Microsoft October 2025 Patch Tuesday Fixes 170+ Vulnerabilities Including Multiple Zero-Day Flaws - LinkedIn

Today marks Microsoft’s October 2025 Patch Tuesday, and this monthly release is unusually heavy: Microsoft is distributing fixes for 172 security vulnerabilities, including six zero-day flaws. 📊 Overview: What’s in the October 2025 Patch Batch Severity & Categories Here is breakdown by vulnerability type: 1 Tampering 10 Spoofing 11 Security Feature Bypass 11 Denial of Service 28 Information Disclosure 31 Remote Code Execution 80 Elevation of Privilege 🛡️ Windows 10 Reaches End of Support A critical contextual factor: October 14, 2025 is the end-of-support date for Windows 10. With this Patch Tuesday, Microsoft will issue the final free security update for the OS. After this date, devices running Windows 10 will no longer receive new monthly or preview security updates unless enrolled in an Extended Security Updates (ESU) plan: Consumers can opt for a one-year ESU Enterprises can elect to receive updates for up to three extra years under the ESU program Microsoft’s official lifecycle messaging confirms this: the October 2025 cumulative update is the last monthly update for Windows 10, version 22H2 (and related SKUs) under its standard servicing policy. This transition heightens the stakes for organizations still running Windows 10 — unpatched systems will progressively accumulate risk, especially as attackers gravitate toward EOL platforms. 🔐 The Six Zero-Day Vulnerabilities Covered Microsoft has patched six zero-day vulnerabilities in this release: CVE-2025-0033 — AMD EPYC & SEV-SNP, Reverse Map Table Race Condition This is a highly technical vulnerability affecting AMD processors using SEV-SNP (Secure Encrypted Virtualization – Secure Nested Paging). A race condition in Reverse Map Table (RMP) initialization allowed a malicious or compromised hypervisor to modify RMP entries before locking, potentially undermining memory integrity in guest VMs. Microsoft notes: this flaw does not reveal plaintext data or cryptographic keys; the risk is in altering memory mappings. Because this relates to hypervisor-level control, it requires privileged access on the host. Azure Confidential Computing clusters using AMD hardware are being updated in phases; not all are patched as of now, and affected customers will be notified via Azure Service Health. The flaw was publicly disclosed by Benedict Schlueter, Supraja Sridhara, and Shweta Shinde from ETH Zurich. CVE-2025-24052 — Another Agere Modem Driver EoP This second Agere modem driver vulnerability is similar in nature to CVE-2025-24990. Microsoft states that the flaw affects all supported versions of Windows, even if the modem is not actively in use. No individual researchers are credited. CVE-2025-2884 — TPM 2.0 Reference Implementation, Out-of-Bounds Read This vulnerability resides in the TCG (Trusted Computing Group) TPM 2.0 reference code, specifically in the CryptHmacSign helper function. Because of missing validation of the signature scheme against the algorithm, an out-of-bounds read is possible. That can lead to information disclosure or a denial-of-service condition of the TPM. The CVE was assigned on behalf of CERT/CC, and TCG publicly documented the flaw. Attribution is to TCG and an anonymous researcher. CVE-2025-24990 — Agere Modem Driver, Elevation of Privilege Microsoft is removing the legacy ltmdm64.sys driver, which was exploited to gain administrative privileges. The driver is part of a third-party modem subsystem that ships with supported Windows versions. The removal was done in the October cumulative update, meaning related hardware (fax/modem) might cease working if it relies on that driver. Microsoft warns: this driver removal may disable associated modem hardware functions. The discovery is attributed to Fabian Mosch and Jordan Jay. CVE-2025-59230 — Remote Access Connection Manager, Elevation of Privilege This flaw lies in the Windows Remote Access Connection Manager service, where improper access control allowed a local user to elevate to SYSTEM privileges. According to Microsoft, an attacker needs to invest a “measurable amount of effort” in crafting or executing the exploit. Attribution goes to Microsoft’s own security teams: MSTIC / MSRC. Because this is a privilege escalation rather than a remote exploit, it's likely chained with other vulnerabilities in real-world attacks. CVE-2025-47827 — IGEL OS, Secure Boot Bypass Although strictly not a typical Windows exploit, Microsoft included mitigation for a Secure Boot bypass in IGEL OS (pre-version 11) by updating related Windows components. The flaw stems from igel-flash-driver module improperly checking cryptographic signatures. A crafted root filesystem image (unverified SquashFS) can be mounted, bypassing Secure Boot. Discovered by Zack Didcott, and the CVE was assigned via MITRE in coordination with the vendor. Other Important Vulnerabilities Patched In addition to the critical flaws, over 150 important vulnerabilities were addressed this month. These include more than 60 elevation of privilege bugs, roughly 30 information disclosure issues, and several denial-of-service vulnerabilities. A recurring pattern appears in Windows PrintWorkflowUserSvc (CVE-2025-55684 through CVE-2025-55691), where multiple use-after-free flaws could let local attackers gain elevated privileges during print operations—an often-targeted vector in enterprise environments. Several Windows Kernel vulnerabilities (e.g., CVE-2025-55693 and CVE-2025-59187) stem from improper input validation, potentially exposing kernel memory or enabling unauthorized ring-0 access. Spoofing vulnerabilities were also patched, including CVE-2025-59239 in File Explorer and CVE-2025-59248 in Exchange Server. Both involve flawed validation that could allow attackers to trick users into executing malicious actions or bypass authentication checks. BitLocker (CVE-2025-55682) received a fix for a security feature bypass that could be exploited through physical attacks—highlighting the ongoing risks at the hardware-software boundary. For cloud and hybrid environments, updates to Azure Arc and Connected Machine Agent (CVE-2025-58724) address privilege escalation risks caused by access control misconfigurations. Meanwhile, denial-of-service vulnerabilities such as CVE-2025-55698 in DirectX and CVE-2025-58729 in Local Session Manager could allow attackers to disrupt system services via null dereferences or malformed input. 🧭 Observations & Risk Landscape Increased Attack Surface With six zero-days being addressed in a single month, this is a relatively high number compared to typical Patch Tuesdays. The combination of remote code execution and privilege escalation vulnerabilities heightens the risk of multi-stage attacks. Legacy/Driver Dependencies The removal of the Agere modem driver signals Microsoft’s move to phase out older, rarely used, or insecure driver components. But users relying on such hardware must plan for functional impact. Some patches (e.g. IGEL OS Secure Boot fix) suggest Microsoft is also broadening its scope to cover third-party components that interact with Windows. Cloud & Hypervisor Implications The AMD SEV-SNP vulnerability underscores that even infrastructure-level features (not just OS-level) can be vulnerable, especially in multi-tenant environments like public clouds. Phased patching in Azure environments indicates the complexity of updating across large-scale hypervisor and enclave infrastructures. Windows 10 EOL & Risk Accumulation With Windows 10 entering the post-support era, devices left behind become ever-growing liabilities. Attackers often target EOL systems aggressively because they know new vulnerabilities won’t be mitigated by vendor patches. Organizations must either migrate, enroll in ESU, or isolate Windows 10 devices aggressively. Conclusion Microsoft’s October 2025 Patch Tuesday delivers crucial updates addressing significant vulnerabilities. Users and administrators are encouraged to review and apply these updates promptly to enhance system security. 🛠️ Recommendations & Mitigations Prioritize Patch Deployment Compensating Controls for Windows 10 Systems Monitor Hypervisor / Cloud Environments Audit Driver and Firmware Dependencies Review and Harden TPM Usage 💡 Gain insights into how to design and implement secure data paths and cross domain strategies that maintain ZERO Trust Get instant FREE access 🔍 Investigate the DNS history of any domain or IP in seconds Complete Break Down of Patch Tuesday Vulnerabilities (Categorized by Severity) 🔴 CRITICAL: CVE-2025-0033 AMD CVE-2025-0033: RMP Corruption During SNP Initialization CVE-2025-59218 Azure Entra ID Elevation of Privilege Vulnerability CVE-2025-59246 Azure Entra ID Elevation of Privilege Vulnerability CVE-2025-55321 Azure Monitor Log Analytics Spoofing Vulnerability CVE-2025-59247 Azure PlayFab Elevation of Privilege Vulnerability CVE-2025-59292 Azure Compute Gallery Elevation of Privilege Vulnerability CVE-2025-59291 Confidential Azure Container Instances Elevation of Privilege Vulnerability CVE-2025-59272 Copilot Spoofing Vulnerability CVE-2025-59252 M365 Copilot Spoofing Vulnerability CVE-2025-59286 Copilot Spoofing Vulnerability CVE-2025-39943 ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer CVE-2025-39907 mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer CVE-2025-49844 Redis Lua Use-After-Free may lead to remote code execution CVE-2025-39898 e1000e: fix heap overflow in e1000_set_eeprom CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler CVE-2025-39910 mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() CVE-2016-9535 MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability CVE-2025-49708 Microsoft Graphics Component Elevation of Privilege Vulnerability CVE-2025-59227 Microsoft Office Remote Code Execution Vulnerability CVE-2025-59234 Microsoft Office Remote Code Execution Vulnerability CVE-2025-59236 Microsoft Excel Remote Code Execution Vulnerability CVE-2025-59271 Redis Enterprise Elevation of Privilege Vulnerability CVE-2025-59287 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability 🟡 IMPORTANT: CVE-2025-55247.NET Elevation of Privilege Vulnerability CVE-2025-55248.NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability CVE-2025-59258 Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability CVE-2025-24990 Windows Agere Modem Driver Elevation of Privilege Vulnerability CVE-2025-24052 Windows Agere Modem Driver Elevation of Privilege Vulnerability CVE-2025-55315ASP.NET Security Feature Bypass Vulnerability CVE-2025-47989 Azure Connected Machine Agent Elevation of Privilege Vulnerability CVE-2025-58724 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability CVE-2025-55697 Azure Local Elevation of Privilege Vulnerability CVE-2025-59285 Azure Monitor Agent Elevation of Privilege Vulnerability CVE-2025-59494 Azure Monitor Agent Elevation of Privilege Vulnerability CVE-2025-59191 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2025-55326 Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution Vulnerability CVE-2025-58719 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2025-59200 Data Sharing Service Spoofing Vulnerability CVE-2025-59489 MITRE: CVE-2025-59489 Unity Gaming Engine Editor vulnerability CVE-2025-58735 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVE-2025-58732 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVE-2025-59282 Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVE-2025-58733 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVE-2025-58734 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVE-2025-58738 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVE-2025-58731Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVE-2025-58730 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVE-2025-58736 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability CVE-2025-59295 Windows URL Parsing Remote Code Execution Vulnerability CVE-2025-59250 JDBC Driver for SQL Server Spoofing Vulnerability CVE-2025-39945 cnic: Fix use-after-free bugs in cnic_delete_task CVE-2025-39952 wifi: wilc1000: avoid buffer overflow in WID string configuration CVE-2023-53469 af_unix: Fix null-ptr-deref in unix_stream_sendpage(). CVE-2025-46817 Lua library commands may lead to integer overflow and potential RCE CVE-2025-39944 octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() CVE-2025-10729 Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG CVE-2025-10728 Uncontrolled recursion in Qt SVG module CVE-2025-39901 i40e: remove read access to debugfs files CVE-2025-48004 Microsoft Brokering File System Elevation of Privilege Vulnerability CVE-2025-59189 Microsoft Brokering File System Elevation of Privilege Vulnerability CVE-2025-55320 Configuration Manager Elevation of Privilege Vulnerability CVE-2025-59213 Configuration Manager Elevation of Privilege Vulnerability CVE-2025-59497 Microsoft Defender for Linux Denial of Service Vulnerability CVE-2025-59248 Microsoft Exchange Server Spoofing Vulnerability CVE-2025-59249 Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2025-53782 Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2025-59260 Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability CVE-2025-59195 Microsoft Graphics Component Denial of Service Vulnerability CVE-2025-59261 Windows Graphics Component Elevation of Privilege Vulnerability CVE-2025-59205 Windows Graphics Component Elevation of Privilege Vulnerability CVE-2025-59229 Microsoft Office Denial of Service Vulnerability CVE-2025-59223 Microsoft Excel Remote Code Execution Vulnerability CVE-2025-59224 Microsoft Excel Remote Code Execution Vulnerability CVE-2025-59225 Microsoft Excel Remote Code Execution Vulnerability lCVE-2025-59232 Microsoft Excel Information Disclosure Vulnerability CVE-2025-59235 Microsoft Excel Information Disclosure Vulnerability CVE-2025-59233 Microsoft Excel Remote Code Execution Vulnerability CVE-2025-59231 Microsoft Excel Remote Code Execution Vulnerability CVE-2025-59243 Microsoft Excel Remote Code Execution Vulnerability CVE-2025-59238 Microsoft PowerPoint Remote Code Execution Vulnerability CVE-2025-59237 Microsoft SharePoint Remote Code Execution Vulnerability CVE-2025-59228 Microsoft SharePoint Remote Code Execution Vulnerability CVE-2025-59226 Microsoft Office Visio Remote Code Execution Vulnerability CVE-2025-59222 Microsoft Word Remote Code Execution Vulnerability CVE-2025-59221Microsoft Word Remote Code Execution Vulnerability CVE-2025-25004 PowerShell Elevation of Privilege Vulnerability CVE-2025-55701 Windows Authentication Elevation of Privilege Vulnerability CVE-2025-54957 MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoder CVE-2025-59198 Windows Search Service Denial of Service Vulnerability CVE-2025-59190 Windows Search Service Denial of Service Vulnerability CVE-2025-59253 Windows Search Service Denial of Service Vulnerability CVE-2025-58715 Windows Speech Runtime Elevation of Privilege Vulnerability CVE-2025-58716 Windows Speech Runtime Elevation of Privilege Vulnerability CVE-2025-59201 Network Connection Status Indicator (NCSI) Elevation of Privilege Vulnerability CVE-2025-55696 NtQueryInformation Token function (ntifs.h) Elevation of Privilege Vulnerability CVE-2025-58718 Remote Desktop Client Remote Code Execution Vulnerability Recommended by LinkedIn Understanding Secure Boot and the Certificate Lifecycle Joseph Emerick 1 month ago Understanding TPM 2.0 (Trusted Platform Module): A… Amit Pandey 2 years ago Critical OpenSSH Flaw Discovered Dan Duran 1 year ago CVE-2025-59199 Software Protection Platform (SPP) Elevation of Privilege Vulnerability CVE-2025-59192 Storport.sys Driver Elevation of Privilege Vulnerability CVE-2025-2884 Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation CVE-2025-48813 Virtual Secure Mode Spoofing Vulnerability CVE-2025-55240 Visual Studio Elevation of Privilege Vulnerability CVE-2025-54132 GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram Tool CVE-2025-58714 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2025-59242 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2025-59277 Windows Authentication Elevation of Privilege Vulnerability CVE-2025-59278 Windows Authentication Elevation of Privilege Vulnerability CVE-2025-59275 Windows Authentication Elevation of Privilege Vulnerability CVE-2025-55337 Windows BitLocker Security Feature Bypass Vulnerability CVE-2025-55332 Windows BitLocker Security Feature Bypass Vulnerability CVE-2025-55333 Windows BitLocker Security Feature Bypass Vulnerability CVE-2025-55330 Windows BitLocker Security Feature Bypass Vulnerability CVE-2025-55338 Windows BitLocker Security Feature Bypass Vulnerability CVE-2025-55682 Windows BitLocker Security Feature Bypass Vulnerability CVE-2025-59290 Windows Bluetooth Service Elevation of Privilege Vulnerability CVE-2025-58728 Windows Bluetooth Service Elevation of Privilege Vulnerability CVE-2025-59289 Windows Bluetooth Service Elevation of Privilege Vulnerability CVE-2025-55680 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability CVE-2025-55336 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability CVE-2025-58725 Windows COM+ Event System Service Elevation of Privilege Vulnerability CVE-2025-58727 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2025-59185 NTLM Hash Disclosure Spoofing Vulnerability CVE-2025-59244 NTLM Hash Disclosure Spoofing Vulnerability CVE-2025-58720 Windows Cryptographic Services Information Disclosure Vulnerability CVE-2025-50174 Windows Device Association Broker Service Elevation of Privilege Vulnerability CVE-2025-55677 Windows Device Association Broker Service Elevation of Privilege Vulnerability CVE-2025-53150 Windows Digital Media Elevation of Privilege Vulnerability CVE-2025-50175 Windows Digital Media Elevation of Privilege Vulnerability CVE-2025-55678 DirectX Graphics Kernel Elevation of Privilege Vulnerability CVE-2025-55698 DirectX Graphics Kernel Denial of Service Vulnerability CVE-2025-58722 Microsoft DWM Core Library Elevation of Privilege Vulnerability CVE-2025-55681 Desktop Windows Manager Elevation of Privilege Vulnerability CVE-2025-59255 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2025-59254 Microsoft DWM Core Library Elevation of Privilege Vulnerability CVE-2025-55692 Windows Error Reporting Service Elevation of Privilege Vulnerability CVE-2025-55694 Windows Error Reporting Service Elevation of Privilege Vulnerability CVE-2025-59197 Windows ETL Channel Information Disclosure Vulnerability CVE-2025-59188 Microsoft Failover Cluster Information Disclosure Vulnerability CVE-2025-47979 Microsoft Failover Cluster Information Disclosure Vulnerability CVE-2025-59214 Microsoft Windows File Explorer Spoofing Vulnerability CVE-2025-58739 Microsoft Windows File Explorer Spoofing Vulnerability CVE-2025-59241 Windows Health and Optimized Experiences Elevation of Privilege Vulnerability CVE-2025-53139 Windows Hello Security Feature Bypass Vulnerability CVE-2025-59184 Storage Spaces Direct Information Disclosure Vulnerability CVE-2025-55328 Windows Hyper-V Elevation of Privilege Vulnerability CVE-2025-55679 Windows Kernel Information Disclosure Vulnerability CVE-2025-55683 Windows Kernel Information Disclosure Vulnerability CVE-2025-59207 Windows Kernel Elevation of Privilege Vulnerability CVE-2025-55334 Windows Kernel Security Feature Bypass Vulnerability CVE-2025-59186 Windows Kernel Information Disclosure Vulnerability CVE-2025-55693 Windows Kernel Elevation of Privilege Vulnerability CVE-2025-59194 Windows Kernel Elevation of Privilege Vulnerability CVE-2025-59187 Windows Kernel Elevation of Privilege Vulnerability CVE-2025-50152 Windows Kernel Elevation of Privilege Vulnerability CVE-2025-55699 Windows Kernel Information Disclosure Vulnerability CVE-2025-58729 Windows Local Session Manager (LSM) Denial of Service Vulnerability CVE-2025-59257 Windows Local Session Manager (LSM) Denial of Service Vulnerability CVE-2025-59259 Windows Local Session Manager (LSM) Denial of Service Vulnerability CVE-2025-59193 Windows Management Services Elevation of Privilege Vulnerability CVE-2025-59204 Windows Management Services Information Disclosure Vulnerability CVE-2025-59208 Windows MapUrlToZone Information Disclosure Vulnerability CVE-2025-55339 Windows Network Driver Interface Specification Driver Elevation of Privilege Vulnerability CVE-2025-55335 Windows NTFS Elevation of Privilege Vulnerability CVE-2025-59284 Windows NTLM Spoofing Vulnerability CVE-2025-55331 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVE-2025-55689 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVE-2025-55685 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVE-2025-55686 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVE-2025-55690 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVE-2025-55684 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVE-2025-55688 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVE-2025-55691 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability CVE-2025-59209 Windows Push Notification Information Disclosure Vulnerability CVE-2025-59211 Windows Push Notification Information Disclosure Vulnerability CVE-2025-59230 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability CVE-2025-58737 Remote Desktop Protocol Remote Code Execution Vulnerability CVE-2025-55340 Windows Remote Desktop Protocol Security Feature Bypass CVE-2025-59202 Windows Remote Desktop Services Elevation of Privilege Vulnerability CVE-2025-59502 Remote Procedure Call Denial of Service Vulnerability CVE-2025-59210 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability CVE-2025-59206 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability CVE-2025-58717 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVE-2025-55700 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability CVE-2025-47827 MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11 CVE-2025-59280 Windows SMB Client Tampering Vulnerability CVE-2025-58726 Windows SMB Server Elevation of Privilege Vulnerability CVE-2025-59196 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability CVE-2025-59203 Windows State Repository API Server File Information Disclosure Vulnerability CVE-2025-55325Windows Storage Management Provider Information Disclosure Vulnerability CVE-2025-59294 Windows Taskbar Live Preview Information Disclosure Vulnerability CVE-2025-55676 Windows USB Video Class System Driver Information Disclosure Vulnerability CVE-2025-53717 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability CVE-2025-55695 Windows WLAN AutoConfig Service Information Disclosure Vulnerability CVE-2025-53768 Xbox IStorageService Elevation of Privilege Vulnerability CVE-2025-59281 Xbox Gaming Services Elevation of Privilege Vulnerability 🟢 MODERATE: CVE-2025-59288 Playwright Spoofing Vulnerability CVE-2025-39946 tls: make sure to abort the stream if headers are bogus CVE-2025-39942 ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size CVE-2025-39951 um: virtio_uml: Fix use-after-free after put_device in probe CVE-2025-39932 smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) CVE-2025-39949 qed: Don't collect too many protection override GRC elements CVE-2025-39937 net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer CVE-2025-39955 tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). CVE-2025-39895 sched: Fix sched_numa_find_nth_cpu() if mask offline CVE-2025-11413 GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds CVE-2025-11414 GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds CVE-2025-39938 ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed CVE-2025-11495 GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow CVE-2025-39934 drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ CVE-2025-39929 smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path CVE-2025-39913 tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. CVE-2025-39940 dm-stripe: fix a possible integer overflow CVE-2025-39953 cgroup: split cgroup_destroy_wq into 3 workqueues CVE-2025-39914 tracing: Silence warning when chunk allocation fails in trace_pid_write CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver CVE-2025-39920 pcmcia: Add error handling for add_interval() in do_validate_mem() CVE-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked CVE-2025-46818 Redis: Authenticated users can execute LUA scripts as a different user CVE-2022-50502 mm: /proc/pid/smaps_rollup: fix no vma's null-deref CVE-2025-11234 Qemu-kvm: vnc websocket handshake use-after-free CVE-2025-39961 iommu/amd/pgtbl: Fix possible race while increase page table level CVE-2025-46819 Redis is vulnerable to DoS via specially crafted LUA scripts CVE-2025-37727 Elasticsearch Insertion of sensitive information in log file CVE-2025-11412 GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds CVE-2025-39931 crypto: af_alg - Set merge to zero early in af_alg_sendmsg CVE-2025-39933 smb: client: let recv_done verify data_offset, data_length and remaining_data_length CVE-2025-39947 net/mlx5e: Harden uplink netdev access against device unbind CVE-2025-39916 mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() CVE-2025-39902 mm/slub: avoid accessing metadata when pointer is invalid in object_err() CVE-2025-39923 dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees CVE-2025-39891 wifi: mwifiex: Initialize the chan_stats array to zero CVE-2025-39927 ceph: fix race condition validating r_parent before applying state CVE-2025-39909 mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() ⚪️ LOW: CVE-2025-39911 i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path CVE-2025-39958 iommu/s390: Make attach succeed when the device was surprise removed CVE-2025-39957 wifi: mac80211: increase scan_ies_len for S1G CVE-2025-61984 ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) CVE-2025-61985 ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. CVE-2025-55687 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability ⚫️ UNKNOWN CVE-2025-11213 Chromium: CVE-2025-11213 Inappropriate implementation in Omnibox CVE-2025-11210 Chromium: CVE-2025-11210 Side-channel information leakage in Tab CVE-2025-11460 Chromium: CVE-2025-11460 Use after free in Storage CVE-2025-11458 Chromium: CVE-2025-11458 Heap buffer overflow in Sync CVE-2025-11215 Chromium: CVE-2025-11215 Off by one error in V8 CVE-2025-11216 Chromium: CVE-2025-11216 Inappropriate implementation in Storage CVE-2025-11208 Chromium: CVE-2025-11208 Inappropriate implementation in Media CVE-2025-11212 Chromium: CVE-2025-11212 Inappropriate implementation in Media CVE-2025-11211 Chromium: CVE-2025-11211 Out of bounds read in Media CVE-2025-11205 Chromium: CVE-2025-11205 Heap buffer overflow in WebGPU CVE-2025-11207 Chromium: CVE-2025-11207 Side-channel information leakage in Storage CVE-2025-11209 Chromium: CVE-2025-11209 Inappropriate implementation in Omnibox CVE-2025-11206 Chromium: CVE-2025-11206 Heap buffer overflow in Video CVE-2025-11219 Chromium: CVE-2025-11219 Use after free in V8