4827 matches found
CVE-2025-22033
In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g. LDREX. When that's the case, signal to the caller that it needs to...
UBUNTU-CVE-2025-22050
In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rxcomplete Missing usbnetgoingaway Check in Critical Path. The usbsubmiturb function lacks a usbnetgoingaway validation, whereas usbnetqueueskb includes this check. This inconsistency creates a race conditio...
CVE-2025-23130 f2fs: fix to avoid panic once fallocation fails for pinfile
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic once fallocation fails for pinfile syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2746! CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted...
CVE-2025-22102
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenario where WLAN and BT FW download occurs simultaneously, and due to a HW bug, chip sends out only 1...
CVE-2025-22102 Bluetooth: btnxpuart: Fix kernel panic during FW release
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenario where WLAN and BT FW download occurs simultaneously, and due to a HW bug, chip sends out only 1...
CVE-2025-22102 Bluetooth: btnxpuart: Fix kernel panic during FW release
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix kernel panic during FW release This fixes a kernel panic seen during release FW in a stress test scenario where WLAN and BT FW download occurs simultaneously, and due to a HW bug, chip sends out only 1...
CVE-2025-22102
The CVE-2025-22102 vulnerability concerns the Linux kernel Bluetooth btnxpuart driver. During firmware release, a hardware defect can cause only one bootloader signature to be sent; the driver waits for consecutive signatures, leading to a timeout and a release_firmware call that can trigger a ke...
CVE-2025-22095 PCI: brcmstb: Fix error path after a call to regulator_bulk_get()
In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulatorbulkget If the regulatorbulkget returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PCIe link up fails, a call to...
CVE-2025-22095 PCI: brcmstb: Fix error path after a call to regulator_bulk_get()
In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulatorbulkget If the regulatorbulkget returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PCIe link up fails, a call to...
CVE-2025-22095
CVE-2025-22095 pertains to the Linux kernel PCI subsystem (brcmstb) and fixes an error path in regulator_bulk_get() handling. If regulator_bulk_get() returns an error and no regulators are created, the kernel previously did not set the regulator count to zero, which could cause a kernel panic whe...
CVE-2025-22094
In CVE-2025-22094, the Linux kernel powerpc/perf PMU named vpa_pmu had no ownership assignment, allowing the module to be unloaded while perf events were active and potentially causing a NULL-pointer dereference and kernel panic on Pseries-LPAR. The fix adds module ownership to vpa_pmu so it is r...
CVE-2025-22094 powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu'
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpapmu' Commit 176cda0619b6 "powerpc/perf: Add perf interface to expose vpa counters" introduced 'vpapmu' to expose Book3s-HV nested APIv2 provided L1L2 context switch latency counters t...
CVE-2025-22094 powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu'
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpapmu' Commit 176cda0619b6 "powerpc/perf: Add perf interface to expose vpa counters" introduced 'vpapmu' to expose Book3s-HV nested APIv2 provided L1L2 context switch latency counters t...
CVE-2025-22050 usbnet:fix NPE during rx_complete
In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rxcomplete Missing usbnetgoingaway Check in Critical Path. The usbsubmiturb function lacks a usbnetgoingaway validation, whereas usbnetqueueskb includes this check. This inconsistency creates a race conditio...
CVE-2025-22050
The CVE-2025-22050 entry concerns the Linux kernel USB networking path. A race between usb_submit_urb and __usbnet_queue_skb occurs due to a missing usbnet_going_away check in usb_submit_urb, while __usbnet_queue_skb performs this validation. This can let a URB proceed while the corresponding SKB...
CVE-2025-22032 wifi: mt76: mt7921: fix kernel panic due to null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix kernel panic due to null pointer dereference Address a kernel panic caused by a null pointer dereference in the mt792xrxgetwcid function. The issue arises because the deflink structure is not properly...
CVE-2025-22032 wifi: mt76: mt7921: fix kernel panic due to null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix kernel panic due to null pointer dereference Address a kernel panic caused by a null pointer dereference in the mt792xrxgetwcid function. The issue arises because the deflink structure is not properly...
CVE-2025-22033 arm64: Don't call NULL in do_compat_alignment_fixup()
In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g. LDREX. When that's the case, signal to the caller that it needs to...
CVE-2025-22032
CVE-2025-22032 affects the Linux kernel wifi driver (mt76/mt7921). The vulnerability stems from mt792x_rx_get_wcid dereferencing an uninitialized deflink because it isn’t correctly linked to the sta context, causing a kernel NULL pointer dereference and a subsequent panic. A patch fixes the linka...
CVE-2025-22033 arm64: Don't call NULL in do_compat_alignment_fixup()
In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g. LDREX. When that's the case, signal to the caller that it needs to...