CVE-2025-40164 usbnet: Fix using smp_processor_id() in preemptible code warnings
Published February 28, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2025-40005 spi: cadence-quadspi: Implement refcount to handle unbind during busy
Published February 28, 2026
Information published.
CVE-2025-38162 netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
Published February 28, 2026
Information published.
CVE-2026-28364 In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.
Published February 28, 2026
Information published.
CVE-2025-40082 hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
Published February 28, 2026
Information published.
CVE-2025-71232 scsi: qla2xxx: Free sp in error path to fix system crash
Published February 28, 2026
Information published.
CVE-2026-22999 net/sched: sch_qfq: do not free existing class in qfq_change_class()
Published February 28, 2026
Information published.
CVE-2025-71237 nilfs2: Fix potential block overflow that cause system hang
Published February 28, 2026
Information published.
CVE-2026-23220 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
Published February 28, 2026
Information published.
CVE-2025-71229 wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon()
Published February 28, 2026
Information published.
