CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21943 – gpio: aggregator: protect driver attr handlers against module unload
https://notcve.org/view.php?id=CVE-2025-21943
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: aggregator: protect driver attr handlers against module unload Both new_device_store and delete_device_store touch module global resources (e.g. gpio_aggregator_lock). ... ---[ end trace 0000000000000000 ]--- In the Linux kernel, the following vulnerability has been resolved: gpio: aggregator: protect driver attr handlers against module unload Both new_device_store and delete_device_store touch module global reso... • https://git.kernel.org/stable/c/828546e24280f721350a7a0dcc92416e917b4382 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21942 – btrfs: zoned: fix extent range end unlock in cow_file_range()
https://notcve.org/view.php?id=CVE-2025-21942
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix extent range end unlock in cow_file_range() Running generic/751 on the for-next branch often results in a hang like below. ... In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix extent range end unlock in cow_file_range() Running generic/751 on the for-next branch often results in a hang like below. • https://git.kernel.org/stable/c/692cf71173bb41395c855acbbbe197d3aedfa5d4 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21941 – drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params
https://notcve.org/view.php?id=CVE-2025-21941
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params Null pointer dereference issue could occur when pipe_ctx->plane_state is null. ... (cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092) In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params Null pointer dereference iss... • https://git.kernel.org/stable/c/3be5262e353b8ab97c528bfc7d0dd3c820e4ba27 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21940 – drm/amdkfd: Fix NULL Pointer Dereference in KFD queue
https://notcve.org/view.php?id=CVE-2025-21940
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when calling kfd_queue_acquire_buffers. (cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530) In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when callin... • https://git.kernel.org/stable/c/629568d25fea8ece4f65073f039aeef4e240ab67 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21939 – drm/xe/hmm: Don't dereference struct page pointers without notifier lock
https://notcve.org/view.php?id=CVE-2025-21939
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/xe/hmm: Don't dereference struct page pointers without notifier lock The pnfs that we obtain from hmm_range_fault() point to pages that we don't have a reference on, and the guarantee that they are still in the cpu page-tables is that the notifier lock must be held and the notifier seqno is still valid. ... (Matthew Auld) (cherry picked from commit ea3e66d280ce2576664a862693d1da8fd324c317) In the Linux kernel, the followin... • https://git.kernel.org/stable/c/81e058a3e7fd8593d076b4f26f7b8bb49f1d61e3 •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21938 – mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr
https://notcve.org/view.php?id=CVE-2025-21938
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr If multiple connection requests attempt to create an implicit mptcp endpoint in parallel, more than one caller may end up in mptcp_pm_nl_append_new_local_addr because none found the address in local_addr_list during their call to mptcp_pm_nl_get_local_id. In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while ato... • https://git.kernel.org/stable/c/d045b9eb95a9b611c483897a69e7285aefdc66d7 •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21937 – Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()
https://notcve.org/view.php?id=CVE-2025-21937
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() Add check for the return value of mgmt_alloc_skb() in mgmt_remote_name() to prevent null pointer dereference. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() Add check for the return value of mgmt_alloc_skb() in mgmt_remote_name() to prevent null pointer dereference. • https://git.kernel.org/stable/c/ba17bb62ce415950753c19d16bb43b2bd3701158 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21936 – Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()
https://notcve.org/view.php?id=CVE-2025-21936
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() Add check for the return value of mgmt_alloc_skb() in mgmt_device_connected() to prevent null pointer dereference. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() Add check for the return value of mgmt_alloc_skb() in mgmt_device_connected() to prevent null pointer derefer... • https://git.kernel.org/stable/c/e96741437ef0a5d18144e790ac894397efda0924 •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21935 – rapidio: add check for rio_add_net() in rio_scan_alloc_net()
https://notcve.org/view.php?id=CVE-2025-21935
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rio_add_net() in rio_scan_alloc_net() The return value of rio_add_net() should be checked. In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rio_add_net() in rio_scan_alloc_net() The return value of rio_add_net() should be checked. ... • https://git.kernel.org/stable/c/e6b585ca6e81badeb3d42db3cc408174f2826034 •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21934 – rapidio: fix an API misues when rio_add_net() fails
https://notcve.org/view.php?id=CVE-2025-21934
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rio_add_net() fails rio_add_net() calls device_register() and fails when device_register() fails. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rio_add_net() fails rio_add_net() calls device_register() and fails when device_register() fails. ... • https://git.kernel.org/stable/c/e8de370188d098bb49483c287b44925957c3c9b6 •