Debian Security Vulnerabilities (CVEs)

A race condition vulnerability exists in the Linux kernel's SMB client implementation during rename operations. This allows concurrent file opens to i...

This CVE addresses a speculative execution side-channel vulnerability in the Linux kernel's KVM (Kernel-based Virtual Machine) subsystem for x86 syste...

A reference counting bug in the Linux kernel's SMB client implementation could cause resource leaks when memory allocation fails during compound opera...

A slab-out-of-bounds memory access vulnerability in the Linux kernel's efivarfs filesystem allows attackers to cause kernel memory corruption through ...

This CVE describes a race condition in the Linux kernel's ftrace subsystem that can trigger a kernel warning when ftrace_dump is called concurrently w...

This CVE describes an uninitialized memory vulnerability in the Linux kernel's SCTP IPv6 implementation. When sin6_scope_id and sin6_flowinfo fields a...

A null pointer dereference vulnerability in the Linux kernel's HID ntrig driver allows local attackers to trigger a kernel page fault by sending craft...

This vulnerability allows a malicious HID device to trigger a slab out-of-bounds memory access in the Linux kernel's multitouch driver. Attackers coul...

A NULL pointer dereference vulnerability in the Linux kernel's VMCI subsystem allows local attackers to cause a general protection fault (GPF) and pot...

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's ACPI processor idle driver. If exploited, it could cause a kernel pa...

This CVE addresses a kernel panic vulnerability in the Linux kernel's USB DWC3 driver. When 'panic_on_warn' is enabled, endpoint command timeouts duri...

A Linux kernel vulnerability in the UFS (Universal Flash Storage) driver for Exynos chipsets allows undefined behavior due to integer overflow when pr...

A double-free vulnerability in the Linux kernel's MHI host driver allows a malicious or compromised remote device to trigger memory corruption. This a...

VMSCAPE is a vulnerability in the Linux kernel that allows a malicious guest VM to poison branch predictors, potentially enabling speculative executio...

A Linux kernel vulnerability in the jbd2 journaling subsystem can cause softlockups (system hangs) when processing filesystem operations. This affects...

A use-after-free vulnerability in the Linux kernel's PCI endpoint subsystem allows local attackers to potentially crash the system or execute arbitrar...

A Linux kernel vulnerability in the bridge networking module allows a local attacker to cause a denial of service (soft lockup) by setting multicast q...

A use-after-free vulnerability in the Linux kernel's debug_vm_pgtable test module allows stale page table entries to persist after test completion. Wh...

A Linux kernel vulnerability where IPv6 packets with extension headers incorrectly request checksum offload on devices that only support NETIF_F_IPV6_...

A NULL pointer dereference vulnerability in the Linux kernel's hibmc DRM driver occurs when the driver fails to load properly. This can cause kernel c...

A Linux kernel vulnerability in the CAKE (Common Applications Kept Enhanced) queuing discipline causes incorrect congestion notification when packets ...

A memory allocation vulnerability in the Linux kernel occurs when file descriptor tables attempt to allocate more than INT_MAX bytes (2GB) due to high...

A Linux kernel vulnerability in the ALSA USB audio subsystem allows out-of-bounds memory access when processing malicious UAC3 audio device descriptor...

A race condition in the Linux kernel's Btrfs filesystem allows use-after-free of qgroup records when quota disable and quota rescan operations occur s...

This is a data race vulnerability in the Linux kernel's RCU (Read-Copy Update) subsystem where concurrent access to the ->defer_qs_iw_pending field co...

This CVE describes a race condition vulnerability in the Linux kernel's ARM Rockchip SMP initialization code that can cause kernel hangs during boot o...

A Linux kernel vulnerability in the JFS filesystem where inode pages aren't properly truncated when a hard link count reaches zero, potentially causin...

A divide-by-zero vulnerability in the Linux kernel's RDMA hfi1 driver could cause kernel panic or system crash when the find_hw_thread_mask() function...

This CVE describes a soft lockup vulnerability in the Linux kernel's kmemleak memory leak detector. When kmemleak disables itself due to memory exhaus...

A Linux kernel Btrfs filesystem vulnerability allows transaction aborts when relocating partially dropped subvolumes, causing filesystem corruption an...

This CVE describes a deadlock vulnerability in the Linux kernel's kmemleak memory leak detector. When netpoll is enabled, a specific code path can cau...

This CVE addresses a deadlock vulnerability in the Linux kernel's NTFS3 filesystem driver. The issue occurs when the driver attempts to acquire inode ...

This CVE is a Linux kernel vulnerability in the NFS (Network File System) subsystem where insufficient bounds checking in the nfs_fh_to_dentry() funct...

This CVE-2025-39716 is a privilege escalation vulnerability in the Linux kernel's parisc architecture implementation. It allows user-space programs to...

This CVE describes an out-of-bounds array access vulnerability in the Linux kernel's BNO055 IMU driver. An attacker could potentially exploit this to ...

A race condition in the Linux kernel's Venus media driver allows a NULL pointer dereference during system boot if an interrupt fires before the interr...

A memory safety vulnerability in the Linux kernel's Venus media driver allows potential out-of-bounds memory access when processing packets from firmw...

A race condition vulnerability in the Linux kernel's rainshadow-cec driver allows concurrent interrupt handlers to cause a buffer overflow. This affec...

A race condition vulnerability in the Linux kernel's USBTV driver allows local attackers to cause a kernel crash (denial of service) by changing TV st...

This CVE describes a privilege escalation vulnerability in the Linux kernel's parisc architecture where user code can execute LWS compare-and-swap ope...

This CVE addresses a timing side-channel vulnerability in the Linux kernel's IPv6 Segment Routing (SR) implementation. Attackers could potentially exp...

This CVE describes a vulnerability in the Linux kernel's ACPI Platform Firmware Runtime Update (pfr_update) driver where the wrong version check is us...

A use-after-free vulnerability in the Linux kernel's AMD KFD driver occurs when debugfs entries are destroyed before work queues, causing a kernel NUL...

This CVE describes a NULL pointer dereference vulnerability in the AMD display driver component of the Linux kernel. If exploited, it could cause a ke...

This CVE-2025-39694 is a NULL pointer dereference vulnerability in the Linux kernel's SCLP (Service Call Logical Processor) subsystem on s390 architec...

This CVE describes a race condition vulnerability in the Linux kernel's NFS client implementation. It allows concurrent operations to interfere with w...

This CVE describes an information leak vulnerability in the Linux kernel's comedi subsystem, where uninitialized kernel memory can be exposed to users...

This CVE-2025-39685 is an out-of-bounds vulnerability in the Linux kernel's comedi pcl726 driver that allows local attackers to trigger a kernel crash...

This CVE addresses an information disclosure vulnerability in the Linux kernel's AS73211 light sensor driver. The driver fails to properly zero out un...

This is a use-after-free vulnerability in the Linux kernel's buffer handling code that can lead to kernel memory corruption. It affects systems using ...