… | |||
| CVE-2025-37781 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC paren… | |||
| CVE-2025-6428 | unknown | — | — | — | When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox … | |||
| CVE-2025-6427 | unknown | — | — | — | An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. Thi… | |||
| CVE-2025-5066 | unknown | — | — | — | Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via… | |||
| CVE-2025-40161 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mailbox: zynqmp-ipi: Fix SGI cleanup on unbind The driver incorrectly determines SGI vs SPI interrupts by checking IRQ number < 1… | |||
| CVE-2025-40162 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails devm_kasprintf() may return NULL on memory allocation failure, … | |||
| CVE-2025-38283 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: bugfix live migration function without VF device driver If the VF device driver is not loaded in the Guest OS … |