CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38296 – ACPI: platform_profile: Avoid initializing on non-ACPI platforms
https://notcve.org/view.php?id=CVE-2025-38296
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: platform_profile: Avoid initializing on non-ACPI platforms The platform profile driver is loaded even on platforms that do not have ACPI enabled. ... • https://git.kernel.org/stable/c/77be5cacb2c2d8c3ddd069f0b4e9408f553af1d8 •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2025-38295 – perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create()
https://notcve.org/view.php?id=CVE-2025-38295
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create() The Amlogic DDR PMU driver meson_ddr_pmu_create() function incorrectly uses smp_processor_id(), which assumes disabled preemption. In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create() The Amlogic DDR PMU driver meson_ddr_pmu_... • https://git.kernel.org/stable/c/2016e2113d35ba06866961a39e9a9c822f2ffabd •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38294 – wifi: ath12k: fix NULL access in assign channel context handler
https://notcve.org/view.php?id=CVE-2025-38294
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix NULL access in assign channel context handler Currently, when ath12k_mac_assign_vif_to_vdev() fails, the radio handle (ar) gets accessed from the link VIF handle (arvif) for debug logging, This is incorrect. ... Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1 Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3 In the Linux kernel, the following vulnerabili... • https://git.kernel.org/stable/c/90570ba4610bdb1db39ef45f2b271a9f89680a9d •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2025-38293 – wifi: ath11k: fix node corruption in ar->arvifs list
https://notcve.org/view.php?id=CVE-2025-38293
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath11k_core_halt() only reinitializes the "arvifs" list head. ... Tested-on: QCA6698AQ hw2.1 PCI WLAN.HSP.1.1-04591-QCAHSPSWPL_V1_V2_SILICONZ_IOE-1 In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath11k_core_halt() only reinitialize... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38292 – wifi: ath12k: fix invalid access to memory
https://notcve.org/view.php?id=CVE-2025-38292
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean is_continuation is part of rxcb. In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean is_continuation is part of rxcb. • https://git.kernel.org/stable/c/d889913205cf7ebda905b1e62c5867ed4e39f6c2 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38291 – wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash
https://notcve.org/view.php?id=CVE-2025-38291
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash Currently, we encounter the following kernel call trace when a firmware crash occurs. ... __sys_sendmsg+0x7a/0xc0 Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash Currently, we encounter... • https://git.kernel.org/stable/c/a9b46dd2e483bf99fa09e6aeea7701960abaa902 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-38290 – wifi: ath12k: fix node corruption in ar->arvifs list
https://notcve.org/view.php?id=CVE-2025-38290
10 Jul 2025 — Call trace: __list_del_entry_valid_or_report+0xd4/0x100 (P) ath12k_mac_remove_link_interface.isra.0+0xf8/0x2e4 [ath12k] ath12k_scan_vdev_clean_work+0x40/0x164 [ath12k] cfg80211_wiphy_work+0xfc/0x100 process_one_work+0x164/0x2d0 worker_thread+0x254/0x380 kthread+0xfc/0x100 ret_from_fork+0x10/0x20 The change is mostly copied from the ath11k patch: https://lore.kernel.org/all/20250320053145.3445187-1-quic_stonez@quicinc.com/ Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1 In the Linux... • https://git.kernel.org/stable/c/d889913205cf7ebda905b1e62c5867ed4e39f6c2 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38289 – scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk
https://notcve.org/view.php?id=CVE-2025-38289
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk Smatch detected a potential use-after-free of an ndlp oject in dev_loss_tmo_callbk during driver unload or fatal error handling. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk Smatch detected a potential use-after-free of an ndlp oject in dev_loss_tmo_callbk during d... • https://git.kernel.org/stable/c/e4913d4bc59227fbdfe6b8f5541f49aaea1cb41c •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38288 – scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels
https://notcve.org/view.php?id=CVE-2025-38288
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels Correct kernel call trace when calling smp_processor_id() when called in preemptible kernels by using raw_smp_processor_id(). In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels Correct kernel call trace when calling smp_processor_id() when called in preemptible ker... • https://git.kernel.org/stable/c/283dcc1b142ebd60786f8f5e3fbbd53a51035739 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38287 – IB/cm: Drop lockdep assert and WARN when freeing old msg
https://notcve.org/view.php?id=CVE-2025-38287
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cm_id has advanced to another message. ... In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cm_id has advanced to another message. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/1e5159219076ddb2e44338c667c83fd1bd43dfef •