CVE-2022-49978 fbdev: fb_pm2fb: Avoid potential divide by zero error

In the Linux kernel, the following vulnerability has been resolved: fbdev: fbpm2fb: Avoid potential divide by zero error In dofbioctl of fbmem.c, if cmd is FBIOPUTVSCREENINFO, var will be copied from user, then go through fbsetvar and info-fbops-fbcheckvar which could may be pm2fbcheckvar. Along...

CVE-2025-38057 espintcp: fix skb leaks

In the Linux kernel, the following vulnerability has been resolved: espintcp: fix skb leaks A few error paths are missing a kfreeskb...

CVE-2025-38034 btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref

In the Linux kernel, the following vulnerability has been resolved: btrfs: correct the order of prelimref arguments in btrfsprelimref btrfsprelimref calls the old and new reference variables in the incorrect order. This causes a NULL pointer dereference because oldref is passed as NULL to...

CVE-2025-38028 NFS/localio: Fix a race in nfs_local_open_fh()

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: Fix a race in nfslocalopenfh Once the clp-cluuid.lock has been dropped, another CPU could come in and free the struct nfsdfile that was just added. To prevent that from happening, take the RCU read lock before droppi...

CVE-2025-38006

CVE-2025-38006 affects the Linux kernel MCTP path: in net/mctp, mctp_dump_addrinfo may read uninitialized memory from ifaddrmsg when filtering by ifa_index if the struct isaddrmsg is not provided. This can occur during certain netlink dumps (e.g., from syzkaller/busybox ip addr show). The issue i...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A validation check for zero numsubauth is added before accessing subauth. Accessing psid-subauthpsid-numsubauth - 1 without checking whether numsubauth is non-zero can lead to an out-of-bounds read. This patch adds a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: Do not issue a warning if iocg was already offline. In iocgpaydebt, a warning is triggered if ‘activelist’ is empty. This is intended to confirm that iocg is active when it has debts. However, a warning can still be...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: net: lan743x: Fixed the memory leak issue when GSO is enabled. The skb has always been mapped to the LS descriptor. Previously, the skb was mapped to the EXT descriptor when the number of fragments was zero and GSO was enabled...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Access to buffers is protected when there are no active references to them. The function nilfslookupdirtydatabuffers iterates through buffers attached to dirty data folios/pages. It accesses these attached buffers without...

CVE-2025-37996

The CVE-2025-37996 entry concerns the Linux kernel KVM/arm64 path where an uninitialized local memcache pointer in user_mem_abort() could be used via kvm_pgtable_stage2_map(). The underlying cause was partial initialization introduced by a prior commit, leaving a codepath that could fail on stage...

CVE-2025-37994 usb: typec: ucsi: displayport: Fix NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to finish executing before proceeding with the partner removal...

CVE-2025-37975 riscv: module: Fix out-of-bounds relocation access

In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows relj to access one element past the end of the relocation section. Simplify to numrelocations which is equivalent to the existing size expression...

CVE-2025-37976

...

CVE-2025-37971 staging: bcm2835-camera: Initialise dev in v4l2_dev

In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2dev Commit 42a2f6664e18 "staging: vc04services: Move global gstate to vchiqstate" changed mmalinit to pass dev-v4l2dev.dev to vchiqmmalinit, however nothing iniitialised dev-v4l2dev,...

DEBIAN-CVE-2025-37945

In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY DSA has 2 kinds of drivers: 1. Those who call dsaswitchsuspend and dsaswitchresume from their device PM ops: qca8k-8xxx, bcmsf2, microchip ksz...

CVE-2025-37904

CVE-2025-37904 affects the Linux kernel (btrfs) where a bug in btrfs_iget() can leak an inode if btrfs_alloc_path() fails, leaving a busy inode and triggering a kernel BUG in fs/super.c during unmount. The root cause is failure to release the previously allocated inode when btrfs_alloc_path() fai...

DEBIAN-CVE-2025-37863

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, onl...

CVE-2025-37850 pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()

In the Linux kernel, the following vulnerability has been resolved: pwm: mediatek: Prevent divide-by-zero in pwmmediatekconfig With CONFIGCOMPILETEST && !CONFIGHAVECLK, pwmmediatekconfig has a divide-by-zero in the following line: dodivresolution, clkgetratepc-clkpwmspwm-hwpwm; due to the fact th...

CVE-2025-37802

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix WARNING "do not call blocking ops when !TASKRUNNING" waiteventtimeout will set the state of the current task to TASKUNINTERRUPTIBLE, before doing the condition check. This means that ksmbddurablescavengeralive will try...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21948)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21948 advisory. - In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL...