CVSS: 6.4EPSS: 0%CPEs: 9EXPL: 0CVE-2025-23136 – thermal: int340x: Add NULL check for adev
https://notcve.org/view.php?id=CVE-2025-23136
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companion fwnode, so adev might be NULL. This is similar to the commit cd2fd6eab480 ("platform/x86: int3472: Check for adev == NULL"). ... Note, under the same directory, int3400_thermal_probe() has such a check. [ rjw: Subject edit, added Fixes: ] In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev ... • https://git.kernel.org/stable/c/77e337c6e23e3b9d22e09ffec202a80f755a54c2 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23135 – RISC-V: KVM: Teardown riscv specific bits after kvm_exit
https://notcve.org/view.php?id=CVE-2025-23135
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Teardown riscv specific bits after kvm_exit During a module removal, kvm_exit invokes arch specific disable call which disables AIA. ... In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Teardown riscv specific bits after kvm_exit During a module removal, kvm_exit invokes arch specific disable call which disables AIA. • https://git.kernel.org/stable/c/54e43320c2ba0c70258a3aea690da38c6ea3293c •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-23134 – ALSA: timer: Don't take register_mutex with copy_from/to_user()
https://notcve.org/view.php?id=CVE-2025-23134
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take register_mutex with copy_from/to_user() The infamous mmap_lock taken in copy_from/to_user() can be often problematic when it's called inside another mutex, as they might lead to deadlocks. In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take register_mutex with copy_from/to_user() The infamous mmap_lock taken in copy_from/to_user() can be often problematic when it'... • https://git.kernel.org/stable/c/3923de04c81733b30b8ed667569632272fdfed9a •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-23133 – wifi: ath11k: update channel list in reg notifier instead reg worker
https://notcve.org/view.php?id=CVE-2025-23133
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue reg_work. 2. cfg80211 handles new channel list during reg_work. 3. update cfg80211's handled channel list to firmware by ath11k_reg_update_chan_list(). ... • https://git.kernel.org/stable/c/f45cb6b29cd36514e13f7519770873d8c0457008 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23132 – f2fs: quota: fix to avoid warning in dquot_writeback_dquots()
https://notcve.org/view.php?id=CVE-2025-23132
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix to avoid warning in dquot_writeback_dquots() F2FS-fs (dm-59): checkpoint=enable has some unwritten data. In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix to avoid warning in dquot_writeback_dquots() F2FS-fs (dm-59): checkpoint=enable has some unwritten data. • https://git.kernel.org/stable/c/af033b2aa8a874fd5737fafe90d159136527b5b4 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23131 – dlm: prevent NPD when writing a positive value to event_done
https://notcve.org/view.php?id=CVE-2025-23131
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: dlm: prevent NPD when writing a positive value to event_done do_uevent returns the value written to event_done. ... In the Linux kernel, the following vulnerability has been resolved: dlm: prevent NPD when writing a positive value to event_done do_uevent returns the value written to event_done. • https://git.kernel.org/stable/c/8511a2728ab82cab398e39d019f5cf1246021c1c •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23130 – f2fs: fix to avoid panic once fallocation fails for pinfile
https://notcve.org/view.php?id=CVE-2025-23130
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic once fallocation fails for pinfile syzbot reports a f2fs bug as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.c:2746!... In addition, do below changes to enhance error path handling: - call f2fs_bug_on() only in non-pinfile allocation path in get_new_segment(). - call reset_curseg_fields() to reset all fields of curseg in new_curseg() In the Linux kernel, the following vulne... • https://git.kernel.org/stable/c/f5a53edcf01eae21dc3ef1845515229e8459e5cc •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2025-23129 – wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path
https://notcve.org/view.php?id=CVE-2025-23129
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path If a shared IRQ is used by the driver due to platform limitation, then the IRQ affinity hint is set right after the allocation of IRQ vectors in ath11k_pci_alloc_msi(). ... Tested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-05266-QCAHSTSWPLZ_V2_TO_X86-1 In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Clear affinity ... • https://git.kernel.org/stable/c/39564b475ac5a589e6c22c43a08cbd283c295d2c •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22128 – wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path
https://notcve.org/view.php?id=CVE-2025-22128
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path If a shared IRQ is used by the driver due to platform limitation, then the IRQ affinity hint is set right after the allocation of IRQ vectors in ath12k_pci_msi_alloc(). In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path If a shared IRQ is used... • https://git.kernel.org/stable/c/a3012f206d07fa62b5c2e384cbc3a81a4dbba3c9 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22127 – f2fs: fix potential deadloop in prepare_compress_overwrite()
https://notcve.org/view.php?id=CVE-2025-22127
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential deadloop in prepare_compress_overwrite() Jan Prusakowski reported a kernel hang issue as below: When running xfstests on linux-next kernel (6.14.0-rc3, 6.12) I encountered a problem in generic/475 test where fsstress process gets blocked in __f2fs_write_data_pages() and the test hangs. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential deadloop in prepare_compress... • https://git.kernel.org/stable/c/4c8ff7095bef64fc47e996a938f7d57f9e077da3 •