CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53448 – fbdev: imxfb: Removed unneeded release_mem_region
https://notcve.org/view.php?id=CVE-2023-53448
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded release_mem_region Remove unnecessary release_mem_region from the error path to prevent mem region from being released twice, which could avoid resource leak or other unexpected issues. In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded release_mem_region Remove unnecessary release_mem_region from the error path to prevent mem region from being released twice, wh... • https://git.kernel.org/stable/c/b083c22d51148f3d3028291343196471be5d9f36 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50424 – wifi: mt76: mt7921: resource leaks at mt7921_check_offload_capability()
https://notcve.org/view.php?id=CVE-2022-50424
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: resource leaks at mt7921_check_offload_capability() Fixed coverity issue with resource leaks at variable "fw" going out of scope leaks the storage it points to mt7921_check_offload_capability(). Addresses-Coverity-ID: 1527806 ("Resource leaks") In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: resource leaks at mt7921_check_offload_capability() Fixed coverity issue with resource leak... • https://git.kernel.org/stable/c/034ae28b56f13dc1f2beb3fa294b455f57ede9cb •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-39927 – ceph: fix race condition validating r_parent before applying state
https://notcve.org/view.php?id=CVE-2025-39927
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ceph: fix race condition validating r_parent before applying state Add validation to ensure the cached parent directory inode matches the directory info in MDS replies. This prevents client-side race conditions where concurrent operations (e.g. rename) cause r_parent to become stale between request initiation and reply processing, which could lead to applying state changes to incorrect directory inodes. [ idryomov: folded a kerneldoc fixup ... • https://git.kernel.org/stable/c/9030aaf9bf0a1eee47a154c316c789e959638b0f • CWE-364: Signal Handler Race Condition •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-39925 – can: j1939: implement NETDEV_UNREGISTER notification handler
https://notcve.org/view.php?id=CVE-2025-39925
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEV_UNREGISTER notification handler syzbot is reporting unregister_netdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEV_UNREGISTER notification handler for undoing changes made by j1939_sk_bind(). Commit 25fe97cb7620 ("can: j1939: move j1939_priv_put() into sk_destruct callback") expects that a call to j1939_priv_put() can be unconditionally delayed until j1939... • https://git.kernel.org/stable/c/9d71dd0c70099914fcd063135da3c580865e924c •
CVSS: 6.6EPSS: 0%CPEs: 11EXPL: 0CVE-2025-39923 – dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees
https://notcve.org/view.php?id=CVE-2025-39923
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees When we don't have a clock specified in the device tree, we have no way to ensure the BAM is on. This is often the case for remotely-controlled or remotely-powered BAM instances. In this case, we need to read num-channels from the DT to have all the necessary information to complete probing. However, at the moment invalid device trees without clock and without num-channels... • https://git.kernel.org/stable/c/48d163b1aa6e7f650c0b7a4f9c61c387a6def868 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-39920 – pcmcia: Add error handling for add_interval() in do_validate_mem()
https://notcve.org/view.php?id=CVE-2025-39920
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: pcmcia: Add error handling for add_interval() in do_validate_mem() In the do_validate_mem(), the call to add_interval() does not handle errors. If kmalloc() fails in add_interval(), it could result in a null pointer being inserted into the linked list, leading to illegal memory access when sub_interval() is called next. This patch adds an error handling for the add_interval(). If add_interval() returns an error, the function will return ear... • https://git.kernel.org/stable/c/7b4884ca8853a638df0eb5d251d80d67777b8b1a •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-39916 – mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters()
https://notcve.org/view.php?id=CVE-2025-39916
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() When creating a new scheme of DAMON_RECLAIM, the calculation of 'min_age_region' uses 'aggr_interval' as the divisor, which may lead to division-by-zero errors. Fix it by directly returning -EINVAL when such a case occurs. In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() Whe... • https://git.kernel.org/stable/c/f5a79d7c0c87c8d88bb5e3f3c898258fdf1b3b05 •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2025-39914 – tracing: Silence warning when chunk allocation fails in trace_pid_write
https://notcve.org/view.php?id=CVE-2025-39914
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Silence warning when chunk allocation fails in trace_pid_write Syzkaller trigger a fault injection warning: WARNING: CPU: 1 PID: 12326 at tracepoint_add_func+0xbfc/0xeb0 Modules linked in: CPU: 1 UID: 0 PID: 12326 Comm: syz.6.10325 Tainted: G U 6.14.0-rc5-syzkaller #0 Tainted: [U]=USER Hardware name: Google Compute Engine/Google Compute Engine RIP: 0010:tracepoint_add_func+0xbfc/0xeb0 kernel/tracepoint.c:294 Code: 09 fe ff 90 0f 0b... • https://git.kernel.org/stable/c/8d6e90983ade25ec7925211ac31d9ccaf64b7edf •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 1CVE-2025-39913 – tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork.
https://notcve.org/view.php?id=CVE-2025-39913
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. syzbot reported the splat below. [0] The repro does the following: 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(msg, cork_bytes) 2. Attach the prog to a SOCKMAP 3. Add a socket to the SOCKMAP 4. Activate fault injection 5. • https://packetstorm.news/files/id/210539 •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2025-39911 – i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path
https://notcve.org/view.php?id=CVE-2025-39911
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path If request_irq() in i40e_vsi_request_irq_msix() fails in an iteration later than the first, the error path wants to free the IRQs requested so far. However, it uses the wrong dev_id argument for free_irq(), so it does not free the IRQs correctly and instead triggers the warning: Trying to free already-free IRQ 173 WARNING: CPU: 25 PID: 1091 at kernel/irq/manage.c:1829 __free_irq+... • https://git.kernel.org/stable/c/493fb30011b3ab5173cef96f1d1ce126da051792 •