NVD

Icon for New NVD Communications and Status Updates Page

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Legal Disclaimer:

Here is where you can read the NVD legal disclaimer.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2025-39698 - In the Linux kernel, the following vulnerability has been resolved: io_uring/futex: ensure io_futex_wait() cleans up properly on failure The io_futex_data is allocated upfront and assigned to the io_kiocb async_data field, but the request isn't ... read CVE-2025-39698
Published: September 05, 2025; 2:15:46 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39696 - In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: tas2781: Fix wrong reference of tasdevice_priv During the conversion to unify the calibration data management, the reference to tasdevice_priv was wrongly set to h->h... read CVE-2025-39696
Published: September 05, 2025; 2:15:46 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39695 - In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Flush delayed SKBs while releasing RXE resources When skb packets are sent out, these skb packets still depends on the rxe resources, for example, QP, sk, when these p... read CVE-2025-39695
Published: September 05, 2025; 2:15:46 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39690 - In the Linux kernel, the following vulnerability has been resolved: iio: accel: sca3300: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the `channels` array is zeroed before use.
Published: September 05, 2025; 2:15:45 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39680 - In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer The data->block[0] variable comes from user. Without proper check, the variable may be very large to cause an out-o... read CVE-2025-39680
Published: September 05, 2025; 2:15:44 PM -0400

V3.1: 7.1 HIGH
CVE-2025-39679 - In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). When the nvif_vmm_type is invalid, we will return error directly without freeing the args in nvif_vmm_ctor(), whi... read CVE-2025-39679
Published: September 05, 2025; 2:15:44 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39678 - In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL If metric table address is not allocated, accessing metrics_bin will result in a NULL pointer dereference, so add... read CVE-2025-39678
Published: September 05, 2025; 2:15:44 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39677 - In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdisc_dequeue_internal This issue applies for the following qdiscs: hhf, fq, fq_codel, and fq_pie, and occurs in their change handlers when ... read CVE-2025-39677
Published: September 05, 2025; 2:15:44 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39674 - In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fix ESI null pointer dereference ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is optional f... read CVE-2025-39674
Published: September 05, 2025; 2:15:43 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39711 - In the Linux kernel, the following vulnerability has been resolved: media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls Both the ACE and CSI driver are missing a mei_cldev_disable() call in their remove() function. This ... read CVE-2025-39711
Published: September 05, 2025; 2:15:48 PM -0400

V3.1: 7.8 HIGH
CVE-2025-39708 - In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix NULL pointer dereference A warning reported by smatch indicated a possible null pointer dereference where one of the arguments to API "iris_hfi_gen2_handle_syst... read CVE-2025-39708
Published: September 05, 2025; 2:15:48 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39707 - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities HUBBUB structure is not initialized on DCE hardware, so check if it is NULL to avoid null dereference while... read CVE-2025-39707
Published: September 05, 2025; 2:15:47 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39705 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD display driver's (DC module) cleanup function dc_d... read CVE-2025-39705
Published: September 05, 2025; 2:15:47 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39704 - In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in send_ipi_data() Function kvm_io_bus_read() is called in function send_ipi_data(), buffer size of parameter *val should be at least 8... read CVE-2025-39704
Published: September 05, 2025; 2:15:47 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39700 - In the Linux kernel, the following vulnerability has been resolved: mm/damon/ops-common: ignore migration request to invalid nodes damon_migrate_pages() tries migration even if the target node is invalid. If users mistakenly make such invalid r... read CVE-2025-39700
Published: September 05, 2025; 2:15:47 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39699 - In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: prevent NULL deref in iova_to_phys The riscv_iommu_pte_fetch() function returns either NULL for unmapped/never-mapped iova, or a valid leaf pte pointer that require... read CVE-2025-39699
Published: September 05, 2025; 2:15:46 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39750 - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Correct tid cleanup when tid setup fails Currently, if any error occurs during ath12k_dp_rx_peer_tid_setup(), the tid value is already incremented, even though the... read CVE-2025-39750
Published: September 11, 2025; 1:15:38 PM -0400

V3.1: 7.1 HIGH
CVE-2025-39748 - In the Linux kernel, the following vulnerability has been resolved: bpf: Forget ranges when refining tnum after JSET Syzbot reported a kernel warning due to a range invariant violation on the following BPF program. 0: call bpf_get_netns_cooki... read CVE-2025-39748
Published: September 11, 2025; 1:15:38 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39745 - In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels For built with CONFIG_PREEMPT_RT=y kernels, running rcutorture tests resulted in the following splat: [ 68.7... read CVE-2025-39745
Published: September 11, 2025; 1:15:37 PM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39744 - In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcu_read_unlock() deadloop due to IRQ work During rcu_read_unlock_special(), if this happens during irq_exit(), we can lockup if an IPI is issued. This is because the I... read CVE-2025-39744
Published: September 11, 2025; 1:15:37 PM -0400

V3.1: 7.1 HIGH

Created September 20, 2022 , Updated August 27, 2024

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Legal Disclaimer: