CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2025-38072 – libnvdimm/labels: Fix divide error in nd_label_data_init()
https://notcve.org/view.php?id=CVE-2025-38072
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in nd_label_data_init() If a faulty CXL memory device returns a broken zero LSA size in its memory device information (Identify Memory Device (Opcode 4000h), CXL spec. 3.1, 8.2.9.9.1.1), a divide error occurs in the libnvdimm driver: Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI RIP: 0010:nd_label_data_init+0x10e/0x800 [libnvdimm] Code and flow: 1) CXL Command 4000h returns LSA size = 0 2) config_size is... • https://git.kernel.org/stable/c/2bd4a938d2eda96ab7288b8fa5aae84a1de8c4ca •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38071 – x86/mm: Check return value from memblock_phys_alloc_range()
https://notcve.org/view.php?id=CVE-2025-38071
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/mm: Check return value from memblock_phys_alloc_range() At least with CONFIG_PHYSICAL_START=0x100000, if there is < 4 MiB of contiguous free memory available at this point, the kernel will crash and burn because memblock_phys_alloc_range() returns 0 on failure, which leads memblock_phys_free() to throw the first 4 MiB of physical memory to the wolves. At a minimum it should fail gracefully with a meaningful diagnostic, but in fact every... • https://git.kernel.org/stable/c/8c18c904d301ffeb33b071eadc55cd6131e1e9be •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2025-38070 – ASoC: sma1307: Add NULL check in sma1307_setting_loaded()
https://notcve.org/view.php?id=CVE-2025-38070
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: sma1307: Add NULL check in sma1307_setting_loaded() All varibale allocated by kzalloc and devm_kzalloc could be NULL. Multiple pointer checks and their cleanup are added. This issue is found by our static analysis tool • https://git.kernel.org/stable/c/f8434b8ba437d3f6cbcd9ffe8405bd16ed28fc5c •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2025-38069 – PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops
https://notcve.org/view.php?id=CVE-2025-38069
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops Fix a kernel oops found while testing the stm32_pcie Endpoint driver with handling of PERST# deassertion: During EP initialization, pci_epf_test_alloc_space() allocates all BARs, which are further freed if epc_set_bar() fails (for instance, due to no free inbound window). However, when pci_epc_set_bar() fails, the error path: pci_epc_set_bar() -> pci_epf_free_space() do... • https://git.kernel.org/stable/c/fe2329eff5bee461ebcafadb6ca1df0cbf5945fd •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2025-38068 – crypto: lzo - Fix compression buffer overrun
https://notcve.org/view.php?id=CVE-2025-38068
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the buffer length provided by the caller. Add a safe compression interface that checks for the end of buffer before each write. Use the safe interface in crypto/lzo. • https://git.kernel.org/stable/c/4b173bb2c4665c23f8fcf5241c7b06dfa6b5b111 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2025-38067 – rseq: Fix segfault on registration when rseq_cs is non-zero
https://notcve.org/view.php?id=CVE-2025-38067
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseq_cs is non-zero The rseq_cs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault on return to user-space if the value stored in the rseq_cs field doesn't point to a valid struct rseq_cs. The correct solution to this would be to fail the rseq registration when the rseq_cs field is non-zero. How... • https://git.kernel.org/stable/c/2df285dab00fa03a3ef939b6cb0d0d0aeb0791db •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2025-38066 – dm cache: prevent BUG_ON by blocking retries on failed device resumes
https://notcve.org/view.php?id=CVE-2025-38066
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUG_ON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failure leaves a partially initialized policy object. Repeating the resume operation risks triggering BUG_ON when reloading cache mappings into the incomplete policy object. Reproduce steps: 1. create a cache metadata consisting of 512 or more cache blocks, with some mappings stored in th... • https://git.kernel.org/stable/c/c614584c2a66b538f469089ac089457a34590c14 •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2025-38065 – orangefs: Do not truncate file size
https://notcve.org/view.php?id=CVE-2025-38065
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: orangefs: Do not truncate file size 'len' is used to store the result of i_size_read(), so making 'len' a size_t results in truncation to 4GiB on 32-bit systems. • https://git.kernel.org/stable/c/ceaf195ed285b77791e29016ee6344b3ded609b3 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2025-38064 – virtio: break and reset virtio devices on device_shutdown()
https://notcve.org/view.php?id=CVE-2025-38064
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on device_shutdown() Hongyu reported a hang on kexec in a VM. QEMU reported invalid memory accesses during the hang. Invalid read at addr 0x102877002, size 2, region '(null)', reason: rejected Invalid write at addr 0x102877A44, size 2, region '(null)', reason: rejected ... It was traced down to virtio-console. Kexec works fine if virtio-console is not in use. • https://git.kernel.org/stable/c/aee42f3d57bfa37b2716df4584edeecf63b9df4c •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38063 – dm: fix unconditional IO throttle caused by REQ_PREFLUSH
https://notcve.org/view.php?id=CVE-2025-38063
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQ_PREFLUSH When a bio with REQ_PREFLUSH is submitted to dm, __send_empty_flush() generates a flush_bio with REQ_OP_WRITE | REQ_PREFLUSH | REQ_SYNC, which causes the flush_bio to be throttled by wbt_wait(). An example from v5.4, similar problem also exists in upstream: crash> bt 2091206 PID: 2091206 TASK: ffff2050df92a300 CPU: 109 COMMAND: "kworker/u260:0" #0 [ffff800084a2f7f0] __switch_to at fff... • https://git.kernel.org/stable/c/95d08924335f3b6f4ea0b92ebfe4fe0731c502d9 •