CVE-2025-68318

In CVE-2025-68318, the Linux kernel TH1520 ARM device shows a vulnerability where the AXI crossbar gating causes bus timeouts and possible system hang due to improper AXI clock gating. The fix sets all TH1520-AXI clocks to CLK_IS_CRITICAL (gates remain locked on reset) and migrates remaining CLK_...

CVE-2025-68318 clk: thead: th1520-ap: set all AXI clocks to CLK_IS_CRITICAL

In the Linux kernel, the following vulnerability has been resolved: clk: thead: th1520-ap: set all AXI clocks to CLKISCRITICAL The AXI crossbar of TH1520 has no proper timeout handling, which means gating AXI clocks can easily lead to bus timeout and thus system hang. Set all AXI clock gates to...

CVE-2025-68318 clk: thead: th1520-ap: set all AXI clocks to CLK_IS_CRITICAL

In the Linux kernel, the following vulnerability has been resolved: clk: thead: th1520-ap: set all AXI clocks to CLKISCRITICAL The AXI crossbar of TH1520 has no proper timeout handling, which means gating AXI clocks can easily lead to bus timeout and thus system hang. Set all AXI clock gates to...

EUVD-2025-203681

In the Linux kernel, the following vulnerability has been resolved: ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP restart errors in...

EUVD-2025-203724

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

EUVD-2025-203641

In the Linux kernel, the following vulnerability has been resolved: archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of PTRERRORZERO in topologyparsecpucapacity which causes the code to proceed with NULL clock pointers. The current logic uses !PTRERRORZEROcpuc...

CVE-2025-68215

In the Linux kernel, the following vulnerability has been resolved: ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP restart errors in...

CVE-2025-68172

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-40352

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

CVE-2025-40346

In the Linux kernel, the following vulnerability has been resolved: archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of PTRERRORZERO in topologyparsecpucapacity which causes the code to proceed with NULL clock pointers. The current logic uses !PTRERRORZEROcpuc...

CVE-2025-68172

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-68215

In the Linux kernel, the following vulnerability has been resolved: ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP restart errors in...

CVE-2025-40352

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

CVE-2025-40346

In the Linux kernel, the following vulnerability has been resolved: archtopology: Fix incorrect error check in topologyparsecpucapacity Fix incorrect use of PTRERRORZERO in topologyparsecpucapacity which causes the code to proceed with NULL clock pointers. The current logic uses !PTRERRORZEROcpuc...

UBUNTU-CVE-2025-68215

In the Linux kernel, the following vulnerability has been resolved: ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP restart errors in...

UBUNTU-CVE-2025-68172

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-68215 ice: fix PTP cleanup on driver removal in error path

In the Linux kernel, the following vulnerability has been resolved: ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP restart errors in...

CVE-2025-68172

CVE-2025-68172: Linux kernel crypto: aspeed driver double-free due to manual clock cleanup. Root cause: clock obtained via devm_clk_get_enabled() is managed by devres and cleanup is handled on detach; manual clk_disable_unprepare() in error path and in remove path caused a double free. Mitigation...

CVE-2025-68172 crypto: aspeed - fix double free caused by devm

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-68172 crypto: aspeed - fix double free caused by devm

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...