CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2025-38160 – clk: bcm: rpi: Add NULL check in raspberrypi_clk_register()
https://notcve.org/view.php?id=CVE-2025-38160
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, raspberrypi_clk_register() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue. • https://git.kernel.org/stable/c/93d2725affd65686792f4b57e49ef660f3c8c0f9 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2025-38159 – wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds
https://notcve.org/view.php?id=CVE-2025-38159
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], ¶[1])', which reads 5 bytes: void rtw_fw_bt_wifi_control(struct rtw_dev *rtwdev, u8 op_code, u8 *data) { ... SET_BT_WIFI_CONTROL_DATA1(h2c_pkt, *data); SET_BT_WIFI_CONTROL_DATA2(h2c_pkt, *(data + 1)); ... SET_BT_WIFI_CONTROL_DATA5(h2c_pkt, *(data + 4)); Detected u... • https://git.kernel.org/stable/c/4136214f7c46839c15f0f177fe1d5052302c0205 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38158 – hisi_acc_vfio_pci: fix XQE dma address error
https://notcve.org/view.php?id=CVE-2025-38158
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that there was an error when the data read from the register was combined into an address. Therefore, the address combination sequence needs to be corrected. Even after fixing the above problem, we still have an issue wh... • https://git.kernel.org/stable/c/b0eed085903e7758532696d64397901a75bba8ba •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2025-38157 – wifi: ath9k_htc: Abort software beacon handling if disabled
https://notcve.org/view.php?id=CVE-2025-38157
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Abort software beacon handling if disabled A malicious USB device can send a WMI_SWBA_EVENTID event from an ath9k_htc-managed device before beaconing has been enabled. This causes a device-by-zero error in the driver, leading to either a crash or an out of bounds read. Prevent this by aborting the handling in ath9k_htc_swba() if beacons are not enabled. • https://git.kernel.org/stable/c/832f6a18fc2aead14954c081ece03b7a5b425f81 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2025-38156 – wifi: mt76: mt7996: Fix null-ptr-deref in mt7996_mmio_wed_init()
https://notcve.org/view.php?id=CVE-2025-38156
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix null-ptr-deref in mt7996_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7996_mmio_wed_init() does not check for this case, which results in a NULL pointer dereference. Prevent null pointer dereference in mt7996_mmio_wed_init() • https://git.kernel.org/stable/c/83eafc9251d6d30574b629ac637c56d168fcbdd9 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-38155 – wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init()
https://notcve.org/view.php?id=CVE-2025-38155
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7915_mmio_wed_init() does not check for this case, which results in a NULL pointer dereference. Prevent null pointer dereference in mt7915_mmio_wed_init(). • https://git.kernel.org/stable/c/4f831d18d12da80cec0bebe5b8ca8702a528195a •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2025-38154 – bpf, sockmap: Avoid using sk_socket after free when sending
https://notcve.org/view.php?id=CVE-2025-38154
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sk_socket after free when sending The sk->sk_socket is not locked or referenced in backlog thread, and during the call to skb_send_sock(), there is a race condition with the release of sk_socket. All types of sockets(tcp/udp/unix/vsock) will be affected. Race conditions: ''' CPU0 CPU1 backlog::skb_send_sock sendmsg_unlocked sock_sendmsg sock_sendmsg_nosec close(fd): ... ops->release() -> sock_map_close() sk_socket-... • https://git.kernel.org/stable/c/4959ffc65a0e94f8acaac20deac49f89e6ded52d •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2025-38153 – net: usb: aqc111: fix error handling of usbnet read calls
https://notcve.org/view.php?id=CVE-2025-38153
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error (see report [1]) in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar to the one fixed in commit 920a9fa27e78 ("net: asix: add proper error handling of usb read errors"). For instance, usbnet_read_cmd() may read fewer than 'size' bytes, even if the caller expected the full amount... • https://git.kernel.org/stable/c/df2d59a2ab6c9ceac2c4104272fce03493b8f62f •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2025-38151 – RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work
https://notcve.org/view.php?id=CVE-2025-38151
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work The cited commit fixed a crash when cma_netevent_callback was called for a cma_id while work on that id from a previous call had not yet started. The work item was re-initialized in the second call, which corrupted the work item currently in the work queue. However, it left a problem when queue_work fails (because the item is still pending in the work queue from a previous ca... • https://git.kernel.org/stable/c/51003b2c872c63d28bcf5fbcc52cf7b05615f7b7 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-38149 – net: phy: clear phydev->devlink when the link is deleted
https://notcve.org/view.php?id=CVE-2025-38149
03 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: net: phy: clear phydev->devlink when the link is deleted There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phy_detach() calls device_link_del() to remove the device link, but it does not clear phydev->devlink, so phydev->devlink is not a NULL pointer. Then the network port is re-enabled, but if phy_attach_direct() fails before calling device_link_add(), the code jumps to the "... • https://git.kernel.org/stable/c/bc66fa87d4fda9053a8145e5718fc278c2b88253 •