CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21830 – landlock: Handle weird files
https://notcve.org/view.php?id=CVE-2025-21830
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: landlock: Handle weird files A corrupted filesystem (e.g. bcachefs) might return weird files. Instead of throwing a warning and allowing access to such file, treat them as regular files. In the Linux kernel, the following vulnerability has been resolved: landlock: Handle weird files A corrupted filesystem (e.g. bcachefs) might return weird files. Instead of throwing a warning and allowing access to such file, treat them as regular files. • https://git.kernel.org/stable/c/cb2c7d1a1776057c9a1f48ed1250d85e94d4850d •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21829 – RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]"
https://notcve.org/view.php?id=CVE-2025-21829
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" The Call Trace is as below: " <TASK> ? show_regs.cold+0x1a/0x1f ? __rxe_cleanup+0x12c/0x170 [rdma_rxe] ? __warn+0x84/0xd0 ? __rxe_cleanup+0x12c/0x170 [rdma_rxe] ? • https://git.kernel.org/stable/c/215d0a755e1bcd92cbe6a71a21194ce7c82ec106 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21828 – wifi: mac80211: don't flush non-uploaded STAs
https://notcve.org/view.php?id=CVE-2025-21828
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't flush non-uploaded STAs If STA state is pre-moved to AUTHORIZED (such as in IBSS scenarios) and insertion fails, the station is freed. In this case, the driver never knew about the station, so trying to flush it is unexpected and may crash. Check if the sta was uploaded to the driver before and fix this. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't flush non-uploaded STAs If... • https://git.kernel.org/stable/c/d00800a289c9349bb659a698cbd7bc04521dc927 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21827 – Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface()
https://notcve.org/view.php?id=CVE-2025-21827
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface() The documentation for usb_driver_claim_interface() says that "the device lock" is needed when the function is called from places other than probe(). This appears to be the lock for the USB interface device. The Mediatek btusb code gets called via this path: Workqueue: hci0 hci_power_on [bluetooth] Call trace: usb_driver_claim_interface btusb_mtk_claim_iso_intf btusb_mtk_... • https://git.kernel.org/stable/c/ceac1cb0259de682d78f5c784ef8e0b13022e9d9 •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21826 – netfilter: nf_tables: reject mismatching sum of field_len with set key length
https://notcve.org/view.php?id=CVE-2025-21826
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject mismatching sum of field_len with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapo_init(). The set key length provides the total size of the key aligned to 32-bits. Register-based arithmetics still allows for combining mismatching set key length and field length de... • https://git.kernel.org/stable/c/9cb084df01e198119de477ac691d682fb01e80f3 •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21825 – bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT
https://notcve.org/view.php?id=CVE-2025-21825
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT During the update procedure, when overwrite element in a pre-allocated htab, the freeing of old_element is protected by the bucket lock. The reason why the bucket lock is necessary is that the old_element has already been stashed in htab->extra_elems after alloc_htab_elem() returns. If freeing the old_element after the bucket lock is unlocked, the stashed element may be reused... • https://git.kernel.org/stable/c/b00628b1c7d595ae5b544e059c27b1f5828314b4 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-58075 – crypto: tegra - do not transfer req when tegra init fails
https://notcve.org/view.php?id=CVE-2024-58075
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegra_cmac_init or tegra_sha_init function may return an error when memory is exhausted. It should not transfer the request when they return an error. In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegra_cmac_init or tegra_sha_init function may return an error when memory is exhausted. It should no... • https://git.kernel.org/stable/c/0880bb3b00c855fc244b7177ffdaafef4d0aa1e0 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58072 – wifi: rtlwifi: remove unused check_buddy_priv
https://notcve.org/view.php?id=CVE-2024-58072
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused check_buddy_priv Commit 2461c7d60f9f ("rtlwifi: Update header file") introduced a global list of private data structures. Later on, commit 26634c4b1868 ("rtlwifi Modify existing bits to match vendor version 2013.02.07") started adding the private data to that list at probe time and added a hook, check_buddy_priv to find the private data from a similar device. However, that function was never used. Besides, thoug... • https://git.kernel.org/stable/c/26634c4b1868323f49f8cd24c3493b57819867fd •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58071 – team: prevent adding a device which is already a team device lower
https://notcve.org/view.php?id=CVE-2024-58071
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, e.g. adding veth0 if vlan1 was already added and veth0 is a lower of vlan1. This is not useful in practice and can lead to recursive locking: $ ip link add veth0 type veth peer name veth1 $ ip link set veth0 up $ ip link set veth1 up $ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1 $ ip link ad... • https://git.kernel.org/stable/c/3d249d4ca7d0ed6629a135ea1ea21c72286c0d80 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-58070 – bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT
https://notcve.org/view.php?id=CVE-2024-58070
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT In PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible context. bpf_mem_alloc must be used in PREEMPT_RT. This patch is to enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT is enabled. [ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: ... • https://git.kernel.org/stable/c/08a7ce384e33e53e0732c500a8af67a73f8fceca •