ROS-20251017-01

Vulnerability of mienumattr function of fs/ntfs3 component of Linux kernel is related to buffer copying without input data verification. Exploitation of the vulnerability allows an intruder to gain access to confidential data, violate its integrity, and cause a denial of service. Vulnerability of...

CVE-2025-38404

CVE-2025-38404 affects the Linux kernel USB Type-C/displayport subsystem. The issue is a potential deadlock caused by recursive locking of cros_typec_altmode_data::mutex when a mutex-protected path calls typec_altmode_exit() from within the same context. The documented fix defers the typec_altmod...

CVE-2025-37994 usb: typec: ucsi: displayport: Fix NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to finish executing before proceeding with the partner removal...

CVE-2025-37994

CVE-2025-37994 affects the Linux kernel driver path usb: typec: ucsi: displayport. The root cause is a NULL pointer access in ucsi_displayport_work handling. A patch was applied to ensure the UCSI driver waits for all pending tasks in the ucsi_displayport_work queue to finish before partner remov...

CVE-2025-37967

CVE-2025-37967 affects the Linux kernel USB Type-C UCSI driver (displayport) and fixes a deadlock when handling DP Alt Mode. The patch adds ucsi_con_mutex_lock and ucsi_con_mutex_unlock so the connector mutex is only acquired when a connection exists and the partner pointer is valid, preventing a...