
CVE-2025-37790 – net: mctp: Set SOCK_RCU_FREE
https://notcve.org/view.php?id=CVE-2025-37790
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCK_RCU_FREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup. In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCK_RCU_FREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup. Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/833ef3b91de692ef33b800bca6b1569c39dece74 •

CVE-2025-37789 – net: openvswitch: fix nested key length validation in the set() action
https://notcve.org/view.php?id=CVE-2025-37789
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. ... In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. • https://git.kernel.org/stable/c/ccb1352e76cff0524e7ccb2074826a092dd13016 •

CVE-2025-37788 – cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path
https://notcve.org/view.php?id=CVE-2025-37788
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path In the for loop used to allocate the loc_array and bmap for each port, a memory leak is possible when the allocation for loc_array succeeds, but the allocation for bmap fails. In the Linux kernel, the following vulnerability has been resolved: cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path In the for loop used to allocate the loc_array and bma... • https://git.kernel.org/stable/c/d915c299f1da68a7dbb43895b8741c7b916c9d08 •

CVE-2025-37787 – net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered
https://notcve.org/view.php?id=CVE-2025-37787
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver: https://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/ The crash seems to be in devlink_region_destroy(), which is not NULL tolerant but is given a NULL devlink global region pointer. In the Linux kernel, the following vuln... • https://git.kernel.org/stable/c/836021a2d0e0e4c90b895a35bd9c0342071855fb •

CVE-2025-37786 – net: dsa: free routing table on probe failure
https://notcve.org/view.php?id=CVE-2025-37786
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table on probe failure If complete = true in dsa_tree_setup(), it means that we are the last switch of the tree which is successfully probing, and we should be setting up all switches from our probe path. In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table on probe failure If complete = true in dsa_tree_setup(), it means that we are the last switch of the tree... • https://git.kernel.org/stable/c/c5f51765a1f60b701840544faf3ca63204b8dc3c •

CVE-2025-37784 – net: ti: icss-iep: Fix possible NULL pointer dereference for perout request
https://notcve.org/view.php?id=CVE-2025-37784
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ti: icss-iep: Fix possible NULL pointer dereference for perout request The ICSS IEP driver tracks perout and pps enable state with flags. In the Linux kernel, the following vulnerability has been resolved: net: ti: icss-iep: Fix possible NULL pointer dereference for perout request The ICSS IEP driver tracks perout and pps enable state with flags. • https://git.kernel.org/stable/c/d6b130fabfe197935346fe9f1e50a0947b2b1be7 •

CVE-2025-37783 – drm/msm/dpu: Fix error pointers in dpu_plane_virtual_atomic_check
https://notcve.org/view.php?id=CVE-2025-37783
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Fix error pointers in dpu_plane_virtual_atomic_check The function dpu_plane_virtual_atomic_check was dereferencing pointers returned by drm_atomic_get_plane_state without checking for errors. ... Patchwork: https://patchwork.freedesktop.org/patch/643132/ In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Fix error pointers in dpu_plane_virtual_atomic_check The function dpu_plane_virtu... • https://git.kernel.org/stable/c/774bcfb731765d092992136b54c34958d7c64bea •

CVE-2025-37781 – i2c: cros-ec-tunnel: defer probe if parent EC is not present
https://notcve.org/view.php?id=CVE-2025-37781
01 May 2025 — irqentry_exit_to_user_mode+0x79/0x90 [ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d [ 272.279887] RIP: 0033:0x7b9309168d39 [ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8 [ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000 ---truncated--- In the Linux kernel, the following vulnerability has been resolved: i2c: ... • https://git.kernel.org/stable/c/9d230c9e4f4e67cb1c1cb9e0f6142da16b0f2796 •

CVE-2025-37780 – isofs: Prevent the use of too small fid
https://notcve.org/view.php?id=CVE-2025-37780
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid syzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1] The handle_bytes value passed in by the reproducing program is equal to 12. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •

CVE-2025-37779 – lib/iov_iter: fix to increase non slab folio refcount
https://notcve.org/view.php?id=CVE-2025-37779
01 May 2025 — :"GoogleExtServicesCn.apk" flags: 0x100000000000041(locked|head|node=0|zone=1) raw: 0100000000000041 dead000000000100 dead000000000122 ffff888014b13bd0 raw: 0000000000000060 0000000000000020 00000000ffffffff 0000000000000000 head: 0100000000000041 dead000000000100 dead000000000122 ffff888014b13bd0 head: 0000000000000060 0000000000000020 00000000ffffffff 0000000000000000 head: 0100000000000000 0000000000000000 ffffffffffffffff 0000000000000000 head: 0000000000000010 0000000000000000 00000000ffffffff 00000000... • https://git.kernel.org/stable/c/b9c0e49abfca06f1a109acea834bcfc934f33f76 •