{
"Source": "CVE FEED",
"Title": "CVE-2025-47349 - Use of Out-of-range Pointer Offset in DSP Service",
"Content": "CVE ID : CVE-2025-47349
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Memory corruption while processing an escape call.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-47349 - Use of Out-of-range Pointer Offset in DSP Service",
"Content": "CVE ID : CVE-2025-47349
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Memory corruption while processing an escape call.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-47347 - Stack-based Buffer Overflow in Automotive Software platform based on QNX",
"Content": "CVE ID : CVE-2025-47347
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Memory corruption while processing control commands in the virtual memory management interface.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-47347 - Stack-based Buffer Overflow in Automotive Software platform based on QNX",
"Content": "CVE ID : CVE-2025-47347
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Memory corruption while processing control commands in the virtual memory management interface.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-47342 - Use After Free in BT Controller",
"Content": "CVE ID : CVE-2025-47342
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-47342 - Use After Free in BT Controller",
"Content": "CVE ID : CVE-2025-47342
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-47341 - Buffer Copy Without Checking Size of Input in Camera",
"Content": "CVE ID : CVE-2025-47341
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : memory corruption while processing an image encoding completion event.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-47341 - Buffer Copy Without Checking Size of Input in Camera",
"Content": "CVE ID : CVE-2025-47341
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : memory corruption while processing an image encoding completion event.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-47340 - Out-of-bounds Write in DSP Service",
"Content": "CVE ID : CVE-2025-47340
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Memory corruption while processing IOCTL call to get the mapping.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-47340 - Out-of-bounds Write in DSP Service",
"Content": "CVE ID : CVE-2025-47340
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Memory corruption while processing IOCTL call to get the mapping.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-47338 - Untrusted Pointer Dereference in DSP Service",
"Content": "CVE ID : CVE-2025-47338
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Memory corruption while processing escape commands from userspace.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-47338 - Untrusted Pointer Dereference in DSP Service",
"Content": "CVE ID : CVE-2025-47338
Published : Oct. 9, 2025, 3:18 a.m. | 36 minutes ago
Description : Memory corruption while processing escape commands from userspace.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27060 - Untrusted Pointer Dereference in TZ Firmware",
"Content": "CVE ID : CVE-2025-27060
Published : Oct. 9, 2025, 3:18 a.m. | 37 minutes ago
Description : Memory corruption while performing SCM call with malformed inputs.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27060 - Untrusted Pointer Dereference in TZ Firmware",
"Content": "CVE ID : CVE-2025-27060
Published : Oct. 9, 2025, 3:18 a.m. | 37 minutes ago
Description : Memory corruption while performing SCM call with malformed inputs.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27059 - Use of Out-of-range Pointer Offset in TZ Firmware",
"Content": "CVE ID : CVE-2025-27059
Published : Oct. 9, 2025, 3:18 a.m. | 37 minutes ago
Description : Memory corruption while performing SCM call.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27059 - Use of Out-of-range Pointer Offset in TZ Firmware",
"Content": "CVE ID : CVE-2025-27059
Published : Oct. 9, 2025, 3:18 a.m. | 37 minutes ago
Description : Memory corruption while performing SCM call.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27054 - Out-of-bounds Write in Display",
"Content": "CVE ID : CVE-2025-27054
Published : Oct. 9, 2025, 3:18 a.m. | 37 minutes ago
Description : Memory corruption while processing a malformed license file during reboot.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27054 - Out-of-bounds Write in Display",
"Content": "CVE ID : CVE-2025-27054
Published : Oct. 9, 2025, 3:18 a.m. | 37 minutes ago
Description : Memory corruption while processing a malformed license file during reboot.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27053 - Incorrect Calculation of Buffer Size in HLOS",
"Content": "CVE ID : CVE-2025-27053
Published : Oct. 9, 2025, 3:18 a.m. | 37 minutes ago
Description : Memory corruption during PlayReady APP usecase while processing TA commands.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27053 - Incorrect Calculation of Buffer Size in HLOS",
"Content": "CVE ID : CVE-2025-27053
Published : Oct. 9, 2025, 3:18 a.m. | 37 minutes ago
Description : Memory corruption during PlayReady APP usecase while processing TA commands.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27049 - Buffer Over-read in Camera",
"Content": "CVE ID : CVE-2025-27049
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Transient DOS while processing IOCTL call for image encoding.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27049 - Buffer Over-read in Camera",
"Content": "CVE ID : CVE-2025-27049
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Transient DOS while processing IOCTL call for image encoding.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27048 - Untrusted Pointer Dereference in Camera",
"Content": "CVE ID : CVE-2025-27048
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Memory corruption while processing camera platform driver IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27048 - Untrusted Pointer Dereference in Camera",
"Content": "CVE ID : CVE-2025-27048
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Memory corruption while processing camera platform driver IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27045 - Buffer Over-read in Video",
"Content": "CVE ID : CVE-2025-27045
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Information disclosure while processing batch command execution in Video driver.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27045 - Buffer Over-read in Video",
"Content": "CVE ID : CVE-2025-27045
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Information disclosure while processing batch command execution in Video driver.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27041 - Buffer Over-read in Video",
"Content": "CVE ID : CVE-2025-27041
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Transient DOS while processing video packets received from video firmware.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27041 - Buffer Over-read in Video",
"Content": "CVE ID : CVE-2025-27041
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Transient DOS while processing video packets received from video firmware.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-27040 - Improper Input Validation in TZ Firmware",
"Content": "CVE ID : CVE-2025-27040
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Information disclosure may occur while processing the hypervisor log.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-27040 - Improper Input Validation in TZ Firmware",
"Content": "CVE ID : CVE-2025-27040
Published : Oct. 9, 2025, 3:17 a.m. | 37 minutes ago
Description : Information disclosure may occur while processing the hypervisor log.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-7634 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - unauthenticated local file inclusion",
"Content": "CVE ID : CVE-2025-7634
Published : Oct. 9, 2025, 5:23 a.m. | 34 minutes ago
Description : The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-7634 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - unauthenticated local file inclusion",
"Content": "CVE ID : CVE-2025-7634
Published : Oct. 9, 2025, 5:23 a.m. | 34 minutes ago
Description : The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-7526 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - authenticated (subscriber+) arbitrary file deletion via file renaming",
"Content": "CVE ID : CVE-2025-7526
Published : Oct. 9, 2025, 5:23 a.m. | 34 minutes ago
Description : The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path validation in the set_user_profile_image function in all versions up to, and including, 6.6.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-7526 - WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - authenticated (subscriber+) arbitrary file deletion via file renaming",
"Content": "CVE ID : CVE-2025-7526
Published : Oct. 9, 2025, 5:23 a.m. | 34 minutes ago
Description : The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path validation in the set_user_profile_image function in all versions up to, and including, 6.6.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-11522 - Search & Go - Directory WordPress Theme <= 2.7 - authentication bypass to privilege escalation via account takeover",
"Content": "CVE ID : CVE-2025-11522
Published : 9 Oct 2025, 7:23 a.m. | 37 minutes ago
Description : The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation in the search_and_go_elated_check_facebook_user() function This makes it possible for unauthenticated attackers to gain access to other user's accounts, including administrators, when Facebook login is enabled.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-11522 - Search & Go - Directory WordPress Theme <= 2.7 - authentication bypass to privilege escalation via account takeover",
"Content": "CVE ID : CVE-2025-11522
Published : 9 Oct 2025, 7:23 a.m. | 37 minutes ago
Description : The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation in the search_and_go_elated_check_facebook_user() function This makes it possible for unauthenticated attackers to gain access to other user's accounts, including administrators, when Facebook login is enabled.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-11539 - Arbitrary Code Execution in Grafana Image Renderer Plugin",
"Content": "CVE ID : CVE-2025-11539
Published : 9 Oct 2025, 7:18 a.m. | 42 minutes ago
Description : Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then loaded by the Chromium process.
Instances are vulnerable if:
1. The default token ("authToken") is not changed, or is known to the attacker.
2. The attacker can reach the image renderer endpoint.
This issue affects grafana-image-renderer: from 1.0.0 through 4.0.16.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-11539 - Arbitrary Code Execution in Grafana Image Renderer Plugin",
"Content": "CVE ID : CVE-2025-11539
Published : 9 Oct 2025, 7:18 a.m. | 42 minutes ago
Description : Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then loaded by the Chromium process.
Instances are vulnerable if:
1. The default token ("authToken") is not changed, or is known to the attacker.
2. The attacker can reach the image renderer endpoint.
This issue affects grafana-image-renderer: from 1.0.0 through 4.0.16.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-39959 - ASoC: amd: acp: Fix incorrect retrival of acp_chip_info",
"Content": "CVE ID : CVE-2025-39959
Published : 9 Oct 2025, 9:47 a.m. | 14 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ASoC: amd: acp: Fix incorrect retrival of acp_chip_info
Use dev_get_drvdata(dev->parent) instead of dev_get_platdata(dev)
to correctly obtain acp_chip_info members in the acp I2S driver.
Previously, some members were not updated properly due to incorrect
data access, which could potentially lead to null pointer
dereferences.
This issue was missed in the earlier commit
("ASoC: amd: acp: Fix NULL pointer deref in acp_i2s_set_tdm_slot"),
which only addressed set_tdm_slot(). This change ensures that all
relevant functions correctly retrieve acp_chip_info, preventing
further null pointer dereference issues.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-39959 - ASoC: amd: acp: Fix incorrect retrival of acp_chip_info",
"Content": "CVE ID : CVE-2025-39959
Published : 9 Oct 2025, 9:47 a.m. | 14 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ASoC: amd: acp: Fix incorrect retrival of acp_chip_info
Use dev_get_drvdata(dev->parent) instead of dev_get_platdata(dev)
to correctly obtain acp_chip_info members in the acp I2S driver.
Previously, some members were not updated properly due to incorrect
data access, which could potentially lead to null pointer
dereferences.
This issue was missed in the earlier commit
("ASoC: amd: acp: Fix NULL pointer deref in acp_i2s_set_tdm_slot"),
which only addressed set_tdm_slot(). This change ensures that all
relevant functions correctly retrieve acp_chip_info, preventing
further null pointer dereference issues.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-39958 - iommu/s390: Make attach succeed when the device was surprise removed",
"Content": "CVE ID : CVE-2025-39958
Published : 9 Oct 2025, 9:47 a.m. | 14 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
iommu/s390: Make attach succeed when the device was surprise removed
When a PCI device is removed with surprise hotplug, there may still be
attempts to attach the device to the default domain as part of tear down
via (__iommu_release_dma_ownership()), or because the removal happens
during probe (__iommu_probe_device()). In both cases zpci_register_ioat()
fails with a cc value indicating that the device handle is invalid. This
is because the device is no longer part of the instance as far as the
hypervisor is concerned.
Currently this leads to an error return and s390_iommu_attach_device()
fails. This triggers the WARN_ON() in __iommu_group_set_domain_nofail()
because attaching to the default domain must never fail.
With the device fenced by the hypervisor no DMAs to or from memory are
possible and the IOMMU translations have no effect. Proceed as if the
registration was successful and let the hotplug event handling clean up
the device.
This is similar to how devices in the error state are handled since
commit 59bbf596791b ("iommu/s390: Make attach succeed even if the device
is in error state") except that for removal the domain will not be
registered later. This approach was also previously discussed at the
link.
Handle both cases, error state and removal, in a helper which checks if
the error needs to be propagated or ignored. Avoid magic number
condition codes by using the pre-existing, but never used, defines for
PCI load/store condition codes and rename them to reflect that they
apply to all PCI instructions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-39958 - iommu/s390: Make attach succeed when the device was surprise removed",
"Content": "CVE ID : CVE-2025-39958
Published : 9 Oct 2025, 9:47 a.m. | 14 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
iommu/s390: Make attach succeed when the device was surprise removed
When a PCI device is removed with surprise hotplug, there may still be
attempts to attach the device to the default domain as part of tear down
via (__iommu_release_dma_ownership()), or because the removal happens
during probe (__iommu_probe_device()). In both cases zpci_register_ioat()
fails with a cc value indicating that the device handle is invalid. This
is because the device is no longer part of the instance as far as the
hypervisor is concerned.
Currently this leads to an error return and s390_iommu_attach_device()
fails. This triggers the WARN_ON() in __iommu_group_set_domain_nofail()
because attaching to the default domain must never fail.
With the device fenced by the hypervisor no DMAs to or from memory are
possible and the IOMMU translations have no effect. Proceed as if the
registration was successful and let the hotplug event handling clean up
the device.
This is similar to how devices in the error state are handled since
commit 59bbf596791b ("iommu/s390: Make attach succeed even if the device
is in error state") except that for removal the domain will not be
registered later. This approach was also previously discussed at the
link.
Handle both cases, error state and removal, in a helper which checks if
the error needs to be propagated or ignored. Avoid magic number
condition codes by using the pre-existing, but never used, defines for
PCI load/store condition codes and rename them to reflect that they
apply to all PCI instructions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Oct 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹