CVE-2022-49888

CVE-2022-49888 affects the ARM64 Linux kernel entry path. The Cortex-A76 erratum workaround (cortex_a76_erratum_1463225_debug_handler) was not inlined due to a patch, allowing a kprobe to probe the function and potentially trigger recursive exceptions and a stack overflow when a probed function e...

CVE-2022-49877

CVE-2022-49877 concerns a Linux kernel vulnerability resolved by a change in the BPF sockmap code. The issue manifests as a warning from sk_stream_kill_queues concerning sk_forward_alloc during test_sockmap selftests. The root cause was a mistaken use of msg->sg.size to replace the tosend valu...

CVE-2022-49859 net: lapbether: fix issue of invalid opcode in lapbeth_open()

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: fix issue of invalid opcode in lapbethopen If lapbregister failed when lapb device goes to up for the first time, the NAPI is not disabled. As a result, the invalid opcode issue is reported when the lapb device go...

CVE-2022-49789 scsi: zfcp: Fix double free of FSF request when qdio send fails

In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcpfsfreqsend' to cache the FSF request ID when sending a new FSF request. This is used in case the sending fails and w...

CVE-2022-49764 bpf: Prevent bpf program recursion for raw tracepoint probes

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...

CVE-2025-37756

In the Linux kernel, the following vulnerability has been resolved: net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us a long time ago...

CVE-2025-23149

In the Linux kernel, the following vulnerability has been resolved: tpm: do not start chip while suspended Checking TPMCHIPFLAGSUSPENDED after the call to tpmfindgetops can lead to a spurious tpmchipstart call: 35985.503771 i2c i2c-1: Transfer while suspended 35985.503796 WARNING: CPU: 0 PID: 74 ...

CVE-2025-23139

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-23139

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-37795

CVE-2025-37795 is rejected/not used per the CVE entry; not an active vulnerability.

CVE-2025-37793

CVE-2025-37793 affects the Linux kernel ASoC: Intel avs driver. The vulnerability arises when avs_component_probe() dereferences a NULL from devm_kasprintf() if memory allocation fails, leading to a NULL pointer dereference. A fix was implemented in the kernel to check for NULL from devm_kasprint...

CVE-2025-37790 net: mctp: Set SOCK_RCU_FREE

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCKRCUFREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup...

CVE-2025-37789 net: openvswitch: fix nested key length validation in the set() action

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set action It's not safe to access nlalenovskey if the data is smaller than the netlink header. Check that the attribute is OK first...

CVE-2025-37778

CVE-2025-37778 affects the Linux kernel’s ksmbd/kerberos path. The issue is a dangling pointer in krb_authenticate: it frees sess->user and may not null it; ksmbd_krb5_authenticate reinitialises sess->user, but may return without doing so, causing smb2_sess_setup to access freed memory. The...

CVE-2025-37772 RDMA/cma: Fix workqueue crash in cma_netevent_work_handler

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix workqueue crash in cmaneteventworkhandler struct rdmacmid has member "struct workstruct network" that is reused for enqueuing cmaneteventworkhandlers onto cmawq. Below crash1 can occur if more than one call to...

CVE-2025-37770

CVE-2025-37770 affects the Linux kernel (drm/amd/pm): if a user sets a speed value greater than UINT_MAX/8, a division by zero is possible. The issue is exploitable locally with low privileges and no user interaction required. The vulnerability was identified by the Linux Verification Center (SVA...

CVE-2025-37769 drm/amd/pm/smu11: Prevent division by zero

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm/smu11: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE. cherry picked from...

CVE-2025-37746 perf/dwc_pcie: fix duplicate pci_dev devices

In the Linux kernel, the following vulnerability has been resolved: perf/dwcpcie: fix duplicate pcidev devices During platformdeviceregister, wrongly using struct device pcidev as platformdata caused a kmemdup copy of pcidev. Worse still, accessing the duplicated device leads to list corruption a...

CVE-2025-37743 wifi: ath12k: Avoid memory leak while enabling statistics

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid memory leak while enabling statistics Driver uses monitor destination rings for extended statistics mode and standalone monitor mode. In extended statistics mode, TLVs are parsed from the buffer received from...

PT-2025-18569

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A security issue has been identified in the Linux kernel, specifically related to the riscv process, where the s12 array in thread struct may contain random kernel memory content. This...