CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22106 – vmxnet3: unregister xdp rxq info in the reset path
https://notcve.org/view.php?id=CVE-2025-22106
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: vmxnet3: unregister xdp rxq info in the reset path vmxnet3 does not unregister xdp rxq info in the vmxnet3_reset_work() code path as vmxnet3_rq_destroy() is not invoked in this code path. In the Linux kernel, the following vulnerability has been resolved: vmxnet3: unregister xdp rxq info in the reset path vmxnet3 does not unregister xdp rxq info in the vmxnet3_reset_work() code path as vmxnet3_rq_destroy() is not invoked in th... • https://git.kernel.org/stable/c/54f00cce11786742bd11e5e68c3bf85e6dc048c9 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22105 – bonding: check xdp prog when set bond mode
https://notcve.org/view.php?id=CVE-2025-22105
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning[1]: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj af_xdp_kern.o sec xdp ip netns exec ns1 ip link set bond0 type bond mode broadcast ip netns del ns1 When delete the namespace, dev_xdp_uninstall() is called to remove xdp program on bond dev, and bond_xdp_set() will chec... • https://git.kernel.org/stable/c/9e2ee5c7e7c35d195e2aa0692a7241d47a433d1e •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22104 – ibmvnic: Use kernel helpers for hex dumps
https://notcve.org/view.php?id=CVE-2025-22104
16 Apr 2025 — This patch address KASAN reports like the one below: ibmvnic 30000003 env3: Login Buffer: ibmvnic 30000003 env3: 01000000af000000 <...> ibmvnic 30000003 env3: 2e6d62692e736261 ibmvnic 30000003 env3: 65050003006d6f63 ================================================================== BUG: KASAN: slab-out-of-bounds in ibmvnic_login+0xacc/0xffc [ibmvnic] Read of size 8 at addr c0000001331a9aa8 by task ip/17681 <...> Allocated by task 17681: <...> ibmvnic_login+0x2f0/0xffc [ibmvnic] ibmvnic_open+0x148/0x308 [ibm... • https://git.kernel.org/stable/c/032c5e82847a2214c3196a90f0aeba0ce252de58 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22103 – net: fix NULL pointer dereference in l3mdev_l3_rcv
https://notcve.org/view.php?id=CVE-2025-22103
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer dereference in l3mdev_l3_rcv When delete l3s ipvlan: ip link del link eth0 ipvlan1 type ipvlan mode l3s This may cause a null pointer dereference: Call trace: ip_rcv_finish+0x48/0xd0 ip_rcv+0x5c/0x100 __netif_receive_skb_one_core+0x64/0xb0 __netif_receive_skb+0x20/0x80 process_backlog+0xb4/0x204 napi_poll+0xe8/0x294 net_rx_action+0xd8/0x22c __do_softirq+0x12c/0x354 This is because l3mdev_l3_rcv() visit dev->l3md... • https://git.kernel.org/stable/c/c675e06a98a474f7ad0af32ce467613da818da52 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-22102 – Bluetooth: btnxpuart: Fix kernel panic during FW release
https://notcve.org/view.php?id=CVE-2025-22102
16 Apr 2025 — [ 2601.949184] Unable to handle kernel paging request at virtual address 0000312e6f006573 [ 2601.992076] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000111802000 [ 2601.992080] [0000312e6f006573] pgd=0000000000000000, p4d=0000000000000000 [ 2601.992087] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP [ 2601.992091] Modules linked in: algif_hash algif_skcipher af_alg btnxpuart(O) pciexxx(O) mlan(O) overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes cr... • https://git.kernel.org/stable/c/689ca16e523278470c38832a3010645a78c544d8 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22101 – net: libwx: fix Tx L4 checksum
https://notcve.org/view.php?id=CVE-2025-22101
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix Tx L4 checksum The hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol. In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix Tx L4 checksum The hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol. There was a bug to set Tx checksum flag for the other protocol that results in Tx ring hang. ... • https://git.kernel.org/stable/c/3403960cdf86c967442dccc2bec981e0093f716e •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22100 – drm/panthor: Fix race condition when gathering fdinfo group samples
https://notcve.org/view.php?id=CVE-2025-22100
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 ("drm/panthor: add DRM fdinfo support") failed to protect access to groups with an xarray lock, which could lead to use-after-free errors. In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 ("drm/panthor: add DRM fdinfo support") failed ... • https://git.kernel.org/stable/c/e16635d88fa07ba5801aa9e57ad7fe3c053234e4 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22099 – drm: xlnx: zynqmp_dpsub: Add NULL check in zynqmp_audio_init
https://notcve.org/view.php?id=CVE-2025-22099
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm: xlnx: zynqmp_dpsub: Add NULL check in zynqmp_audio_init devm_kasprintf() calls can return null pointers on failure. In the Linux kernel, the following vulnerability has been resolved: drm: xlnx: zynqmp_dpsub: Add NULL check in zynqmp_audio_init devm_kasprintf() calls can return null pointers on failure. But some return values were not checked in zynqmp_audio_init(). ... • https://git.kernel.org/stable/c/3ec5c15793051c9fe102ed0674c7925a56205385 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22098 – drm: zynqmp_dp: Fix a deadlock in zynqmp_dp_ignore_hpd_set()
https://notcve.org/view.php?id=CVE-2025-22098
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dp: Fix a deadlock in zynqmp_dp_ignore_hpd_set() Instead of attempting the same mutex twice, lock and unlock it. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/28edaacb821c69241f6c0be6bbd29f7145f1b44f •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-22097 – drm/vkms: Fix use after free and double free on init error
https://notcve.org/view.php?id=CVE-2025-22097
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it. In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized o... • https://git.kernel.org/stable/c/2df7af93fdadb9ba8226fe443fae15ecdefda2a6 • CWE-416: Use After Free •