CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-38244 – smb: client: fix potential deadlock when reconnecting channels
https://notcve.org/view.php?id=CVE-2025-38244
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when reconnecting channels Fix cifs_signal_cifsd_for_reconnect() to take the correct lock order and prevent the following deadlock from happening ====================================================== WARNING: possible circular locking dependency detected 6.16.0-rc3-build2+ #1301 Tainted: G S W ------------------------------------------------------ cifsd/6055 is trying to acquire lock: ffff88810ad5... • https://git.kernel.org/stable/c/d7d7a66aacd6fd8ca57baf08a7bac5421282f6f8 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2025-38243 – btrfs: fix invalid inode pointer dereferences during log replay
https://notcve.org/view.php?id=CVE-2025-38243
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid inode pointer dereferences during log replay In a few places where we call read_one_inode(), if we get a NULL pointer we end up jumping into an error path, or fallthrough in case of __add_inode_ref(), where we then do something like this: iput(&inode->vfs_inode); which results in an invalid inode pointer that triggers an invalid memory access, resulting in a crash. • https://git.kernel.org/stable/c/b4c50cbb01a1b6901d2b94469636dd80fa93de81 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2025-38242 – mm: userfaultfd: fix race of userfaultfd_move and swap cache
https://notcve.org/view.php?id=CVE-2025-38242
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: mm: userfaultfd: fix race of userfaultfd_move and swap cache This commit fixes two kinds of races, they may have different results: Barry reported a BUG_ON in commit c50f8e6053b0, we may see the same BUG_ON if the filemap lookup returned NULL and folio is added to swap cache after that. • https://git.kernel.org/stable/c/adef440691bab824e39c1b17382322d195e1fab0 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2025-38241 – mm/shmem, swap: fix softlockup with mTHP swapin
https://notcve.org/view.php?id=CVE-2025-38241
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix softlockup with mTHP swapin Following softlockup can be easily reproduced on my test machine with: echo always > /sys/kernel/mm/transparent_hugepage/hugepages-64kB/enabled swapon /dev/zram0 # zram0 is a 48G swap device mkdir -p /sys/fs/cgroup/memory/test echo 1G > /sys/fs/cgroup/test/memory.max echo $BASHPID > /sys/fs/cgroup/test/cgroup.procs while true; do dd if=/dev/zero of=/tmp/test.img bs=1M count=5120 cat /tm... • https://git.kernel.org/stable/c/1dd44c0af4fa1e80a4e82faa10cbf5d22da40362 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38239 – scsi: megaraid_sas: Fix invalid node index
https://notcve.org/view.php?id=CVE-2025-38239
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix invalid node index On a system with DRAM interleave enabled, out-of-bound access is detected: megaraid_sas 0000:3f:00.0: requested/available msix 128/128 poll_queue 0 ------------[ cut here ]------------ UBSAN: array-index-out-of-bounds in . • https://git.kernel.org/stable/c/8049da6f3943d0ac51931b8064b2e4769a69a967 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2025-38238 – scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out
https://notcve.org/view.php?id=CVE-2025-38238
09 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. • https://git.kernel.org/stable/c/09c1e6ab4ab2a107d96f119950dc330e446dc2b0 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38237 – media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode()
https://notcve.org/view.php?id=CVE-2025-38237
08 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() In fimc_is_hw_change_mode(), the function changes camera modes without waiting for hardware completion, risking corrupted data or system hangs if subsequent operations proceed before the hardware is ready. In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mod... • https://git.kernel.org/stable/c/b0d92b94278561f43057003a73a17ce13b7c1a1a •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38236 – af_unix: Don't leave consecutive consumed OOB skbs.
https://notcve.org/view.php?id=CVE-2025-38236
08 Jul 2025 — [0]: BUG: KASAN: slab-use-after-free in unix_stream_read_actor (net/unix/af_unix.c:3027) Read of size 4 at addr ffff888106ef2904 by task python3/315 CPU: 2 UID: 0 PID: 315 Comm: python3 Not tainted 6.16.0-rc1-00407-gec315832f6f9 #8 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-4.fc42 04/01/2014 Call Trace:
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38235 – HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting
https://notcve.org/view.php?id=CVE-2025-38235
06 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting During appletb_kbd_probe, probe attempts to get the backlight device by name. ... In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting During appletb_kbd_probe, probe attempts to get the backlight device by name. • https://git.kernel.org/stable/c/93a0fc48948107e0cc34e1de22c3cb363a8f2783 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38234 – sched/rt: Fix race in push_rt_task
https://notcve.org/view.php?id=CVE-2025-38234
04 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a double lock on both CPUs' runqueues. ... asm_sysvec_reschedule_i ---truncated--- In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses t... • https://git.kernel.org/stable/c/07ecabfbca64f4f0b6071cf96e49d162fa9d138d •