CVSS: 5.6EPSS: %CPEs: 6EXPL: 0CVE-2025-38650 – hfsplus: remove mutex_lock check in hfsplus_free_extents
https://notcve.org/view.php?id=CVE-2025-38650
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutex_lock check in hfsplus_free_extents Syzbot reported an issue in hfsplus filesystem: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplus_free_extents+0x700/0xad0 Call Trace:
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38645 – net/mlx5: Check device memory pointer before usage
https://notcve.org/view.php?id=CVE-2025-38645
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev->dm allocation in mlx5_init_once() fails. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev->dm allocation in mlx5_init_once() fails. • https://git.kernel.org/stable/c/c9b9dcb430b3cd0ad2b04c360c4e528d73430481 •
CVSS: 5.6EPSS: %CPEs: 6EXPL: 0CVE-2025-38644 – wifi: mac80211: reject TDLS operations when station is not associated
https://notcve.org/view.php?id=CVE-2025-38644
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending NL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT, before association completed and without prior TDLS setup. This left internal state like sdata->u.mgd.tdls_peer uninitialized, leading to a WARN_ON() in code paths that assumed it was valid. Reject the operation early if not in station mode or not as... • https://git.kernel.org/stable/c/81dd2b8822410e56048b927be779d95a2b6dc186 •
CVSS: 5.9EPSS: %CPEs: 6EXPL: 0CVE-2025-38643 – wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()
https://notcve.org/view.php?id=CVE-2025-38643
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() Callers of wdev_chandef() must hold the wiphy mutex. But the worker cfg80211_propagate_cac_done_wk() never takes the lock. Which triggers the warning below with the mesh_peer_connected_dfs test from hostapd and not (yet) released mac80211 code changes: WARNING: CPU: 0 PID: 495 at net/wireless/chan.c:1552 wdev_chandef+0x60/0x165 Modules linked in: CPU: 0 UID: 0 PID: 495 Comm: k... • https://git.kernel.org/stable/c/26ec17a1dc5ecdd8d91aba63ead6f8b5ad5dea0d •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38639 – netfilter: xt_nfacct: don't assume acct name is null-terminated
https://notcve.org/view.php?id=CVE-2025-38639
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_nfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 [..] string+0x231/0x2b0 lib/vsprintf.c:721 vsnprintf+0x739/0xf00 lib/vsprintf.c:2874 [..] nfacct_mt_checkentry+0xd2/0xe0 net/netfilter/xt_nfacct.c:41 xt_check_match+0x3d1/0xab0 net/netfilter/x_tables.c:523 nfnl_acct_find_get() handles non-null input, but ... • https://git.kernel.org/stable/c/ceb98d03eac5704820f2ac1f370c9ff385e3a9f5 •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2025-38636 – rv: Use strings in da monitors tracepoints
https://notcve.org/view.php?id=CVE-2025-38636
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: rv: Use strings in da monitors tracepoints Using DA monitors tracepoints with KASAN enabled triggers the following warning: BUG: KASAN: global-out-of-bounds in do_trace_event_raw_event_event_da_monitor+0xd6/0x1a0 Read of size 32 at addr ffffffffaada8980 by task ... Call Trace:
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38635 – clk: davinci: Add NULL check in davinci_lpsc_clk_register()
https://notcve.org/view.php?id=CVE-2025-38635
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, davinci_lpsc_clk_register() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue and ensuring no resources are left allocated. In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davi... • https://git.kernel.org/stable/c/c6ed4d734bc7f731709dab0ffd69eed499dd5277 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38634 – power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
https://notcve.org/view.php?id=CVE-2025-38634
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for power_supply_get_by_name In the cpcap_usb_detect() function, the power_supply_get_by_name() function may return `NULL` instead of an error pointer. To prevent potential null pointer dereferences, Added a null check. In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for power_supply_get_by_name In the cpcap_usb_detect() function, t... • https://git.kernel.org/stable/c/eab4e6d953c1059a30ac0f15826abc7dd2374d3c •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2025-38630 – fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
https://notcve.org/view.php?id=CVE-2025-38630
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref fb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot allocate a struct fb_modelist. If that happens, the modelist stays empty but the driver continues to register. Add a check for its return value to prevent poteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 ("fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_... • https://git.kernel.org/stable/c/1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c •
CVSS: 7.1EPSS: %CPEs: 2EXPL: 0CVE-2025-38627 – f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
https://notcve.org/view.php?id=CVE-2025-38627
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic The decompress_io_ctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing post_read_wq has not been executed yet due to high workloads, It is possible that the inode(f2fs_inode_info) is evicted and freed before it is used f2fs_free_dic. The UAF case as below: Thread A Thread B - f2fs_decompress_end_io - ... • https://git.kernel.org/stable/c/bff139b49d9f70c1ac5384aac94554846aa834de •