CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-22056 – netfilter: nft_tunnel: fix geneve_opt type confusion addition
https://notcve.org/view.php?id=CVE-2025-22056
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place e... • https://git.kernel.org/stable/c/925d844696d9287f841d6b3e0ed62a35fb175970 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2025-22055 – net: fix geneve_opt length integer overflow
https://notcve.org/view.php?id=CVE-2025-22055
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. ... In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. • https://git.kernel.org/stable/c/0ed5269f9e41f495c8e9020c85f5e1644c1afc57 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2025-22054 – arcnet: Add NULL check in com20020pci_probe()
https://notcve.org/view.php?id=CVE-2025-22054
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: arcnet: Add NULL check in com20020pci_probe() devm_kasprintf() returns NULL when memory allocation fails. ... In the Linux kernel, the following vulnerability has been resolved: arcnet: Add NULL check in com20020pci_probe() devm_kasprintf() returns NULL when memory allocation fails. • https://git.kernel.org/stable/c/e38cd53421ed4e37fc99662a0f2a0c567993844f •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-22053 – net: ibmveth: make veth_pool_store stop hanging
https://notcve.org/view.php?id=CVE-2025-22053
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ibmveth: make veth_pool_store stop hanging v2: - Created a single error handling unlock and exit in veth_pool_store - Greatly expanded commit message with previous explanatory-only text Summary: Use rtnl_mutex to synchronize veth_pool_store with itself, ibmveth_close and ibmveth_open, preventing multiple calls in a row to napi_disable. ... • https://git.kernel.org/stable/c/860f242eb5340d0b0cfe243cb86b2a98f92e8b91 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22052 – staging: gpib: Fix Oops after disconnect in ni_usb
https://notcve.org/view.php?id=CVE-2025-22052
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in ni_usb If the usb dongle is disconnected subsequent calls to the driver cause a NULL dereference Oops as the bus_interface is set to NULL on disconnect. In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in ni_usb If the usb dongle is disconnected subsequent calls to the driver cause a NULL dereference Oops as the bus_interfac... • https://git.kernel.org/stable/c/4934b98bb24327c32ed55c96012f019932383da5 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22051 – staging: gpib: Fix Oops after disconnect in agilent usb
https://notcve.org/view.php?id=CVE-2025-22051
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in agilent usb If the agilent usb dongle is disconnected subsequent calls to the driver cause a NULL dereference Oops as the bus_interface is set to NULL on disconnect. In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in agilent usb If the agilent usb dongle is disconnected subsequent calls to the driver cause a NULL dereferenc... • https://git.kernel.org/stable/c/fbae7090f30c1bd5a351d0c8f82b6a635718b8d8 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-22050 – usbnet:fix NPE during rx_complete
https://notcve.org/view.php?id=CVE-2025-22050
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical Path. The usb_submit_urb function lacks a usbnet_going_away validation, whereas __usbnet_queue_skb includes this check. ... In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rx_complete Missing usbnet_going_away Check in Critical Path. • https://git.kernel.org/stable/c/b80aacfea6e8d6ed6e430aa13922d6ccf044415a •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-22049 – LoongArch: Increase ARCH_DMA_MINALIGN up to 16
https://notcve.org/view.php?id=CVE-2025-22049
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: Increase ARCH_DMA_MINALIGN up to 16 ARCH_DMA_MINALIGN is 1 by default, but some LoongArch-specific devices (such as APBDMA) require 16 bytes alignment. ... In the Linux kernel, the following vulnerability has been resolved: LoongArch: Increase ARCH_DMA_MINALIGN up to 16 ARCH_DMA_MINALIGN is 1 by default, but some LoongArch-specific devices (such as APBDMA) require 16 bytes alignment. • https://git.kernel.org/stable/c/f39af67f03b564b763b06e44cb960c10a382d54a •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-22048 – LoongArch: BPF: Don't override subprog's return value
https://notcve.org/view.php?id=CVE-2025-22048
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Don't override subprog's return value The verifier test `calls: div by 0 in subprog` triggers a panic at the ld.bu instruction. ... In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Don't override subprog's return value The verifier test `calls: div by 0 in subprog` triggers a panic at the ld.bu instruction. • https://git.kernel.org/stable/c/0c8d50501bc13cacecc19caaddc10db372592a39 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-22047 – x86/microcode/AMD: Fix __apply_microcode_amd()'s return value
https://notcve.org/view.php?id=CVE-2025-22047
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value When verify_sha256_digest() fails, __apply_microcode_amd() should propagate the failure by returning false (and not -1 which is promoted to true). In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value When verify_sha256_digest() fails, __apply_microcode_amd() should propagate the failure by ... • https://git.kernel.org/stable/c/bef830144febedb7de86863ae99d8f53bed76e95 •