CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2025-38264 – nvme-tcp: sanitize request list handling
https://notcve.org/view.php?id=CVE-2025-38264
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvme_tcp_handle_r2t() to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing. • https://git.kernel.org/stable/c/78a4adcd3fedb0728436e8094848ebf4c6bae006 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38263 – bcache: fix NULL pointer in cache_set_flush()
https://notcve.org/view.php?id=CVE-2025-38263
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: bcache: fix NULL pointer in cache_set_flush() 1. • https://git.kernel.org/stable/c/c4f5e7e417034b05f5d2f5fa9a872db897da69bd •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38262 – tty: serial: uartlite: register uart driver in init
https://notcve.org/view.php?id=CVE-2025-38262
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. • https://git.kernel.org/stable/c/6db06aaea07bb7c8e33a425cf7b98bf29ee6056e •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2025-38261 – riscv: save the SR_SUM status over switches
https://notcve.org/view.php?id=CVE-2025-38261
09 Jul 2025 — The issue was seen under heavy load especially with the syz-stress tool running, with crashes as follows in schedule_tail: Unable to handle kernel access to user memory without uaccess routines at virtual address 000000002749f0d0 Oops [#1] Modules linked in: CPU: 1 PID: 4875 Comm: syz-executor.0 Not tainted 5.12.0-rc2-syzkaller-00467-g0d7588ab9ef9 #0 Hardware name: riscv-virtio,qemu (DT) epc : schedule_tail+0x72/0xb2 kernel/sched/core.c:4264 ra : task_pid_vnr include/linux/sched.h:1421 [inline] ra : ... • https://git.kernel.org/stable/c/69ea599a8dab93a620c92c255be4239a06290a77 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38260 – btrfs: handle csum tree error with rescue=ibadroots correctly
https://notcve.org/view.php?id=CVE-2025-38260
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: handle csum tree error with rescue=ibadroots correctly [BUG] There is syzbot based reproducer that can crash the kernel, with the following call trace: (With some debug output added) DEBUG: rescue=ibadroots parsed BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by repro (1010) BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 BTRFS info ... • https://git.kernel.org/stable/c/abed4aaae4f71a7bcdbe90a65319b6e772a2689d •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38259 – ASoC: codecs: wcd9335: Fix missing free of regulator supplies
https://notcve.org/view.php?id=CVE-2025-38259
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9335: Fix missing free of regulator supplies Driver gets and enables all regulator supplies in probe path (wcd9335_parse_dt() and wcd9335_power_on_reset()), but does not cleanup in final error paths and in unbind (missing remove() callback). • https://git.kernel.org/stable/c/20aedafdf4926e7a957f8b302a18c8fb75c7e332 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-38258 – mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write
https://notcve.org/view.php?id=CVE-2025-38258
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write memcg_path_store() assigns a newly allocated memory buffer to filter->memcg_path, without deallocating the previously allocated and assigned memory buffer. • https://git.kernel.org/stable/c/7ee161f18b5da5170b5d6a51aace49d312099128 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38257 – s390/pkey: Prevent overflow in size calculation for memdup_user()
https://notcve.org/view.php?id=CVE-2025-38257
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdup_user() Number of apqn target list entries contained in 'nr_apqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size passed to memdup_user() may overflow. ... Found by Linux Verification Center (linuxtesting.org). • https://git.kernel.org/stable/c/f2bbc96e7cfad3891b7bf9bd3e566b9b7ab4553d •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2025-38256 – io_uring/rsrc: fix folio unpinning
https://notcve.org/view.php?id=CVE-2025-38256
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: fix folio unpinning syzbot complains about an unmapping failure: [ 108.070381][ T14] kernel BUG at mm/gup.c:71! • https://git.kernel.org/stable/c/a8edbb424b1391b077407c75d8f5d2ede77aa70d •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-38255 – lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly()
https://notcve.org/view.php?id=CVE-2025-38255
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() While testing null_blk with configfs, echo 0 > poll_queues will trigger following panic: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 [#1] SMP NOPTI CPU: 27 UID: 0 PID: 920 Comm: bash Not tainted 6.15.0-02023-gadbdb95c8696-dirty #1238 PREEMPT(undef) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2... • https://git.kernel.org/stable/c/6a6dcae8f486c3f3298d0767d34505121c7b0b81 •