CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-22076 – exfat: fix missing shutdown check
https://notcve.org/view.php?id=CVE-2025-22076
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: exfat: fix missing shutdown check xfstests generic/730 test failed because after deleting the device that still had dirty data, the file could still be read without returning an error. In the Linux kernel, the following vulnerability has been resolved: exfat: fix missing shutdown check xfstests generic/730 test failed because after deleting the device that still had dirty data, the file could still be read without returning an... • https://git.kernel.org/stable/c/f761fcdd289d07e8547fef7ac76c3760fc7803f2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-22075 – rtnetlink: Allocate vfinfo size for VF GUIDs when supported
https://notcve.org/view.php?id=CVE-2025-22075
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Allocate vfinfo size for VF GUIDs when supported Commit 30aad41721e0 ("net/core: Add support for getting VF GUIDs") added support for getting VF port and node GUIDs in netlink ifinfo messages, but their size was not taken into consideration in the function that allocates the netlink message, causing the following warning when a netlink message is filled with many VF port and node GUIDs: # echo 64 > /sys/bus/pci/devices/000... • https://git.kernel.org/stable/c/30aad41721e087babcf27c5192474724d555936c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-22074 – ksmbd: fix r_count dec/increment mismatch
https://notcve.org/view.php?id=CVE-2025-22074
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix r_count dec/increment mismatch r_count is only increased when there is an oplock break wait, so r_count inc/decrement are not paired. ... In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix r_count dec/increment mismatch r_count is only increased when there is an oplock break wait, so r_count inc/decrement are not paired. • https://git.kernel.org/stable/c/09aeab68033161cb54f194da93e51a11aee6144b •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2025-22073 – spufs: fix a leak on spufs_new_file() failure
https://notcve.org/view.php?id=CVE-2025-22073
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufs_new_file() failure It's called from spufs_fill_dir(), and caller of that will do spufs_rmdir() in case of failure. ... In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufs_new_file() failure It's called from spufs_fill_dir(), and caller of that will do spufs_rmdir() in case of failure. • https://git.kernel.org/stable/c/3f51dd91c80746a5cf76f8c4a77bfc88aa82bb9e •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-22072 – spufs: fix gang directory lifetimes
https://notcve.org/view.php?id=CVE-2025-22072
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: spufs: fix gang directory lifetimes prior to "[POWERPC] spufs: Fix gang destroy leaks" we used to have a problem with gang lifetimes - creation of a gang returns opened gang directory, which normally gets removed when that gets closed, but if somebody has created a context belonging to that gang and kept it alive until the gang got closed, removal failed and we ended up with a leak. In the Linux kernel, the following vulnerabi... • https://git.kernel.org/stable/c/877907d37da9694a34adc9dc3e2ce09400148cb5 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2025-22071 – spufs: fix a leak in spufs_create_context()
https://notcve.org/view.php?id=CVE-2025-22071
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak in spufs_create_context() Leak fixes back in 2008 missed one case - if we are trying to set affinity and spufs_mkdir() fails, we need to drop the reference to neighbor. In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak in spufs_create_context() Leak fixes back in 2008 missed one case - if we are trying to set affinity and spufs_mkdir() fails, we need to drop the reference t... • https://git.kernel.org/stable/c/58119068cb27ef7513f80aff44b62a3a8f40ef5f •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-22070 – fs/9p: fix NULL pointer dereference on mkdir
https://notcve.org/view.php?id=CVE-2025-22070
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx parentdir then creating a subdirectory crashed 9p client, as v9fs_fid_add() call in function v9fs_vfs_mkdir_dotl() sets the passed 'fid' pointer to NULL (since dafbe689736) even though the subsequent v9fs_set_create_acl() call expects... • https://git.kernel.org/stable/c/dafbe689736f62c696ac64809b17bdc752cfbe76 •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22069 – riscv: fgraph: Fix stack layout to match __arch_ftrace_regs argument of ftrace_return_to_handler
https://notcve.org/view.php?id=CVE-2025-22069
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match __arch_ftrace_regs argument of ftrace_return_to_handler Naresh Kamboju reported a "Bad frame pointer" kernel warning while running LTP trace ftrace_stress_test.sh in riscv. In the Linux kernel, the following vulnerability has been resolved: riscv: fgraph: Fix stack layout to match __arch_ftrace_regs argument of ftrace_return_to_handler Naresh Kamboju reported a "Bad frame pointer" kerne... • https://git.kernel.org/stable/c/a3ed4157b7d89800a0008de0c9e46a438a5c3745 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-22068 – ublk: make sure ubq->canceling is set when queue is frozen
https://notcve.org/view.php?id=CVE-2025-22068
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: ublk: make sure ubq->canceling is set when queue is frozen Now ublk driver depends on `ubq->canceling` for deciding if the request can be dispatched via uring_cmd & io_uring_cmd_complete_in_task(). In the Linux kernel, the following vulnerability has been resolved: ublk: make sure ubq->canceling is set when queue is frozen Now ublk driver depends on `ubq->canceling` for deciding if the request can be dispatched via uring_cmd &... • https://git.kernel.org/stable/c/216c8f5ef0f209a3797292c487bdaa6991ab4b92 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-22067 – spi: cadence: Fix out-of-bounds array access in cdns_mrvl_xspi_setup_clock()
https://notcve.org/view.php?id=CVE-2025-22067
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: cadence: Fix out-of-bounds array access in cdns_mrvl_xspi_setup_clock() If requested_clk > 128, cdns_mrvl_xspi_setup_clock() iterates over the entire cdns_mrvl_xspi_clk_div_list array without breaking out early, causing 'i' to go beyond the array bounds. ... Fixes the following warning with an UBSAN kernel: vmlinux.o: warning: objtool: cdns_mrvl_xspi_setup_clock: unexpected end of section .text.cdns_mrvl_xspi_setup_clock In the ... • https://git.kernel.org/stable/c/26d34fdc49712ddbd42b11102f5d9d78a0f42097 •