CVSS: 6.6EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21920 – vlan: enforce underlying device type
https://notcve.org/view.php?id=CVE-2025-21920
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to usermode. When creating a VLAN device, we initialize GARP (garp_init_applicant) and MRP (mrp_init_applicant) for the underlying device. As part of the initialization process, we add the multicast address of each app... • https://git.kernel.org/stable/c/22bedad3ce112d5ca1eaf043d4990fa2ed698c87 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21912 – gpio: rcar: Use raw_spinlock to protect register access
https://notcve.org/view.php?id=CVE-2025-21912
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: rcar: Use raw_spinlock to protect register access Use raw_spinlock in order to fix spurious messages about invalid context when spinlock debugging is enabled. The lock is only used to serialize register access. [ 4.239592] ============================= [ 4.239595] [ BUG: Invalid wait context ] [ 4.239599] 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35 Not tainted [ 4.239603] ----------------------------- [ 4.239606] kworker/u8:5/76 ... • https://git.kernel.org/stable/c/7c1f36f9c9aca507d317479a3d3388150ae40a87 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21910 – wifi: cfg80211: regulatory: improve invalid hints checking
https://notcve.org/view.php?id=CVE-2025-21910
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue [1] that occurs when erroneous symbols sent from userspace get through into user_alpha2[] via regulatory_hint_user() call. Such invalid regulatory hints should be rejected. While a sanity check from commit 47caf685a685 ("cfg80211: regulatory: reject invalid hints") looks to be enough to deter these very cases, there is a way to get around it due to 2 ... • https://git.kernel.org/stable/c/09d989d179d0c679043556dda77c51b41a2dae7e •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21909 – wifi: nl80211: reject cooked mode if it is set along with other flags
https://notcve.org/view.php?id=CVE-2025-21909
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject cooked mode if it is set along with other flags It is possible to set both MONITOR_FLAG_COOK_FRAMES and MONITOR_FLAG_ACTIVE flags simultaneously on the same monitor interface from the userspace. This causes a sub-interface to be created with no IEEE80211_SDATA_IN_DRIVER bit set because the monitor interface is in the cooked state and it takes precedence over all other states. When the interface is then being deleted th... • https://git.kernel.org/stable/c/66f7ac50ed7cc5c19a62bc97e8f6e7891004a03a •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53008 – cifs: fix potential memory leaks in session setup
https://notcve.org/view.php?id=CVE-2023-53008
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential memory leaks in session setup Make sure to free cifs_ses::auth_key.response before allocating it as we might end up leaking memory in reconnect or mounting. In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential memory leaks in session setup Make sure to free cifs_ses::auth_key.response before allocating it as we might end up leaking memory in reconnect or mounting. • https://git.kernel.org/stable/c/893d45394dbe4b5cbf3723c19e2ccc8b93a6ac9b •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53001 – drm/drm_vma_manager: Add drm_vma_node_allow_once()
https://notcve.org/view.php?id=CVE-2023-53001
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/drm_vma_manager: Add drm_vma_node_allow_once() Currently there is no easy way for a drm driver to safely check and allow drm_vma_offset_node for a drm file just once. Allow drm drivers to call non-refcounted version of drm_vma_node_allow() so that a driver doesn't need to keep track of each drm_vma_node_allow() to call subsequent drm_vma_node_revoke() to prevent memory leak. In the Linux kernel, the following vulnerability has been reso... • https://git.kernel.org/stable/c/67444f8ca31cdaf45e0b761241ad49b1ae04bcf9 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53000 – netlink: prevent potential spectre v1 gadgets
https://notcve.org/view.php?id=CVE-2023-53000
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from __nla_validate_parse() or validate_nla() u16 type = nla_type(nla); if (type == 0 || type > maxtype) { /* error or continue */ } @type is then used as an array index and can be used as a Spectre v1 gadget. array_index_nospec() can be used to prevent leaking content of kernel memory to malicious users. This should take care of vast majority of ... • https://git.kernel.org/stable/c/bfa83a9e03cf8d501c6272999843470afecb32ed •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52993 – x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL
https://notcve.org/view.php?id=CVE-2023-52993
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL Baoquan reported that after triggering a crash the subsequent crash-kernel fails to boot about half of the time. It triggers a NULL pointer dereference in the periodic tick code. This happens because the legacy timer interrupt (IRQ0) is resent in software which happens in soft interrupt (tasklet) context. In this context get_irq_regs() returns NULL which leads to the NULL pointer derefere... • https://git.kernel.org/stable/c/a4633adcdbc15ac51afcd0e1395de58cee27cf92 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52992 – bpf: Skip task with pid=1 in send_signal_common()
https://notcve.org/view.php?id=CVE-2023-52992
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in send_signal_common() The following kernel panic can be triggered when a task with pid=1 attaches a prog that attempts to send killing signal to itself, also see [1] for more details: Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b CPU: 3 PID: 1 Comm: systemd Not tainted 6.1.0-09652-g59fe41b5255f #148 Call Trace:
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52989 – firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region
https://notcve.org/view.php?id=CVE-2023-52989
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region This patch is fix for Linux kernel v2.6.33 or later. For request subaction to IEC 61883-1 FCP region, Linux FireWire subsystem have had an issue of use-after-free. The subsystem allows multiple user space listeners to the region, while data of the payload was likely released before the listeners execute read(2) to access to it for copying to user space. The... • https://git.kernel.org/stable/c/281e20323ab72180137824a298ee9e21e6f9acf6 •