CVE-2025-68249 most: usb: hdm_probe: Fix calling put_device() before device initialization

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

CVE-2025-68249 most: usb: hdm_probe: Fix calling put_device() before device initialization

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

CVE-2025-68249

CVE-2025-68249 refers to a pre-initialization bug in the Linux kernel within the usb/hub driver path (hdm_probe). The error path could jump to err_free_mdev before mdev->dev is initialized, leading to a WARN when calling put_device() on an uninitialized device and potentially triggering improp...

CVE-2025-68224

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-68222

In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32pinctrldesc s32pinctrldesc is allocated with devmkmalloc, but not all of its fields are initialized. Notably, numcustomparams is used in pinconfgenericparsedtconfig, resulting in...

CVE-2025-68168

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...

CVE-2025-68224

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-68225

In the Linux kernel, the following vulnerability has been resolved: lib/testkho: check if KHO is enabled We must check whether KHO is enabled prior to issuing KHO commands, otherwise KHO internal data structures are not initialized...

CVE-2025-40352

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

CVE-2025-68168

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...

UBUNTU-CVE-2025-68168

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...

UBUNTU-CVE-2025-68225

In the Linux kernel, the following vulnerability has been resolved: lib/testkho: check if KHO is enabled We must check whether KHO is enabled prior to issuing KHO commands, otherwise KHO internal data structures are not initialized...

CVE-2025-68225 lib/test_kho: check if KHO is enabled

In the Linux kernel, the following vulnerability has been resolved: lib/testkho: check if KHO is enabled We must check whether KHO is enabled prior to issuing KHO commands, otherwise KHO internal data structures are not initialized...

CVE-2025-68224

CVE-2025-68224 is rejected/not used as stated in the Initial Description.

CVE-2025-68224

...

CVE-2025-68224 scsi: core: Fix a regression triggered by scsi_host_busy()

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsihostbusy Commit 995412e23bb2 "blk-mq: Replace tags-lock with SRCU for tag iterators" introduced the following regression: Call trace: srcureadlock+0x30/0x80 P...

CVE-2025-68222 pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc

In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32pinctrldesc s32pinctrldesc is allocated with devmkmalloc, but not all of its fields are initialized. Notably, numcustomparams is used in pinconfgenericparsedtconfig, resulting in...

CVE-2025-68213 idpf: fix possible vport_config NULL pointer deref in remove

In the Linux kernel, the following vulnerability has been resolved: idpf: fix possible vportconfig NULL pointer deref in remove Attempting to remove the driver will cause a crash in cases where the vport failed to initialize. Following trace is from an instance where the driver failed during an...

CVE-2025-68213

CVE-2025-68213: Linux kernel idpf driver vulnerability where remove() may dereference a NULL vport_config if vport initialization failed, causing a kernel crash during device removal. Mitigation implemented by adding a NULL pointer check for vport_config[i] before freeing user_config.q_coalesce. ...

CVE-2025-68213 idpf: fix possible vport_config NULL pointer deref in remove

In the Linux kernel, the following vulnerability has been resolved: idpf: fix possible vportconfig NULL pointer deref in remove Attempting to remove the driver will cause a crash in cases where the vport failed to initialize. Following trace is from an instance where the driver failed during an...