CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37905 – firmware: arm_scmi: Balance device refcount when destroying devices
https://notcve.org/view.php?id=CVE-2025-37905
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Balance device refcount when destroying devices Using device_find_child() to lookup the proper SCMI device to destroy causes an unbalance in device refcount, since device_find_child() calls an implicit get_device(): this, in turns, inhibits the call of the provided release methods upon devices destruction. ... /vmlinux device_add+0x954/0x12d0 device_add+0x954/0x12d0: kmalloc_noprof at include/linux/slab.h:9... • https://git.kernel.org/stable/c/d4f9dddd21f39395c62ea12d3d91239637d4805f •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-37904 – btrfs: fix the inode leak in btrfs_iget()
https://notcve.org/view.php?id=CVE-2025-37904
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix the inode leak in btrfs_iget() [BUG] There is a bug report that a syzbot reproducer can lead to the following busy inode at unmount time: BTRFS info (device loop1): last unmount of filesystem 1680000e-3c1e-4c46-84b6-56bd3909af50 VFS: Busy inodes after unmount of loop1 (btrfs) ------------[ cut here ]------------ kernel BUG at fs/super.c:650! In the Linux kernel, the following vulnerability has been resolved: btrfs: ... • https://git.kernel.org/stable/c/7c855e16ab72596d771355050ffe026e6b99f91c •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37903 – drm/amd/display: Fix slab-use-after-free in hdcp
https://notcve.org/view.php?id=CVE-2025-37903
20 May 2025 — kthread_is_per_cpu+0xd0/0xd0 [ 66.777609] ret_from_fork_asm+0x11/0x20 [ 66.777614] [ 66.777643] Allocated by task 10: [ 66.777646] kasan_save_stack+0x39/0x60 [ 66.777649] kasan_save_track+0x14/0x40 [ 66.777652] kasan_save_alloc_info+0x37/0x50 [ 66.777655] __kasan_kmalloc+0xbb/0xc0 [ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0 [ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu] [ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper] [ 66.777892] drm_dp_send_link_address+0x1... • https://git.kernel.org/stable/c/da3fd7ac0bcf372cc57117bdfcd725cca7ef975a •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37901 – irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs
https://notcve.org/view.php?id=CVE-2025-37901
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs On Qualcomm chipsets not all GPIOs are wakeup capable. In the Linux kernel, the following vulnerability has been resolved: irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs On Qualcomm chipsets not all GPIOs are wakeup capable. ... • https://git.kernel.org/stable/c/a6199bb514d8a63f61c2a22c1f912376e14d0fb2 •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37900 – iommu: Fix two issues in iommu_copy_struct_from_user()
https://notcve.org/view.php?id=CVE-2025-37900
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu: Fix two issues in iommu_copy_struct_from_user() In the review for iommu_copy_struct_to_user() helper, Matt pointed out that a NULL pointer should be rejected prior to dereferencing it: https://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com And Alok pointed out a typo at the same time: https://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com Since both issues were copied from iommu_copy_s... • https://git.kernel.org/stable/c/e9d36c07bb787840e4813fb09a929a17d522a69f •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2025-37899 – ksmbd: fix use-after-free in session logoff
https://notcve.org/view.php?id=CVE-2025-37899
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has se... • https://github.com/vett3x/SMB-LINUX-CVE-2025-37899 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-37898 – powerpc64/ftrace: fix module loading without patchable function entries
https://notcve.org/view.php?id=CVE-2025-37898
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix module loading without patchable function entries get_stubs_size assumes that there must always be at least one patchable function entry, which is not always the case (modules that export data but no code), otherwise it returns -ENOEXEC and thus the section header sh_size is set to that value. In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix module loading without ... • https://git.kernel.org/stable/c/eec37961a56aa4f3fe1c33ffd48eec7d1bb0c009 •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37897 – wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release
https://notcve.org/view.php?id=CVE-2025-37897
20 May 2025 — This bug leads to the following warning: ================================================================ WARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0 Modules linked in: CPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: usb_hub_wq hub_event RIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106 Call Tra... • https://git.kernel.org/stable/c/68d57a07bfe5bb29b80cd8b8fa24c9d1ea104124 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-37896 – spi: spi-mem: Add fix to avoid divide error
https://notcve.org/view.php?id=CVE-2025-37896
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. ... kernfs_activate+0x87/0xd0 spi_mem_probe+0x7a/0xb0 spi_probe+0x7d/0x130 In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. ... kernfs_activate+0x87/0xd0 spi_mem_probe+0x7a/0xb0 spi_pro... • https://git.kernel.org/stable/c/226d6cb3cb799aae46d0dd19a521133997d9db11 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37895 – bnxt_en: Fix error handling path in bnxt_init_chip()
https://notcve.org/view.php?id=CVE-2025-37895
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix error handling path in bnxt_init_chip() WARN_ON() is triggered in __flush_work() if bnxt_init_chip() fails because we call cancel_work_sync() on dim work that has not been initialized. In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix error handling path in bnxt_init_chip() WARN_ON() is triggered in __flush_work() if bnxt_init_chip() fails because we call cancel_work_sync() on dim wo... • https://git.kernel.org/stable/c/f697217f980ffc796c72c34dbf7d59a6b1996888 •