CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

June 26, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild.
The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel that could be exploited to escalate privileges on susceptible

Source: Read More

Previous ArticleNew FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

Next Article How Questing Quokka (25.10) Ushers a New Era of Rust-Based Tools

Highlights

CVE-2025-37815 – “Microchip PCI1xxxx Linux Kernel IRQ Handler Registration Vulnerability”

May 8, 2025

CVE ID : CVE-2025-37815

Published : May 8, 2025, 7:15 a.m. | 58 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration

Resolve kernel panic while accessing IRQ handler associated with the
generated IRQ. This is done by acquiring the spinlock and storing the
current interrupt state before handling the interrupt request using
generic_handle_irq.

A previous fix patch was submitted where ‘generic_handle_irq’ was
replaced with ‘handle_nested_irq’. However, this change also causes
the kernel panic where after determining which GPIO triggered the
interrupt and attempting to call handle_nested_irq with the mapped
IRQ number, leads to a failure in locating the registered handler.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

GPT-5 is Coming: Revolutionizing Software Testing

Win the Accessibility Game: Combining AI with Human Judgment

I’ve been using the next-gen update to the world’s most popular esports gaming mouse, and everything has changed — except for the design

CVE-2025-6503 – Code-projects Inventory Management System SQL Injection

CVE-2025-49576 – Citizen is a MediaWiki skin that makes extensions

I like SteelSeries’ tiniest high performance gaming keyboard, but it’s not the only great magnetic option

CVE-2025-37815 – “Microchip PCI1xxxx Linux Kernel IRQ Handler Registration Vulnerability”

Natasha Lyonne to Direct AI-Powered Sci-Fi Film That Could Redefine Hollywood

Rethinking Research Reporting: A 5-Step Guide for UXRs

Scale generative AI use cases, Part 1: Multi-tenant hub and spoke architecture using AWS Transit Gateway

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

Related Posts