📅 Weekly CVE Roundup
October 6 - October 12, 2025
🔴 Critical & High Severity Vulnerabilities
These are the most dangerous vulnerabilities disclosed this week. Prioritize patching these.
A double-free vulnerability in the Linux kernel's BPF sockmap subsystem allows local attackers to cause a use-after-free condition. This can lead to k...
Oct 7This CVE describes a use-after-free vulnerability in the Linux kernel's si470x USB radio driver. When the driver fails to initialize properly, it does...
Oct 7This CVE describes a double-free vulnerability in the Linux kernel's RDMA over Converged Ethernet (RoCE) subsystem. When rxe_mr_init_user() fails duri...
Oct 7This CVE-2022-50546 is a Linux kernel vulnerability in the ext4 filesystem where uninitialized memory in the 'ext4_evict_inode' function can be access...
Oct 7A use-after-free vulnerability in the Linux kernel's block multi-queue (blk-mq) subsystem allows local attackers to cause kernel panics or potentially...
Oct 7This CVE describes a use-after-free vulnerability in the Linux kernel's netfilter conntrack subsystem. When nf_conntrack initialization fails, the nf_...
Oct 7A race condition in the Linux kernel's memory controller (memcontrol) subsystem can cause a NULL pointer dereference when retrieving memory cgroups by...
Oct 7A memory corruption vulnerability in the Linux kernel's DisplayPort driver allows attackers to write beyond allocated buffer boundaries when too many ...
Oct 7This CVE describes a race condition and potential buffer overflow vulnerability in the Linux kernel's parisc architecture firmware interface. It could...
Oct 7This CVE describes a shift-out-of-bounds vulnerability in the brcmfmac WiFi driver in the Linux kernel. An attacker could potentially cause a kernel p...
Oct 7This CVE describes a race condition vulnerability in the Linux kernel's GFS2 filesystem implementation. The gfs2_show_options() function accesses conf...
Oct 7🏢 Most Affected Vendors
🐛 Common Vulnerability Types
📋 All CVEs This Week
A double-free vulnerability in the Linux kernel's BPF sockmap subsystem allows local attackers to cause a use-after-free...
This CVE describes a use-after-free vulnerability in the Linux kernel's si470x USB radio driver. When the driver fails t...
This CVE describes a double-free vulnerability in the Linux kernel's RDMA over Converged Ethernet (RoCE) subsystem. When...
This CVE-2022-50546 is a Linux kernel vulnerability in the ext4 filesystem where uninitialized memory in the 'ext4_evict...
A use-after-free vulnerability in the Linux kernel's block multi-queue (blk-mq) subsystem allows local attackers to caus...
This CVE describes a use-after-free vulnerability in the Linux kernel's netfilter conntrack subsystem. When nf_conntrack...
A race condition in the Linux kernel's memory controller (memcontrol) subsystem can cause a NULL pointer dereference whe...
A memory corruption vulnerability in the Linux kernel's DisplayPort driver allows attackers to write beyond allocated bu...
This CVE describes a race condition and potential buffer overflow vulnerability in the Linux kernel's parisc architectur...
This CVE describes a shift-out-of-bounds vulnerability in the brcmfmac WiFi driver in the Linux kernel. An attacker coul...
This CVE describes a race condition vulnerability in the Linux kernel's GFS2 filesystem implementation. The gfs2_show_op...
A memory leak vulnerability in the Linux kernel's xHCI USB host controller driver could allow attackers to gradually exh...
This CVE describes a memory leak vulnerability in the Raspberry Pi firmware driver within the Linux kernel. When the mbo...
This CVE-2022-50538 is a Linux kernel vulnerability in the VME subsystem where the fake_init() function fails to properl...
This CVE describes a refcount leak bug in the Linux kernel's ARM OMAP2+ omap4-common module. The vulnerability occurs wh...
A kernel panic vulnerability in the Linux kernel's QCOM ADM DMA driver allows denial of service attacks. The vulnerabili...
A Linux kernel vulnerability in the TI K3-UDMA driver causes 32-bit byte counters to overflow when transferring more tha...
This is a memory leak vulnerability in the Linux kernel's r6040 network driver where phy_device objects aren't properly ...
This CVE describes a memory leak vulnerability in the Linux kernel's solo6x10 media driver. If device_register() fails d...
This CVE describes a memory leak vulnerability in the Linux kernel's hi846 camera sensor driver. When the driver fails t...
This CVE describes an ABBA deadlock vulnerability in the Linux kernel's device-mapper thin provisioning subsystem. When ...
A memory leak vulnerability in the Linux kernel's blk-iolatency subsystem occurs when disk initialization fails after bl...
This is an out-of-bounds write vulnerability in the Linux kernel's tracing subsystem that can cause kernel panic or pote...
This CVE describes an integer overflow vulnerability in the Linux kernel's sch_fq (Fair Queue) packet scheduler. When co...
This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's Intel GVT (Graphics Virtualization Tec...
A Linux kernel vulnerability in the Btrfs filesystem allows attackers to trigger a kernel crash (denial of service) by e...
A race condition in the Linux kernel's md (multiple device) driver can cause a soft lockup when displaying RAID resync p...
This CVE describes a memory leak vulnerability in the Linux kernel's Rockchip clock driver. When clk_register() fails in...
A null pointer dereference vulnerability in the MediaTek IOMMU driver of the Linux kernel could cause kernel panic or sy...
A resource leak vulnerability in the Linux kernel's Freescale PAMU (Peripheral Access Management Unit) IOMMU driver allo...
This CVE-2022-50527 is a NULL pointer dereference vulnerability in the AMD GPU driver within the Linux kernel. It allows...
This CVE-2022-50528 is a memory leak vulnerability in the AMD GPU kernel driver (drm/amdkfd) in the Linux kernel. It all...
This CVE describes a reference count leak vulnerability in the Linux kernel's USB gadget HID function driver. When the d...
This CVE describes a memory leak vulnerability in the Linux kernel's AMD GPU driver. When the hpd_rx_irq_create_workqueu...
This vulnerability in the Linux kernel's Distributed Lock Manager (DLM) component allows a NULL pointer dereference when...
A Linux kernel vulnerability in the THP (Transparent Huge Pages) splitting mechanism can cause a soft lockup (system han...
This CVE addresses a kernel panic vulnerability in the Linux kernel's nilfs2 filesystem. When checkpoint metadata on dis...
This is a Linux kernel memory leak vulnerability in the Radeon graphics driver. When the radeon_atrm_get_bios() function...
This is a memory leak vulnerability in the Linux kernel's mxm-wmi driver where ACPI buffer memory isn't freed after WMI ...
A null pointer dereference vulnerability in the Linux kernel's TIPC (Transparent Inter-Process Communication) subsystem ...
This CVE describes a memory leak vulnerability in the Linux kernel's Aspeed SoC information driver. When certain error c...
This CVE is a NULL pointer dereference vulnerability in the Linux kernel's CODA media driver. If exploited, it could cau...
This CVE describes a memory leak vulnerability in the Linux kernel's ARM SMMU PMU driver. When platform_driver_register(...
This CVE-2022-50511 is a Linux kernel vulnerability in the font handling subsystem where a signed integer shift operatio...
This CVE describes a memory leak vulnerability in the Linux kernel's ext4 filesystem fast commit feature. If exploited, ...
This CVE describes a memory leak vulnerability in the Linux kernel's test_firmware module. When misc_register() fails du...
A NULL pointer dereference vulnerability in the Linux kernel's block multi-queue subsystem allows local attackers to tri...
This vulnerability is an information leak in the Linux kernel's TIPC (Transparent Inter-Process Communication) subsystem...
This CVE describes a null pointer dereference vulnerability in the Linux kernel's WiFi subsystem (mac80211). When a devi...
A race condition in the Linux kernel's device-mapper thin provisioning subsystem can cause a soft lockup when reading co...
A race condition in the Linux kernel's memory swap subsystem allows concurrent swapoff and get_swap_pages() operations t...
This CVE describes a memory leak vulnerability in the Linux kernel's mcb-parse module. When mcb_device_register() fails ...
