CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2025-38659 – gfs2: No more self recovery
https://notcve.org/view.php?id=CVE-2025-38659
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: gfs2: No more self recovery When a node withdraws and it turns out that it is the only node that has the filesystem mounted, gfs2 currently tries to replay the local journal to bring the filesystem back into a consistent state. Not only is that a very bad idea, it has also never worked because gfs2_recover_func() will refuse to do anything during a withdraw. However, before even getting to this point, gfs2_recover_func() dereferences sdp->s... • https://git.kernel.org/stable/c/601ef0d52e9617588fcff3df26953592f2eb44ac •
CVSS: 7.8EPSS: %CPEs: 3EXPL: 0CVE-2025-38656 – wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
https://notcve.org/view.php?id=CVE-2025-38656
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() Preserve the error code if iwl_setup_deferred_work() fails. The current code returns ERR_PTR(0) (which is NULL) on this path. I believe the missing error code potentially leads to a use after free involving debugfs. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() Preserve the error code if iwl_setup_deferred_... • https://git.kernel.org/stable/c/6663c52608d8d8727bf1911e6d9218069ba1c85e •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38653 – proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
https://notcve.org/view.php?id=CVE-2025-38653
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may cause UAF in rmmod scenario. It's a gap in proc_reg_open() after commit 654b33ada4ab("proc: fix UAF in proc_get_inode()"). Followed by AI Viro's suggestion, fix it in same manner. In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_rea... • https://git.kernel.org/stable/c/3f61631d47f115b83c935d0039f95cb68b0c8ab7 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38652 – f2fs: fix to avoid out-of-boundary access in devs.path
https://notcve.org/view.php?id=CVE-2025-38652
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $((1024*1024*1024)) \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touch /mnt/f2fs/file - truncate -s $((1024*1024*1024)) /mnt/f2fs/file - mkfs.f2fs /mnt/f2fs/012345678901234567890123456789012345678901234567890123 \ -c /mnt/f2fs/file - mount /mnt/f2fs/0123456789012345678901234567... • https://git.kernel.org/stable/c/3c62be17d4f562f43fe1d03b48194399caa35aa5 •
CVSS: 5.6EPSS: %CPEs: 6EXPL: 0CVE-2025-38650 – hfsplus: remove mutex_lock check in hfsplus_free_extents
https://notcve.org/view.php?id=CVE-2025-38650
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutex_lock check in hfsplus_free_extents Syzbot reported an issue in hfsplus filesystem: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplus_free_extents+0x700/0xad0 Call Trace:
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2025-38648 – spi: stm32: Check for cfg availability in stm32_spi_probe
https://notcve.org/view.php?id=CVE-2025-38648
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: stm32: Check for cfg availability in stm32_spi_probe The stm32_spi_probe function now includes a check to ensure that the pointer returned by of_device_get_match_data is not NULL before accessing its members. This resolves a warning where a potential NULL pointer dereference could occur when accessing cfg->has_device_mode. Before accessing the 'has_device_mode' member, we verify that 'cfg' is not NULL. If 'cfg' is NULL, an error messag... • https://git.kernel.org/stable/c/fee681646fc831b154619ac0261afedcc7e671e7 •
CVSS: 7.8EPSS: %CPEs: 5EXPL: 0CVE-2025-38646 – wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band
https://notcve.org/view.php?id=CVE-2025-38646
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band With a quite rare chance, RX report might be problematic to make SW think a packet is received on 6 GHz band even if the chip does not support 6 GHz band actually. Since SW won't initialize stuffs for unsupported bands, NULL dereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -> rtw89_core_cancel_6ghz_probe_tx(). So, add a check to a... • https://git.kernel.org/stable/c/c6aa9a9c47252ac7b07ed6d10459027e2f2a2de0 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38645 – net/mlx5: Check device memory pointer before usage
https://notcve.org/view.php?id=CVE-2025-38645
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev->dm allocation in mlx5_init_once() fails. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev->dm allocation in mlx5_init_once() fails. • https://git.kernel.org/stable/c/c9b9dcb430b3cd0ad2b04c360c4e528d73430481 •
CVSS: 5.6EPSS: %CPEs: 6EXPL: 0CVE-2025-38644 – wifi: mac80211: reject TDLS operations when station is not associated
https://notcve.org/view.php?id=CVE-2025-38644
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before association completed and without prior TDLS setup. This left internal state like sdata->u.mgd.tdls_peer uninitialized, leading to a WARN_ON() in code paths that assumed it was valid. Reject the operation early if not in station mode or not as... • https://git.kernel.org/stable/c/81dd2b8822410e56048b927be779d95a2b6dc186 •
CVSS: 5.9EPSS: %CPEs: 6EXPL: 0CVE-2025-38643 – wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()
https://notcve.org/view.php?id=CVE-2025-38643
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() Callers of wdev_chandef() must hold the wiphy mutex. But the worker cfg80211_propagate_cac_done_wk() never takes the lock. Which triggers the warning below with the mesh_peer_connected_dfs test from hostapd and not (yet) released mac80211 code changes: WARNING: CPU: 0 PID: 495 at net/wireless/chan.c:1552 wdev_chandef+0x60/0x165 Modules linked in: CPU: 0 UID: 0 PID: 495 Comm: k... • https://git.kernel.org/stable/c/26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d •