CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21973 – eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx}
https://notcve.org/view.php?id=CVE-2025-21973
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} When qstats-get operation is executed, callbacks of netdev_stats_ops are called. ... xa_find+0x8b/0xe0 netdev_nl_qstats_get_dumpit+0xbf/0x1e0 genl_dumpit+0x31/0x90 netlink_dump+0x1a8/0x360 In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} When qstats-get operation is executed, call... • https://git.kernel.org/stable/c/af7b3b4adda592cb49e202f3617454d5dda4c5b5 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21972 – net: mctp: unshare packets when reassembling
https://notcve.org/view.php?id=CVE-2025-21972
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the frag_list used for reassembly isn't shared with other packets. ... In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the frag_list used for reassembly isn't shared with other packets. • https://git.kernel.org/stable/c/4a992bbd365094730a31bae1e12a6ca695336d57 •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21971 – net_sched: Prevent creation of classes with TC_H_ROOT
https://notcve.org/view.php?id=CVE-2025-21971
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up ... • https://git.kernel.org/stable/c/066a3b5b2346febf9a655b444567b7138e3bb939 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21970 – net/mlx5: Bridge, fix the crash caused by LAG state check
https://notcve.org/view.php?id=CVE-2025-21970
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEV_CHANGEUPPER event is triggered. ... kthread_park+0x80/0x80 ret_from_fork_asm+0x11/0x20 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEV_CHANGEUPPER event is triggered. ... kthread_park+0x80/0x80 re... • https://git.kernel.org/stable/c/ff9b7521468bc2909293c1cda66a245a49688f6f •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21969 – Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd
https://notcve.org/view.php?id=CVE-2025-21969
01 Apr 2025 — [1] BUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954 Read of size 8 at addr ffff8880271a4000 by task kworker/u9:2/5837 CPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:2 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: hci1 hci_rx_work Call Trace:
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21968 – drm/amd/display: Fix slab-use-after-free on hdcp_work
https://notcve.org/view.php?id=CVE-2025-21968
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcp_work [Why] A slab-use-after-free is reported when HDCP is destroyed but the property_validate_dwork queue is still running. ... (cherry picked from commit 725a04ba5a95e89c89633d4322430cfbca7ce128) In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcp_work [Why] A slab-use-after-free is reported when HDCP is destroyed... • https://git.kernel.org/stable/c/da3fd7ac0bcf372cc57117bdfcd725cca7ef975a •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21967 – ksmbd: fix use-after-free in ksmbd_free_work_struct
https://notcve.org/view.php?id=CVE-2025-21967
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_free_work_struct ->interim_entry of ksmbd_work could be deleted after oplock is freed. We don't need to manage it with linked list. ... In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbd_free_work_struct ->interim_entry of ksmbd_work could be deleted after oplock is freed. • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21966 – dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature
https://notcve.org/view.php?id=CVE-2025-21966
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature Fix memory corruption due to incorrect parameter being passed to bio_init • https://git.kernel.org/stable/c/1d9a943898533e83f20370c0e1448d606627522e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21965 – sched_ext: Validate prev_cpu in scx_bpf_select_cpu_dfl()
https://notcve.org/view.php?id=CVE-2025-21965
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: sched_ext: Validate prev_cpu in scx_bpf_select_cpu_dfl() If a BPF scheduler provides an invalid CPU (outside the nr_cpu_ids range) as prev_cpu to scx_bpf_select_cpu_dfl() it can cause a kernel crash. In the Linux kernel, the following vulnerability has been resolved: sched_ext: Validate prev_cpu in scx_bpf_select_cpu_dfl() If a BPF scheduler provides an invalid CPU (outside the nr_cpu_ids range) as prev_cpu to scx_bpf_select_c... • https://git.kernel.org/stable/c/f0e1a0643a59bf1f922fa209cec86a170b784f3f •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21964 – cifs: Fix integer overflow while processing acregmax mount option
https://notcve.org/view.php?id=CVE-2025-21964
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies which can lead to an integer overflow. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter... • https://git.kernel.org/stable/c/5780464614f6abe6026f00cf5a0777aa453ba450 •