CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37840 – mtd: rawnand: brcmnand: fix PM resume warning
https://notcve.org/view.php?id=CVE-2025-37840
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: fix PM resume warning Fixed warning on PM resume as shown below caused due to uninitialized struct nand_operation that checks chip select field : WARN_ON(op->cs >= nanddev_ntargets(&chip->base) [ 14.588522] ------------[ cut here ]------------ [ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8 [ 14.588553] Modules linked in: bdc udc_core [ 14.588579] CPU: 0 UID: 0... • https://git.kernel.org/stable/c/97d90da8a886949f09bb4754843fb0b504956ad2 •
CVSS: 8.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37839 – jbd2: remove wrong sb->s_sequence check
https://notcve.org/view.php?id=CVE-2025-37839
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb->s_sequence check Journal emptiness is not determined by sb->s_sequence == 0 but rather by sb->s_start == 0 (which is set a few lines above). Furthermore 0 is a valid transaction ID so the check can spuriously trigger. Remove the invalid WARN_ON. In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb->s_sequence check Journal emptiness is not determined by sb->s_sequence == 0 but rath... • https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2025-37836 – PCI: Fix reference leak in pci_register_host_bridge()
https://notcve.org/view.php?id=CVE-2025-37836
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reference leak in pci_register_host_bridge() If device_register() fails, call put_device() to give up the reference to avoid a memory leak, per the comment at device_register(). Found by code review. [bhelgaas: squash Dan Carpenter's double free fix from https://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain] In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reference leak in pci_... • https://git.kernel.org/stable/c/37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37834 – mm/vmscan: don't try to reclaim hwpoison folio
https://notcve.org/view.php?id=CVE-2025-37834
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: don't try to reclaim hwpoison folio Syzkaller reports a bug as follows: Injecting memory failure for pfn 0x18b00e at process virtual address 0x20ffd000 Memory failure: 0x18b00e: dirty swapcache page still referenced by 2 users Memory failure: 0x18b00e: recovery action for dirty swapcache page: Failed page: refcount:2 mapcount:0 mapping:0000000000000000 index:0x20ffd pfn:0x18b00e memcg:ffff0000dd6d9000 anon flags: 0x5ffffe00482011... • https://git.kernel.org/stable/c/1c9798bf8145a92abf45aa9d38a6406d9eb8bdf0 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2025-37833 – net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads
https://notcve.org/view.php?id=CVE-2025-37833
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads Fix niu_try_msix() to not cause a fatal trap on sparc systems. Set PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to work around a bug in the hardware or firmware. For each vector entry in the msix table, niu chips will cause a fatal trap if any registers in that entry are read before that entries' ENTRY_DATA register is written to. Testing indicates writ... • https://git.kernel.org/stable/c/7d5ec3d3612396dc6d4b76366d20ab9fc06f399f •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37830 – cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
https://notcve.org/view.php?id=CVE-2025-37830
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. scmi_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference. Add NULL check after cpufreq_cpu_get_raw() to prevent this issue. In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_g... • https://git.kernel.org/stable/c/99d6bdf3387734d75e3e34e94a58b8a355b7a9c8 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-37829 – cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
https://notcve.org/view.php?id=CVE-2025-37829
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. scpi_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CP... • https://git.kernel.org/stable/c/343a8d17fa8d6dd97f408e8fedbcef12073f3774 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37824 – tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
https://notcve.org/view.php?id=CVE-2025-37824
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() syzbot reported: tipc: Node number set to 1055423674 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] CPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q... • https://git.kernel.org/stable/c/28845c28f842e9e55e75b2c116bff714bb039055 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-37823 – net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
https://notcve.org/view.php?id=CVE-2025-37823
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer. In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37820 – xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()
https://notcve.org/view.php?id=CVE-2025-37820
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() The function xdp_convert_buff_to_frame() may return NULL if it fails to correctly convert the XDP buffer into an XDP frame due to memory constraints, internal errors, or invalid data. Failing to check for NULL may lead to a NULL pointer dereference if the result is used later in processing, potentially causing crashes, data corruption, or undefined behavior. On XDP redirect f... • https://git.kernel.org/stable/c/6c5aa6fc4defc2a0977a2c59e4710d50fa1e834c •