
CVE-2025-21806 – net: let net.core.dev_weight always be non-zero
https://notcve.org/view.php?id=CVE-2025-21806
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget of 0. ------------[ cut here ]------------ list_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \ next=ffff88905f746e40. WARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \ __list_add_valid_or_report+0xf3/0x130 CPU: 18 UID:... • https://git.kernel.org/stable/c/e3876605450979fe52a1a03e7eb78a89bf59e76a •

CVE-2025-21805 – RDMA/rtrs: Add missing deinit() call
https://notcve.org/view.php?id=CVE-2025-21805
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Add missing deinit() call A warning is triggered when repeatedly connecting and disconnecting the rnbd: list_add corruption. prev->next should be next (ffff88800b13e480), but was ffff88801ecd1338. (prev=ffff88801ecd1340). WARNING: CPU: 1 PID: 36562 at lib/list_debug.c:32 __list_add_valid_or_report+0x7f/0xa0 Workqueue: ib_cm cm_work_handler [ib_cm] RIP: 0010:__list_add_valid_or_report+0x7f/0xa0 ? __list_add_valid_or_report+0x7f/0x... • https://git.kernel.org/stable/c/667db86bcbe82e789d82c2e8c8c40756ec2e1999 •

CVE-2025-21804 – PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()
https://notcve.org/view.php?id=CVE-2025-21804
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() The rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region() macro to request a needed resource. A string variable that lives on the stack is then used to store a dynamically computed resource name, which is then passed on as one of the macro arguments. This can lead to undefined behavior. Depending on the current contents of the memory, the manifes... • https://git.kernel.org/stable/c/2a6d0d63d99956a66f6605832f11755d74a41951 •

CVE-2025-21803 – LoongArch: Fix warnings during S3 suspend
https://notcve.org/view.php?id=CVE-2025-21803
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix warnings during S3 suspend The enable_gpe_wakeup() function calls acpi_enable_all_wakeup_gpes(), and the later one may call the preempt_schedule_common() function, resulting in a thread switch and causing the CPU to be in an interrupt enabled state after the enable_gpe_wakeup() function returns, leading to the warnings as follow. [ C0] WARNING: ... at kernel/time/timekeeping.c:845 ktime_get+0xbc/0xc8 [ C0] ... [ C0] Call Trac... • https://git.kernel.org/stable/c/366bb35a8e48198cefcd3484ac6b2374d1347873 •

CVE-2025-21802 – net: hns3: fix oops when unload drivers paralleling
https://notcve.org/view.php?id=CVE-2025-21802
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it removes all the ae_dev nodes, and it may cause oops. But we can't simply use hnae3_common_lock for this. Because in the process flow of pci_disable_sriov(), it will trigger the remove flow of VF, which will also take hnae3_common_lock. T... • https://git.kernel.org/stable/c/d36b15e3e7b5937cb1f6ac590a85facc3a320642 •

CVE-2025-21801 – net: ravb: Fix missing rtnl lock in suspend/resume path
https://notcve.org/view.php?id=CVE-2025-21801
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held where required. Calls to ravb_open, ravb_close and wol operations must be performed under the rtnl lock to prevent conflicts with ongoing ndo operations. Without this fix, the following warning is triggered: [ 39.032969] ============================= [ 39.032983] WARNING: suspicious RCU usage [ 39.033019] -------------------... • https://git.kernel.org/stable/c/0184165b2f42c4b032da9dd11546bfbaeb5afd4e •

CVE-2025-21800 – net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset
https://notcve.org/view.php?id=CVE-2025-21800
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset When bit offset for HWS_SET32 macro is negative, UBSAN complains about the shift-out-of-bounds: UBSAN: shift-out-of-bounds in drivers/net/ethernet/mellanox/mlx5/core/steering/hws/definer.c:177:2 shift exponent -8 is negative In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset When bit offset for H... • https://git.kernel.org/stable/c/74a778b4a63faef9ff02aad0d332b209835f93e1 •

CVE-2025-21799 – net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()
https://notcve.org/view.php?id=CVE-2025-21799
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() When getting the IRQ we use k3_udma_glue_tx_get_irq() which returns negative error value on error. So not NULL check is not sufficient to deteremine if IRQ is valid. Check that IRQ is greater then zero to ensure it is valid. There is no issue at probe time but at runtime user can invoke .set_channels which results in the following call chain. am65_cpsw_set_chan... • https://git.kernel.org/stable/c/93a76530316a3d8cc2d82c3deca48424fee92100 •

CVE-2025-21798 – firewire: test: Fix potential null dereference in firewire kunit test
https://notcve.org/view.php?id=CVE-2025-21798
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: firewire: test: Fix potential null dereference in firewire kunit test kunit_kzalloc() may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for test_state. In the Linux kernel, the following vulnerability has been resolved: firewire: test: Fix potential null dereference in firewire kunit test kunit_kzalloc() may return a NULL pointer, dereferencing it without NULL check may lead to NUL... • https://git.kernel.org/stable/c/1c8506d62624fbc57db75414a387f365da8422e9 •

CVE-2024-58042 – rhashtable: Fix potential deadlock by moving schedule_work outside lock
https://notcve.org/view.php?id=CVE-2024-58042
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rhashtable: Fix potential deadlock by moving schedule_work outside lock Move the hash table growth check and work scheduling outside the rht lock to prevent a possible circular locking dependency. The original implementation could trigger a lockdep warning due to a potential deadlock scenario involving nested locks between rhashtable bucket, rq lock, and dsq lock. By relocating the growth check and work scheduling after releasing the rth lo... • https://git.kernel.org/stable/c/f0e1a0643a59bf1f922fa209cec86a170b784f3f •