CVE-2025-37997
published 2025-05-29CVE-2025-37997: In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5.6-rc4…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: fix region locking in hash types
Region locking introduced in v5.6-rc4 contained three macros to handle
the region locks: ahash_bucket_start(), ahash_bucket_end() which gave
back the start and end hash bucket values belonging to a given region
lock and ahash_region() which should give back the region lock belonging
to a given hash bucket. The latter was incorrect which can lead to a
race condition between the garbage collector and adding new elements
when a hash type of set is defined with timeouts.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.139-1 (bookworm) | linux 6.1.139-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.139-1 (bookworm) | linux 6.1.139-1 (bookworm) |
| chrome_chrome | — | — | |
| linux | linux | — | — |
| linux | linux | — | — |
| linux | linux | >= 5.4.24 < 5.4.294 | 5.4.294 |
| linux | linux | >= 5.5.8 < 5.6 | 5.6 |
| linux | linux | >= 5dd9488ae41070b69d2f4acb580f77db5705f9ca < 00cfc5fad1491796942a948808afb968a0a3f35b | 00cfc5fad1491796942a948808afb968a0a3f35b |
| linux | linux | >= f66ee0410b1c3481ee75e5db9b34547b4d582465 < 226ce0ec38316d9e3739e73a64b6b8304646c658 | 226ce0ec38316d9e3739e73a64b6b8304646c658 |
| linux | linux | >= f66ee0410b1c3481ee75e5db9b34547b4d582465 < 82c1eb32693bc48251d92532975e19160987e5b9 | 82c1eb32693bc48251d92532975e19160987e5b9 |
| linux | linux | >= f66ee0410b1c3481ee75e5db9b34547b4d582465 < aa77294b0f73bb8265987591460cd25b8722c3df | aa77294b0f73bb8265987591460cd25b8722c3df |
| linux | linux | >= f66ee0410b1c3481ee75e5db9b34547b4d582465 < a3dfec485401943e315c394c29afe2db8f9481d6 | a3dfec485401943e315c394c29afe2db8f9481d6 |
| linux | linux | >= f66ee0410b1c3481ee75e5db9b34547b4d582465 < e2ab67672b2288521a6146034a971f9a82ffc5c5 | e2ab67672b2288521a6146034a971f9a82ffc5c5 |
| linux | linux | >= f66ee0410b1c3481ee75e5db9b34547b4d582465 < 6e002ecc1c8cfdfc866b9104ab7888da54613e59 | 6e002ecc1c8cfdfc866b9104ab7888da54613e59 |
| linux | linux | >= f66ee0410b1c3481ee75e5db9b34547b4d582465 < 8478a729c0462273188263136880480729e9efca | 8478a729c0462273188263136880480729e9efca |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.139-1 | 6.1.139-1 |
| linux | linux_kernel | >= 0 < 6.12.29-1 | 6.12.29-1 |
| linux | linux_kernel | >= 0 < 6.12.29-1 | 6.12.29-1 |
| linux | linux_kernel | >= 0 < 5.15.0-143.153 | 5.15.0-143.153 |
| linux | linux_kernel | >= 0 < 6.8.0-63.66 | 6.8.0-63.66 |
| linux | linux_kernel | >= 0 < 6.14.0-23.23 | 6.14.0-23.23 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv8.8HIGH
OSV
linux-azure-5.15 vulnerabilities
osv·2025-09-02
linux-azure-5.15 vulnerabilities
linux-azure-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
OSV
linux-azure-fips vulnerabilities
osv·2025-08-22
linux-azure-fips vulnerabilities
linux-azure-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
OSV
linux-raspi vulnerabilities
osv·2025-08-05
linux-raspi vulnerabilities
linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- PCI Endpoint
OSV
linux-iot vulnerabilities
osv·2025-08-04·CVSS 4.7
CVE-2024-53051 [MEDIUM] linux-iot vulnerabilities
linux-iot vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ACPI drivers;
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2024-53051, CVE-2024-46787, CVE-2024-50047, CVE-2024-56662,
CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-37932,
CVE-2025-37798, CVE-2025-38177, CVE-2025-38000)
OSV
linux-azure vulnerabilities
osv·2025-07-30·CVSS 4.7
CVE-2025-37890 [MEDIUM] linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
OSV
linux-azure, linux-azure-5.4, linux-azure-fips, linux-raspi, linux-raspi-5.4 vulnerabilities
osv·2025-07-29·CVSS 4.7
CVE-2024-53051 [MEDIUM] linux-azure, linux-azure-5.4, linux-azure-fips, linux-raspi, linux-raspi-5.4 vulnerabilities
linux-azure, linux-azure-5.4, linux-azure-fips, linux-raspi, linux-raspi-5.4 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ACPI drivers;
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2024-53051, CVE-2024-46787, CVE-2024-50047, CVE-2024-56662,
CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-37932,
CVE-2025-37798, CVE-2025-38177, CVE-2025-38000)
OSV
linux, linux-aws, linux-aws-5.4, linux-aws-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5
osv·2025-07-25·CVSS 4.7
[MEDIUM] linux, linux-aws, linux-aws-5.4, linux-aws-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5
linux, linux-aws, linux-aws-5.4, linux-aws-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ACPI drivers;
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2024-53051, CVE-2024-46787, CVE-2024-50047, CVE-2024-56662,
CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-37932,
CVE-2025-37798, CVE-2025-38177, CVE-2025-38000)
OSV
linux-aws-6.14 vulnerabilities
osv·2025-07-24·CVSS 7.8
[HIGH] linux-aws-6.14 vulnerabilities
linux-aws-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing infrastructure;
- Memory management;
- IPv4 networking;
- IPv6 networking;
- Net
OSV
linux-oracle vulnerabilities
osv·2025-07-21·CVSS 7.8
CVE-2025-38000 [HIGH] linux-oracle vulnerabilities
linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)
OSV
linux-intel-iotg-5.15 vulnerabilities
osv·2025-07-18·CVSS 8.8
CVE-2024-8805 [HIGH] linux-intel-iotg-5.15 vulnerabilities
linux-intel-iotg-5.15 vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Crypt
OSV
linux-azure-6.8, linux-azure-nvidia vulnerabilities
osv·2025-07-17·CVSS 7.8
CVE-2025-38001 [HIGH] linux-azure-6.8, linux-azure-nvidia vulnerabilities
linux-azure-6.8, linux-azure-nvidia vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
OSV
linux-hwe-6.8 vulnerabilities
osv·2025-07-17·CVSS 5.9
CVE-2025-2312 [MEDIUM] linux-hwe-6.8 vulnerabilities
linux-hwe-6.8 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architecture;
- Block layer subsystem;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- Network block device driver;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- FireWire subsystem;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I3C subsystem;
- InfiniBand drivers;
- IOMMU sub
OSV
linux-aws vulnerabilities
osv·2025-07-17·CVSS 7.8
CVE-2025-38000 [HIGH] linux-aws vulnerabilities
linux-aws vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)
OSV
linux-lowlatency-hwe-6.11 vulnerabilities
osv·2025-07-15·CVSS 7.8
CVE-2025-38001 [HIGH] linux-lowlatency-hwe-6.11 vulnerabilities
linux-lowlatency-hwe-6.11 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37997, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-37890)
OSV
linux-xilinx-zynqmp vulnerabilities
osv·2025-07-11·CVSS 4.7
CVE-2025-37890 [MEDIUM] linux-xilinx-zynqmp vulnerabilities
linux-xilinx-zynqmp vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
OSV
linux-azure, linux-azure-6.11 vulnerabilities
osv·2025-07-08·CVSS 5.9
CVE-2025-2312 [MEDIUM] linux-azure, linux-azure-6.11 vulnerabilities
linux-azure, linux-azure-6.11 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and drivers;
- DMA engine subsystem;
- DPLL subsystem;
- Qualcomm firmware driv
OSV
linux-azure vulnerabilities
osv·2025-07-08·CVSS 7.8
CVE-2025-38000 [HIGH] linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)
OSV
linux-lowlatency, linux-oem-6.11 vulnerabilities
osv·2025-07-08·CVSS 7.8
CVE-2025-38001 [HIGH] linux-lowlatency, linux-oem-6.11 vulnerabilities
linux-lowlatency, linux-oem-6.11 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37997, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-37890)
OSV
linux-azure vulnerabilities
osv·2025-07-08·CVSS 7.8
CVE-2025-38001 [HIGH] linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
OSV
linux-ibm-5.15, linux-intel-iotg, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx vulnerabilities
osv·2025-07-08·CVSS 4.7
CVE-2025-37890 [MEDIUM] linux-ibm-5.15, linux-intel-iotg, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx vulnerabilities
linux-ibm-5.15, linux-intel-iotg, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
OSV
linux-oem-6.14 vulnerabilities
osv·2025-07-04·CVSS 7.8
CVE-2025-37890 [HIGH] linux-oem-6.14 vulnerabilities
linux-oem-6.14 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Bluetooth drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2025-37918, CVE-2025-37932, CVE-2025-38000,
CVE-2025-37997, CVE-2025-38001)
OSV
linux-ibm vulnerabilities
osv·2025-07-04·CVSS 7.8
CVE-2025-38001 [HIGH] linux-ibm vulnerabilities
linux-ibm vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
OSV
linux-aws-5.15, linux-intel-iot-realtime vulnerabilities
osv·2025-07-03·CVSS 4.7
CVE-2025-37890 [MEDIUM] linux-aws-5.15, linux-intel-iot-realtime vulnerabilities
linux-aws-5.15, linux-intel-iot-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
OSV
linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities
osv·2025-07-02·CVSS 7.8
CVE-2025-38000 [HIGH] linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities
linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)
OSV
linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities
osv·2025-07-01·CVSS 7.8
CVE-2025-38001 [HIGH] linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities
linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37997, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-37890)
OSV
linux-realtime vulnerabilities
osv·2025-07-01·CVSS 4.7
CVE-2025-37890 [MEDIUM] linux-realtime vulnerabilities
linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
OSV
linux, linux-aws, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vu
osv·2025-07-01·CVSS 4.7
[MEDIUM] linux, linux-aws, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vu
linux, linux-aws, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
OSV
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
osv·2025-07-01·CVSS 4.7
CVE-2025-37890 [MEDIUM] linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
OSV
linux-realtime, linux-raspi-realtime vulnerabilities
osv·2025-07-01·CVSS 7.8
CVE-2025-38001 [HIGH] linux-realtime, linux-raspi-realtime vulnerabilities
linux-realtime, linux-raspi-realtime vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
OSV
linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, l
osv·2025-07-01·CVSS 7.8
[HIGH] linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, l
linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
OSV
CVE-2025-37997: In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5
osv·2025-05-29·CVSS 5.5
CVE-2025-37997 [MEDIUM] CVE-2025-37997: In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5.6-rc4 contained three macros to handle the region locks: ahash_bucket_start(), ahash_bucket_end() which gave back the start and end hash bucket values belonging to a given region lock and ahash_region() which should give back the region lock belonging to a given hash bucket. The latter was incorrect which can lead to a race condition between the garbage collector and adding new elements when a hash type of set is defined with timeouts.
GHSA
GHSA-jgxp-fpw7-p364: In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: fix region locking in hash types
Region locking introduced in
ghsa_unreviewed·2025-05-29
CVE-2025-37997 [MEDIUM] CWE-667 GHSA-jgxp-fpw7-p364: In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: fix region locking in hash types
Region locking introduced in
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: fix region locking in hash types
Region locking introduced in v5.6-rc4 contained three macros to handle
the region locks: ahash_bucket_start(), ahash_bucket_end() which gave
back the start and end hash bucket values belonging to a given region
lock and ahash_region() which should give back the region lock belonging
to a given hash bucket. The latter was incorrect which can lead to a
race condition between the garbage collector and adding new elements
when a hash type of set is defined with timeouts.
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2025-37997
vendor_chrome·2026-04-17
CVE-2025-37997 Long Term Support Channel Update for ChromeOS: CVE-2025-37997
Long Term Support Channel Update for ChromeOS
CVE-2025-37997
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-09-02
CVE-2022-49535 Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities
vendor_ubuntu·2025-08-22
CVE-2024-46816 Linux kernel (Azure FIPS) vulnerabilities
Title: Linux kernel (Azure FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Arm Firmware Framework for ARMv8-A(FFA);
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsys
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2025-08-05
CVE-2025-23147 Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
-
Ubuntu
Linux kernel (IoT) vulnerabilities
vendor_ubuntu·2025-08-04·CVSS 4.7
CVE-2024-50047 [MEDIUM] Linux kernel (IoT) vulnerabilities
Title: Linux kernel (IoT) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ACPI drivers;
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2024-53051, CVE-2024-46787, CVE-2024-50047, CVE-2024-56662,
CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-37932,
CVE-2025-37798, CVE-2025-38177, CVE-2025-38000)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number,
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-07-30·CVSS 4.7
CVE-2025-38000 [MEDIUM] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-29·CVSS 4.7
CVE-2024-53051 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ACPI drivers;
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2024-53051, CVE-2024-46787, CVE-2024-50047, CVE-2024-56662,
CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-37932,
CVE-2025-37798, CVE-2025-38177, CVE-2025-38000)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2025-07-24·CVSS 7.8
CVE-2025-37933 [HIGH] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PA-RISC architecture;
- PowerPC architecture;
- S390 architecture;
- x86 architecture;
- Compute Acceleration Framework;
- Ublk userspace block driver;
- Bluetooth drivers;
- ARM SCMI message protocol;
- GPU drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Network drivers;
- PCI subsystem;
- PTP clock framework;
- SPI subsystem;
- BTRFS file system;
- SMB network file system;
- eXpress Data Path;
- Universal MIDI packet (UMP) support module;
- Tracing inf
Ubuntu
Linux kernel (Oracle) vulnerabilities
vendor_ubuntu·2025-07-21·CVSS 7.8
CVE-2025-37997 [HIGH] Linux kernel (Oracle) vulnerabilities
Title: Linux kernel (Oracle) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities
vendor_ubuntu·2025-07-18·CVSS 8.8
CVE-2025-38009 [HIGH] Linux kernel (Intel IoTG) vulnerabilities
Title: Linux kernel (Intel IoTG) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-07-17·CVSS 7.8
CVE-2025-37798 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manu
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2025-07-17·CVSS 5.9
CVE-2024-57953 [MEDIUM] Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architecture;
- Block layer subsystem;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- Network block device driver;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- FireWire subsystem;
- GPIO subsystem;
- GP
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2025-07-17·CVSS 7.8
CVE-2025-37997 [HIGH] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g.
Ubuntu
Linux kernel (Low Latency) vulnerabilities
vendor_ubuntu·2025-07-15·CVSS 7.8
CVE-2025-37798 [HIGH] Linux kernel (Low Latency) vulnerabilities
Title: Linux kernel (Low Latency) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37997, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-37890)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard ke
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities
vendor_ubuntu·2025-07-11·CVSS 4.7
CVE-2025-38001 [MEDIUM] Linux kernel (Xilinx ZynqMP) vulnerabilities
Title: Linux kernel (Xilinx ZynqMP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
r
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 5.9
CVE-2025-22095 [MEDIUM] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and drivers;
-
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 7.8
CVE-2025-37932 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37997, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-37890)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapacka
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 7.8
CVE-2025-37932 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 4.7
CVE-2024-53051 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all thi
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 7.8
CVE-2025-37798 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manu
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2025-07-04·CVSS 7.8
CVE-2025-37932 [HIGH] Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Bluetooth drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2025-37918, CVE-2025-37932, CVE-2025-38000,
CVE-2025-37997, CVE-2025-38001)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled th
Ubuntu
Linux kernel (IBM) vulnerabilities
vendor_ubuntu·2025-07-04·CVSS 7.8
CVE-2025-37798 [HIGH] Linux kernel (IBM) vulnerabilities
Title: Linux kernel (IBM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manual
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-03·CVSS 4.7
CVE-2025-37932 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all thi
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-02·CVSS 7.8
CVE-2025-37932 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-07-01·CVSS 7.8
CVE-2025-37798 [HIGH] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-01·CVSS 4.7
CVE-2025-37798 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all thi
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-07-01·CVSS 4.7
CVE-2025-37798 [MEDIUM] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reins
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-07-01·CVSS 4.7
CVE-2025-37932 [MEDIUM] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- SMB network file system;
- Memory management;
- Netfilter;
- Network traffic control;
(CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000,
CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047,
CVE-2024-53051)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-07-01·CVSS 7.8
CVE-2025-37798 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- InfiniBand drivers;
- Netfilter;
- Network traffic control;
(CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997,
CVE-2025-38000, CVE-2025-22088, CVE-2025-37890)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uni
Red Hat
kernel: netfilter: ipset: fix region locking in hash types
vendor_redhat·2025-05-29·CVSS 5.5
CVE-2025-37997 [MEDIUM] CWE-413 kernel: netfilter: ipset: fix region locking in hash types
kernel: netfilter: ipset: fix region locking in hash types
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: fix region locking in hash types
Region locking introduced in v5.6-rc4 contained three macros to handle
the region locks: ahash_bucket_start(), ahash_bucket_end() which gave
back the start and end hash bucket values belonging to a given region
lock and ahash_region() which should give back the region lock belonging
to a given hash bucket. The latter was incorrect which can lead to a
race condition between the garbage collector and adding new elements
when a hash type of set is defined with timeouts.
Package: kernel (Red Hat Enterprise Linux 10) - Fix deferred
Package: kernel (Red Hat Enterprise Linux 6) - Under investigation
Package: kernel (R
Microsoft
netfilter: ipset: fix region locking in hash types
vendor_msrc·2025-05-13·CVSS 7.0
CVE-2025-37997 [MEDIUM] netfilter: ipset: fix region locking in hash types
netfilter: ipset: fix region locking in hash types
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Linux: Linux
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.micr
Debian
CVE-2025-37997: linux - In the Linux kernel, the following vulnerability has been resolved: netfilter: ...
vendor_debian·2025·CVSS 5.5
CVE-2025-37997 [MEDIUM] CVE-2025-37997: linux - In the Linux kernel, the following vulnerability has been resolved: netfilter: ...
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5.6-rc4 contained three macros to handle the region locks: ahash_bucket_start(), ahash_bucket_end() which gave back the start and end hash bucket values belonging to a given region lock and ahash_region() which should give back the region lock belonging to a given hash bucket. The latter was incorrect which can lead to a race condition between the garbage collector and adding new elements when a hash type of set is defined with timeouts.
Scope: local
bookworm: resolved (fixed in 6.1.139-1)
bullseye: resolved (fixed in 5.10.244-1)
forky: resolved (fixed in 6.12.29-1)
sid: resolved (fixed in 6.12.29-1)
trixie: resolved (fixed in 6.12.29-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://git.kernel.org/stable/c/00cfc5fad1491796942a948808afb968a0a3f35bhttps://git.kernel.org/stable/c/226ce0ec38316d9e3739e73a64b6b8304646c658https://git.kernel.org/stable/c/6e002ecc1c8cfdfc866b9104ab7888da54613e59https://git.kernel.org/stable/c/82c1eb32693bc48251d92532975e19160987e5b9https://git.kernel.org/stable/c/8478a729c0462273188263136880480729e9efcahttps://git.kernel.org/stable/c/a3dfec485401943e315c394c29afe2db8f9481d6https://git.kernel.org/stable/c/aa77294b0f73bb8265987591460cd25b8722c3dfhttps://git.kernel.org/stable/c/e2ab67672b2288521a6146034a971f9a82ffc5c5https://lists.debian.org/debian-lts-announce/2025/08/msg00010.htmlhttps://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
2025-05-29
Published