Debian Security Vulnerabilities (CVEs)

A race condition vulnerability in the MediaTek Star EMAC network driver for Linux kernels allows spinlock recursion when DMA interrupts are re-enabled...

This CVE describes a race condition vulnerability in the Linux kernel's VXLAN implementation where deletion of default FDB entries occurs without prop...

This CVE describes an out-of-bounds write vulnerability in the Linux kernel's tracing subsystem. The trace_seq_to_buffer() function can copy more data...

A null pointer dereference vulnerability exists in the Linux kernel's Intel Ethernet Connection (ice) driver. This allows a local attacker with VF (Vi...

A double-free vulnerability in the Linux kernel's qfq scheduler occurs when netem is used as a child qdisc, causing reentrant enqueue operations. This...

A missing check in the Linux kernel's Qualcomm MPM driver causes kernel crashes when handling interrupts for non-wakeup GPIO pins. This affects Linux ...

A use-after-free vulnerability in the Linux kernel's AMD GPU display driver allows attackers to cause memory corruption when USB-C docks are unplugged...

This CVE describes a memory leak vulnerability in the Linux kernel's ARM SCMI firmware subsystem. When SCMI protocol devices are destroyed, an unbalan...

This CVE describes a missing error check in the Linux kernel's INFTL (Inverse NAND Flash Translation Layer) subsystem. If the inftl_read_oob() functio...

A buffer overflow vulnerability exists in the Linux kernel's OMAPFB display driver when processing certain 'plane' parameter values. This could allow ...

A use-after-free vulnerability in the Linux kernel's AMDKFD driver allows local attackers to cause denial of service or potentially execute arbitrary ...

A Linux kernel JFS filesystem integer overflow vulnerability occurs when calculating allocation group sizes on 32-bit systems with large (>2TB) aggreg...

This CVE describes a use-after-free vulnerability in the Linux kernel's KVM (Kernel-based Virtual Machine) subsystem for ARM64 architecture. When vCPU...

This CVE describes a memory leak vulnerability in the Linux kernel's PCI subsystem. If device_register() fails during pci_register_host_bridge(), the ...

This Linux kernel vulnerability involves an incorrect WARN_ON check in the jbd2 journaling subsystem that could trigger false warnings or potentially ...

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's cpupower benchmarking tool. If memory allocation fails, the system c...

A NULL pointer dereference vulnerability in the Linux kernel's SCPI cpufreq driver allows local attackers to crash the system by triggering a kernel p...

A use-after-free vulnerability in the Linux kernel's GIC-V2M interrupt controller allows attackers to cause kernel panics or potentially execute arbit...

This CVE describes a use-after-free vulnerability in the Linux kernel's HFSC (Hierarchical Fair Service Curve) network scheduler. An attacker could po...

This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's DWC3 USB gadget driver. An attacker could trigger a kernel crash...

A race condition in the Linux kernel's cdns3 USB driver causes a deadlock when using NCM gadget functionality under PREEMPT_RT configuration. This vul...

This CVE describes a double-free vulnerability in the Linux kernel's MCB (Memory Controller Bridge) subsystem. When mcb_device_register() fails in cha...

This vulnerability in syslog-ng's TLS certificate validation allows improper wildcard matching patterns like 'foo.*.bar' and 'foo.a*c.bar' that should...

A NULL pointer dereference vulnerability in the Linux kernel's SCSI target subsystem allows attackers to crash the kernel by sending specially crafted...

This CVE describes a Use-After-Free vulnerability in the Linux kernel's HFSC (Hierarchical Fair Service Curve) queuing discipline scheduler. The vulne...

A memory leak vulnerability exists in the Linux kernel's cxgb4 driver when initializing ethtool filters. If memory allocation fails for the bmap struc...

This vulnerability in the Linux kernel's Open vSwitch module allows attackers to trigger a kernel panic or potentially execute arbitrary code by sendi...

A memory corruption vulnerability in the Linux kernel's ISO filesystem (isofs) export functionality allows out-of-bounds read access when processing f...

A division by zero vulnerability in the AMD GPU power management driver (drm/amd/pm/smu11) in the Linux kernel allows local attackers to cause a kerne...

A division by zero vulnerability exists in the AMD GPU power management driver (drm/amd/pm) in the Linux kernel. This occurs when users set speed valu...

A NULL pointer dereference vulnerability in the Linux kernel's virtiofs filesystem driver could cause kernel panics when source name is NULL during fu...

A use-after-free vulnerability in the Linux kernel's Nouveau DRM driver allows local attackers to cause a kernel panic (denial of service) by triggeri...

A division by zero vulnerability exists in the AMD GPU power management driver (drm/amd/pm) in the Linux kernel. Attackers can trigger a kernel panic ...

A vulnerability in the Linux kernel's TLS implementation allows attackers to trigger a kernel warning or potential crash by disconnecting a TLS socket...

A NULL pointer dereference vulnerability in the Linux kernel's PATA PXA driver could cause kernel crashes or denial of service. This affects systems u...

This vulnerability is a NULL pointer dereference in the MediaTek IOMMU driver of the Linux kernel, occurring during device initialization. It allows l...

This CVE describes an out-of-bounds read vulnerability in the Linux kernel's PPP (Point-to-Point Protocol) implementation. When processing short or em...

This CVE-2025-37752 is a Linux kernel vulnerability in the Stochastic Fairness Queueing (SFQ) network scheduler that allows array index out-of-bounds ...

A use-after-free vulnerability in the Linux kernel's ext4 filesystem allows attackers to cause memory corruption when processing extended attributes. ...

A divide-by-zero vulnerability in the Linux kernel's JFS filesystem can cause kernel panic when mounting filesystems with malformed allocation group m...

This CVE describes an uninitialized memory access vulnerability in the JFS filesystem implementation in the Linux kernel. When mounting a JFS filesyst...

This vulnerability in the Linux kernel's Venus media driver allows out-of-bounds memory access when parsing HFI packets. Attackers could potentially r...

A Linux kernel vulnerability in the Venus media driver allows out-of-bounds write due to improper validation of queue size values from firmware. This ...

A resource leak vulnerability in the MediaTek video codec driver for Linux kernel allows attackers to cause memory exhaustion on affected systems. Thi...

A use-after-free vulnerability in the Linux kernel's SCTP implementation allows a race condition where a transport structure can be accessed after bei...

This CVE describes a race condition vulnerability in the Linux kernel's LED backlight subsystem where the led_access lock is not properly held when ca...

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's ENE-KB3930 MFD driver. If exploited, it could cause a kernel panic o...

A NULL pointer dereference vulnerability in the Linux kernel's Exynos ChipID driver could cause kernel panic or system crash when accessing uninitiali...

A Linux kernel vulnerability in the ext4 filesystem's do_split function allows an off-by-one error that can lead to out-of-bounds memory access and us...

This CVE describes a resource leak vulnerability in the Linux kernel's PCI endpoint test driver. When request_irq() fails during IRQ allocation, the c...