CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21645 – platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it
https://notcve.org/view.php?id=CVE-2025-21645
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it Wakeup for IRQ1 should be disabled only in cases where i8042 had actually enabled it, otherwise "wake_depth" for this IRQ will try to drop below zero and there will be an unpleasant WARN() logged: kernel: atkbd serio0: Disabling IRQ1 wakeup source to avoid platform firmware bug kernel: ------------[ cut here ]------------ kernel: Unbalanced IRQ 1 wake disable ker... • https://git.kernel.org/stable/c/8e60615e8932167057b363c11a7835da7f007106 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21640 – sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy
https://notcve.org/view.php?id=CVE-2025-21640
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1] using... • https://git.kernel.org/stable/c/3c68198e75111a905ac2412be12bf7b29099729b •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21639 – sctp: sysctl: rto_min/max: avoid using current->nsproxy
https://notcve.org/view.php?id=CVE-2025-21639
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rto_min/max: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1] using acc... • https://git.kernel.org/stable/c/4f3fdf3bc59cafd14c3bc2c2369efad34c7aa8b5 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21638 – sctp: sysctl: auth_enable: avoid using current->nsproxy
https://notcve.org/view.php?id=CVE-2025-21638
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: auth_enable: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1] using acc... • https://git.kernel.org/stable/c/b14878ccb7fac0242db82720b784ab62c467c0dc •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21637 – sctp: sysctl: udp_port: avoid using current->nsproxy
https://notcve.org/view.php?id=CVE-2025-21637
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udp_port: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1] using acct(2... • https://git.kernel.org/stable/c/046c052b475e7119b6a30e3483e2888fc606a2f8 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21636 – sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy
https://notcve.org/view.php?id=CVE-2025-21636
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1... • https://git.kernel.org/stable/c/d1e462a7a5f359cbb9a0e8fbfafcfb6657034105 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21635 – rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
https://notcve.org/view.php?id=CVE-2025-21635
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the reader's/writer's netns vs only from the opener's netns. - current->nsproxy can be NULL in some cases, resulting in an 'Oops' (null-ptr-deref), e.g. when the current task is exiting, as spotted by syzbot [1] u... • https://git.kernel.org/stable/c/c6a58ffed53612be86b758df1cdb0b0f4305e9cb •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21634 – cgroup/cpuset: remove kernfs active break
https://notcve.org/view.php?id=CVE-2025-21634
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID: 3486953 Comm: rmdir Kdump: loaded Tainted: G RIP: 0010:kernfs_should_drain_open_files+0x1a1/0x1b0 RSP: 0018:ffff8881107ef9e0 EFLAGS: 00010202 RAX: 0000000080000002 RBX: ffff888154738c00 RCX: dffffc0000000000 RDX: 0000000000000007 RSI: 0000000000000004 RDI: ffff888154738c04 RBP: ffff888154738c04 R08: ffffffffaf27f... • https://git.kernel.org/stable/c/76bb5ab8f6e3e7bebdcefec4146ff305e7d0b465 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-57857 – RDMA/siw: Remove direct link to net_device
https://notcve.org/view.php?id=CVE-2024-57857
15 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Remove direct link to net_device Do not manage a per device direct link to net_device. Rely on associated ib_devices net_device management, not doubling the effort locally. A badly managed local link to net_device was causing a 'KASAN: slab-use-after-free' exception during siw_query_port() call. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/siw: eliminar el enlace directo a net_device No administrar un en... • https://git.kernel.org/stable/c/bdcf26bf9b3acb03c8f90387cfc6474fc8ac5521 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-57841 – net: fix memory leak in tcp_conn_request()
https://notcve.org/view.php?id=CVE-2024-57841
15 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in tcp_conn_request() If inet_csk_reqsk_queue_hash_add() return false, tcp_conn_request() will return without free the dst memory, which allocated in af_ops->route_req. Here is the kmemleak stack: unreferenced object 0xffff8881198631c0 (size 240): comm "softirq", pid 0, jiffies 4299266571 (age 1802.392s) hex dump (first 32 bytes): 00 10 9b 03 81 88 ff ff 80 98 da bc ff ff ff ff ................ 81 55 18 bb ff ff ff ff 0... • https://git.kernel.org/stable/c/527bec1f56ac7a2fceb8eb77eb0fc2678ecba394 •