CVE-2025-37976

...

CVE-2025-37971 staging: bcm2835-camera: Initialise dev in v4l2_dev

In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2dev Commit 42a2f6664e18 "staging: vc04services: Move global gstate to vchiqstate" changed mmalinit to pass dev-v4l2dev.dev to vchiqmmalinit, however nothing iniitialised dev-v4l2dev,...

DEBIAN-CVE-2025-37945

In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY DSA has 2 kinds of drivers: 1. Those who call dsaswitchsuspend and dsaswitchresume from their device PM ops: qca8k-8xxx, bcmsf2, microchip ksz...

CVE-2025-37904

CVE-2025-37904 affects the Linux kernel (btrfs) where a bug in btrfs_iget() can leak an inode if btrfs_alloc_path() fails, leaving a busy inode and triggering a kernel BUG in fs/super.c during unmount. The root cause is failure to release the previously allocated inode when btrfs_alloc_path() fai...

DEBIAN-CVE-2025-37863

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, onl...

CVE-2025-37850 pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()

In the Linux kernel, the following vulnerability has been resolved: pwm: mediatek: Prevent divide-by-zero in pwmmediatekconfig With CONFIGCOMPILETEST && !CONFIGHAVECLK, pwmmediatekconfig has a divide-by-zero in the following line: dodivresolution, clkgetratepc-clkpwmspwm-hwpwm; due to the fact th...

CVE-2025-37802

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix WARNING "do not call blocking ops when !TASKRUNNING" waiteventtimeout will set the state of the current task to TASKUNINTERRUPTIBLE, before doing the condition check. This means that ksmbddurablescavengeralive will try...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21948)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21948 advisory. - In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL...

SUSE CVE-2023-53067

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Only call gettimerirq once in constantclockeventinit Under CONFIGDEBUGATOMICSLEEP=y and CONFIGDEBUGPREEMPT=y, we can see the following messages on LoongArch, this is because using mightsleep in preemption disable...

CVE-2023-53122

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2023-53140

The CVE-2023-53140 issue affects the Linux kernel SCSI core: the /proc/scsi/${proc_name} directory is now removed earlier to fix a race between module unload/reload. This resolves a memory-leak/ordering problem introduced in 2009 and suppresses a proc_dir_entry warning for scsi_debug. Connected a...

PT-2025-18844 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to a missing overflow check in xdp umem reg, which can cause the number of chunks to overflow u32. This...

UBUNTU-CVE-2022-49870

In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds in...

CVE-2022-49851 riscv: fix reserved memory setup

In the Linux kernel, the following vulnerability has been resolved: riscv: fix reserved memory setup Currently, RISC-V sets up reserved memory using the "early" copy of the device tree. As a result, when trying to get a reserved memory region using ofreservedmemlookup, the pointer to reserved...

CVE-2022-49827 drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()

In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref in drmvblankdestroyworker drmvblankinit call drmmaddactionorreset with drmvblankinitrelease as action. If drmmaddaction failed, will directly call drmvblankinitrelease with the vblank whose worke...

CVE-2022-49820 mctp i2c: don't count unused / invalid keys for flow release

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: don't count unused / invalid keys for flow release We're currently hitting the WARNON in mctpi2cflowrelease: if midev-releasecount midev-i2clockcount WARNONCE1, "release count overflow"; This may be hit if we expire a...

CVE-2022-49796

The CVE-2022-49796 issue affects the Linux kernel tracing/kprobe path. It concerns a potential NULL pointer dereference in trace_array if test_gen_kprobe_cmd() fails after kprobe_event_gen_cmd_end(), where gen_kretprobe_test could reference an invalid trace_array after kprobe_event_delete(). The ...

CVE-2022-49772 ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Drop sndBUGON from sndusbmidioutputopen sndusbmidioutputopen has a check of the NULL port with sndBUGON. sndBUGON was used as this shouldn't have happened, but in reality, the NULL port may be seen when the devic...

CVE-2025-37791 ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll()

In the Linux kernel, the following vulnerability has been resolved: ethtool: cmiscdb: use correct rpl size in ethtoolcmismodulepoll rpl is passed as a pointer to ethtoolcmismodulepoll, so the correct size of rpl is sizeofrpl which should be just 1 byte. Using the pointer size instead can cause...

SUSE CVE-2025-39755

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix cb7210 pcmcia Oops The pcmciadriver struct was still only using the old .name initialization in the drv field. This led to a NULL pointer deref Oops in strcmp called from pcmciaregisterdriver. Initialize the...