CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2025-37877 – iommu: Clear iommu-dma ops on cleanup
https://notcve.org/view.php?id=CVE-2025-37877
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu: Clear iommu-dma ops on cleanup If iommu_device_register() encounters an error, it can end up tearing down already-configured groups and default domains, however this currently still leaves devices hooked up to iommu-dma (and even historically the behaviour in this area was at best inconsistent across architectures/drivers...) Although in the case that an IOMMU is present whose driver has failed to probe, users cannot necessarily expe... • https://git.kernel.org/stable/c/b14d98641312d972bb3f38e82eddf92898522389 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2025-37876 – netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS
https://notcve.org/view.php?id=CVE-2025-37876
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS When testing a special config: CONFIG_NETFS_SUPPORTS=y CONFIG_PROC_FS=n The system crashes with something like: [ 3.766197] ------------[ cut here ]------------ [ 3.766484] kernel BUG at mm/mempool.c:560! [ 3.766789] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 3.767123] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W [ 3.767777] Tainted: [W]=WARN [ 3.767968] Hardware name: QEMU Standar... • https://git.kernel.org/stable/c/2ef6eea2efce01d1956ace483216f6b6e26330c9 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2025-37875 – igc: fix PTM cycle trigger logic
https://notcve.org/view.php?id=CVE-2025-37875
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. To fix this, clear the PTM 'trigger' and status after each PTM transaction. The issue can be reproduced with the following: $ sudo phc2sys -R 1000 -O 0 -i tsn0 -m Note: 1000 Hz (-R 1000) is unrealistically large, but provides a way to quickly reproduce the issue. PHC2SYS exits with: "ioctl PTP_OF... • https://git.kernel.org/stable/c/a90ec84837325df4b9a6798c2cc0df202b5680bd •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-37874 – net: ngbe: fix memory leak in ngbe_probe() error path
https://notcve.org/view.php?id=CVE-2025-37874
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbe_probe() error path When ngbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). However, in ngbe_probe() function, the subsequent error paths after ngbe_sw_init() don't free the rss_key. Fix that by freeing it in error path along with wx->mac_table. Also change the label to which execution jumps when ngbe_sw_init() fails, because otherwise, it could lead to a double free for rss... • https://git.kernel.org/stable/c/02338c484ab6250b81f0266ffb40d53c3efe0f47 •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2025-37871 – nfsd: decrease sc_count directly if fail to queue dl_recall
https://notcve.org/view.php?id=CVE-2025-37871
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sc_count directly if fail to queue dl_recall A deadlock warning occurred when invoking nfs4_put_stid following a failed dl_recall queue operation: T1 T2 nfs4_laundromat nfs4_get_client_reaplist nfs4_anylock_blockers __break_lease spin_lock // ctx->flc_lock spin_lock // clp->cl_lock nfs4_lockowner_has_blockers locks_owner_has_blockers spin_lock // flctx->flc_lock nfsd_break_deleg_cb nfsd_break_one_deleg nfs4_put_stid refcount_... • https://git.kernel.org/stable/c/b874cdef4e67e5150e07eff0eae1cbb21fb92da1 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2025-37870 – drm/amd/display: prevent hang on link training fail
https://notcve.org/view.php?id=CVE-2025-37870
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: prevent hang on link training fail [Why] When link training fails, the phy clock will be disabled. However, in enable_streams, it is assumed that link training succeeded and the mux selects the phy clock, causing a hang when a register write is made. [How] When enable_stream is hit, check if link training failed. If it did, fall back to the ref clock to avoid a hang and keep the system in a recoverable state. • https://git.kernel.org/stable/c/0363c03672cd3191f037905bf981eb523a3b71b1 •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2025-37867 – RDMA/core: Silence oversized kvmalloc() warning
https://notcve.org/view.php?id=CVE-2025-37867
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Silence oversized kvmalloc() warning syzkaller triggered an oversized kvmalloc() warning. Silence it by adding __GFP_NOWARN. syzkaller log: WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180 CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 RIP: 0010:__kvmalloc_node_noprof+0x1... • https://git.kernel.org/stable/c/37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-37865 – net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported
https://notcve.org/view.php?id=CVE-2025-37865
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported Russell King reports that on the ZII dev rev B, deleting a bridge VLAN from a user port fails with -ENOENT: https://lore.kernel.org/netdev/Z_lQXNP0s5-IiJzd@shell.armlinux.org.uk/ This comes from mv88e6xxx_port_vlan_leave() -> mv88e6xxx_mst_put(), which tries to find an MST entry in &chip->msts associated with the SID, but fails and returns -ENOENT as such. But we kn... • https://git.kernel.org/stable/c/acaf4d2e36b3466334af4d3ee6ac254c3316165c •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-37864 – net: dsa: clean up FDB, MDB, VLAN entries on unbind
https://notcve.org/view.php?id=CVE-2025-37864
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entries on unbind As explained in many places such as commit b117e1e8a86d ("net: dsa: delete dsa_legacy_fdb_add and dsa_legacy_fdb_del"), DSA is written given the assumption that higher layers have balanced additions/deletions. As such, it only makes sense to be extremely vocal when those assumptions are violated and the driver unbinds with entries still present. But Ido Schimmel points out a very simple si... • https://git.kernel.org/stable/c/0832cd9f1f023226527e95002d537123061ddac4 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-37863 – ovl: don't allow datadir only
https://notcve.org/view.php?id=CVE-2025-37863
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, only introduced by the "datadir+" feature, but without actually handling this case, resulting in an Oops. Fix by disallowing datadir without lowerdir. • https://git.kernel.org/stable/c/cc0918b3582c98f12cfb30bf7496496d14bff3e9 •