CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37893 – LoongArch: BPF: Fix off-by-one error in build_prologue()
https://notcve.org/view.php?id=CVE-2025-37893
18 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix off-by-one error in build_prologue() Vincent reported that running BPF progs with tailcalls on LoongArch causes kernel hard lockup. In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix off-by-one error in build_prologue() Vincent reported that running BPF progs with tailcalls on LoongArch causes kernel hard lockup. ... En el kernel de Linux, se ha resuelto la siguie... • https://git.kernel.org/stable/c/5dc615520c4dfb358245680f1904bad61116648e •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-37860 – sfc: fix NULL dereferences in ef100_process_design_param()
https://notcve.org/view.php?id=CVE-2025-37860
18 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: sfc: fix NULL dereferences in ef100_process_design_param() Since cited commit, ef100_probe_main() and hence also ef100_check_design_params() run before efx->net_dev is created; consequently, we cannot netif_set_tso_max_size() or _segs() at this point. In the Linux kernel, the following vulnerability has been resolved: sfc: fix NULL dereferences in ef100_process_design_param() Since cited commit, ef100_probe_main() and hence al... • https://git.kernel.org/stable/c/98ff4c7c8ac7f5339aac6114105395fea19f992e •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37785 – ext4: fix OOB read when checking dotdot dir
https://notcve.org/view.php?id=CVE-2025-37785
18 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted directory is removed). In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len... • https://git.kernel.org/stable/c/ac27a0ec112a089f1a5102bc8dffc79c8c815571 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47671 – can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path
https://notcve.org/view.php?id=CVE-2021-47671
17 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). • https://git.kernel.org/stable/c/8537257874e949a59c834cecfd5a063e11b64b0b • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47670 – can: peak_usb: fix use after free bugs
https://notcve.org/view.php?id=CVE-2021-47670
17 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe. In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the peak_usb_netif_rx_ni(). ... • https://git.kernel.org/stable/c/0a25e1f4f18566b750ebd3ae995af64e23111e63 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47669 – can: vxcan: vxcan_xmit: fix use after free bug
https://notcve.org/view.php?id=CVE-2021-47669
17 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: can: vxcan: vxcan_xmit: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. In the Linux kernel, the following vulnerability has been resolved: can: vxcan: vxcan_xmit: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the canfd_frame cfd which aliases skb memory is accessed after the netif_rx_ni(). • https://git.kernel.org/stable/c/a8f820a380a2a06fc4fe1a54159067958f800929 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47668 – can: dev: can_restart: fix use after free bug
https://notcve.org/view.php?id=CVE-2021-47668
17 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. • https://git.kernel.org/stable/c/39549eef3587f1c1e8c65c88a2400d10fd30ea17 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-36789 – can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context
https://notcve.org/view.php?id=CVE-2020-36789
17 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context If a driver calls can_get_echo_skb() during a hardware IRQ (which is often, but not always, the case), the 'WARN_ON(in_irq)' in net/core/skbuff.c#skb_release_head_state() might be triggered, under network congestion circumstances, together with the potential risk of a NULL pointer dereference. ... • https://git.kernel.org/stable/c/39549eef3587f1c1e8c65c88a2400d10fd30ea17 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2025-23138 – watch_queue: fix pipe accounting mismatch
https://notcve.org/view.php?id=CVE-2025-23138
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pipe->nr_accounted on the pipe itself, due to the if (!... In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pip... • https://git.kernel.org/stable/c/162ae0e78bdabf84ef10c1293c4ed7865cb7d3c8 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23137 – cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update
https://notcve.org/view.php?id=CVE-2025-23137
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update Check if policy is NULL before dereferencing it in amd_pstate_update. • https://git.kernel.org/stable/c/e8f555daacd3377bf691fdda2490c0b164e00085 •