CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38511 – drm/xe/pf: Clear all LMTT pages on alloc
https://notcve.org/view.php?id=CVE-2025-38511
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Clear all LMTT pages on alloc Our LMEM buffer objects are not cleared by default on alloc and during VF provisioning we only setup LMTT PTEs for the actually provisioned LMEM range. But beyond that valid range we might leave some stale data that could either point to some other VFs allocations or even to the PF pages. Explicitly clear all new LMTT page to avoid the risk that a malicious VF would try to exploit that gap. While aro... • https://git.kernel.org/stable/c/b1d20405821812ad70d95eefe58cadc6d50b0917 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38510 – kasan: remove kasan_find_vm_area() to prevent possible deadlock
https://notcve.org/view.php?id=CVE-2025-38510
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: kasan: remove kasan_find_vm_area() to prevent possible deadlock find_vm_area() couldn't be called in atomic_context. If find_vm_area() is called to reports vm area information, kasan can trigger deadlock like: CPU0 CPU1 vmalloc(); alloc_vmap_area(); spin_lock(&vn->busy.lock) spin_lock_bh(&some_lock);
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38509 – wifi: mac80211: reject VHT opmode for unsupported channel widths
https://notcve.org/view.php?id=CVE-2025-38509
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject VHT opmode for unsupported channel widths VHT operating mode notifications are not defined for channel widths below 20 MHz. In particular, 5 MHz and 10 MHz are not valid under the VHT specification and must be rejected. Without this check, malformed notifications using these widths may reach ieee80211_chan_width_to_rx_bw(), leading to a WARN_ON due to invalid input. This issue was reported by syzbot. Reject these unsu... • https://git.kernel.org/stable/c/751e7489c1d74b94ffffbed619d8fd724eeff4ee •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38508 – x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation
https://notcve.org/view.php?id=CVE-2025-38508
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation When using Secure TSC, the GUEST_TSC_FREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly (typically ~0.2%) from the actual mean TSC frequency due to clocking parameters. Over extended VM uptime, this discrepancy accumulates, causing clock skew between the hypervisor and a SEV-SNP VM, leading to early timer interrupts as perceived by the guest. T... • https://git.kernel.org/stable/c/73bbf3b0fbba9aa27fef07a1fbd837661a863f03 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38507 – HID: nintendo: avoid bluetooth suspend/resume stalls
https://notcve.org/view.php?id=CVE-2025-38507
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook which had been added for usb joycons. First, set a new state value to JOYCON_CTLR_STATE_SUSPENDED in a newly-added nintendo_hid_suspend. This makes sure we will not stall out the kernel waiting for input reports duri... • https://git.kernel.org/stable/c/2af16c1f846bd60240745bbd3afa13d5f040c61a •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38506 – KVM: Allow CPU to reschedule while setting per-page memory attributes
https://notcve.org/view.php?id=CVE-2025-38506
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory (1TB+), the host can experience CPU soft lockups when running an operation in kvm_vm_set_mem_attributes() to set memory attributes on the whole range of guest memory. watchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372] CPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.1... • https://git.kernel.org/stable/c/5a475554db1e476a14216e742ea2bdb77362d5d5 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38505 – wifi: mwifiex: discard erroneous disassoc frames on STA interface
https://notcve.org/view.php?id=CVE-2025-38505
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: discard erroneous disassoc frames on STA interface When operating in concurrent STA/AP mode with host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when clients disconnect from the AP interface. This causes kernel warnings as the STA interface processes disconnect events that don't apply to it: [ 1303.240540] WARNING: CPU: 0 PID: 513 at net/wireless/mlme.c:141 cfg80211_process_disasso... • https://git.kernel.org/stable/c/36995892c271cce5e2230bc165a06f109b117222 •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38503 – btrfs: fix assertion when building free space tree
https://notcve.org/view.php?id=CVE-2025-38503
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion when building free space tree When building the free space tree with the block group tree feature enabled, we can hit an assertion failure like this: BTRFS info (device loop0 state M): rebuilding free space tree assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102 ------------[ cut here ]------------ kernel BUG at fs/btrfs/free-space-tree.c:1102! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP Modules li... • https://git.kernel.org/stable/c/7c77df23324f60bcff0ea44392e2c82e9486640c •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38502 – bpf: Fix oob access in cgroup local storage
https://notcve.org/view.php?id=CVE-2025-38502
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a cgroup local storage with a different value size, and one program doing a tail call into the other. The verifier will validate each of the indivial programs just fine. However, in the runtime context the bpf_cg_run_ctx holds an bpf_prog_array_item which contains t... • https://git.kernel.org/stable/c/7d9c3427894fe70d1347b4820476bf37736d2ff0 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-38501 – ksmbd: limit repeated connections from clients with the same IP
https://notcve.org/view.php?id=CVE-2025-38501
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated connections from clients with the same IP. In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the ... • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf •