CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2025-38659 – gfs2: No more self recovery
https://notcve.org/view.php?id=CVE-2025-38659
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: gfs2: No more self recovery When a node withdraws and it turns out that it is the only node that has the filesystem mounted, gfs2 currently tries to replay the local journal to bring the filesystem back into a consistent state. Not only is that a very bad idea, it has also never worked because gfs2_recover_func() will refuse to do anything during a withdraw. However, before even getting to this point, gfs2_recover_func() dereferences sdp->s... • https://git.kernel.org/stable/c/601ef0d52e9617588fcff3df26953592f2eb44ac •
CVSS: 10.0EPSS: %CPEs: 2EXPL: 0CVE-2025-38658 – nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails
https://notcve.org/view.php?id=CVE-2025-38658
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails Have nvmet_req_init() and req->execute() complete failed commands. Description of the problem: nvmet_req_init() calls __nvmet_req_complete() internally upon failure, e.g., unsupported opcode, which calls the "queue_response" callback, this results in nvmet_pci_epf_queue_response() being called, which will call nvmet_pci_epf_complete_iod() if data_len is 0 or if dma_dir... • https://git.kernel.org/stable/c/0faa0fe6f90ea59b10d1b0f15ce0eb0c18eff186 •
CVSS: 7.8EPSS: %CPEs: 3EXPL: 0CVE-2025-38656 – wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
https://notcve.org/view.php?id=CVE-2025-38656
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() Preserve the error code if iwl_setup_deferred_work() fails. The current code returns ERR_PTR(0) (which is NULL) on this path. I believe the missing error code potentially leads to a use after free involving debugfs. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() Preserve the error code if iwl_setup_deferred_... • https://git.kernel.org/stable/c/6663c52608d8d8727bf1911e6d9218069ba1c85e •
CVSS: 7.8EPSS: %CPEs: 3EXPL: 0CVE-2025-38655 – pinctrl: canaan: k230: add NULL check in DT parse
https://notcve.org/view.php?id=CVE-2025-38655
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: add NULL check in DT parse Add a NULL check for the return value of of_get_property() when retrieving the "pinmux" property in the group parser. This avoids a potential NULL pointer dereference if the property is missing from the device tree node. Also fix a typo ("sintenel") in the device ID match table comment, correcting it to "sentinel". In the Linux kernel, the following vulnerability has been resolved: pinctrl: ... • https://git.kernel.org/stable/c/545887eab6f6776a7477fe7e83860eab57138b03 •
CVSS: 5.6EPSS: %CPEs: 3EXPL: 0CVE-2025-38654 – pinctrl: canaan: k230: Fix order of DT parse and pinctrl register
https://notcve.org/view.php?id=CVE-2025-38654
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix order of DT parse and pinctrl register Move DT parse before pinctrl register. This ensures that device tree parsing is done before calling devm_pinctrl_register() to prevent using uninitialized pin resources. In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix order of DT parse and pinctrl register Move DT parse before pinctrl register. This ensures that device tree parsi... • https://git.kernel.org/stable/c/545887eab6f6776a7477fe7e83860eab57138b03 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38653 – proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
https://notcve.org/view.php?id=CVE-2025-38653
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may cause UAF in rmmod scenario. It's a gap in proc_reg_open() after commit 654b33ada4ab("proc: fix UAF in proc_get_inode()"). Followed by AI Viro's suggestion, fix it in same manner. In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_rea... • https://git.kernel.org/stable/c/3f61631d47f115b83c935d0039f95cb68b0c8ab7 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38652 – f2fs: fix to avoid out-of-boundary access in devs.path
https://notcve.org/view.php?id=CVE-2025-38652
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $((1024*1024*1024)) \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touch /mnt/f2fs/file - truncate -s $((1024*1024*1024)) /mnt/f2fs/file - mkfs.f2fs /mnt/f2fs/012345678901234567890123456789012345678901234567890123 \ -c /mnt/f2fs/file - mount /mnt/f2fs/0123456789012345678901234567... • https://git.kernel.org/stable/c/3c62be17d4f562f43fe1d03b48194399caa35aa5 •
CVSS: 5.6EPSS: %CPEs: 6EXPL: 0CVE-2025-38650 – hfsplus: remove mutex_lock check in hfsplus_free_extents
https://notcve.org/view.php?id=CVE-2025-38650
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutex_lock check in hfsplus_free_extents Syzbot reported an issue in hfsplus filesystem: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplus_free_extents+0x700/0xad0 Call Trace:
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2025-38649 – arm64: dts: qcom: qcs615: fix a crash issue caused by infinite loop for Coresight
https://notcve.org/view.php?id=CVE-2025-38649
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: qcs615: fix a crash issue caused by infinite loop for Coresight An infinite loop has been created by the Coresight devices. When only a source device is enabled, the coresight_find_activated_sysfs_sink function is recursively invoked in an attempt to locate an active sink device, ultimately leading to a stack overflow and system crash. Therefore, disable the replicator1 to break the infinite loop and prevent a potential st... • https://git.kernel.org/stable/c/bf469630552a3950d0370dd5fd1f9bf0145d09d5 •
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2025-38648 – spi: stm32: Check for cfg availability in stm32_spi_probe
https://notcve.org/view.php?id=CVE-2025-38648
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: stm32: Check for cfg availability in stm32_spi_probe The stm32_spi_probe function now includes a check to ensure that the pointer returned by of_device_get_match_data is not NULL before accessing its members. This resolves a warning where a potential NULL pointer dereference could occur when accessing cfg->has_device_mode. Before accessing the 'has_device_mode' member, we verify that 'cfg' is not NULL. If 'cfg' is NULL, an error messag... • https://git.kernel.org/stable/c/fee681646fc831b154619ac0261afedcc7e671e7 •