CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2025-37833 – net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads
https://notcve.org/view.php?id=CVE-2025-37833
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads Fix niu_try_msix() to not cause a fatal trap on sparc systems. Set PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to work around a bug in the hardware or firmware. For each vector entry in the msix table, niu chips will cause a fatal trap if any registers in that entry are read before that entries' ENTRY_DATA register is written to. Testing indicates writ... • https://git.kernel.org/stable/c/7d5ec3d3612396dc6d4b76366d20ab9fc06f399f •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-37831 – cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()
https://notcve.org/view.php?id=CVE-2025-37831
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. apple_soc_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() cpufreq_cpu_get_raw() can retur... • https://git.kernel.org/stable/c/6286bbb40576ffadfde206c332b61345c19af57f •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37830 – cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
https://notcve.org/view.php?id=CVE-2025-37830
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. scmi_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference. Add NULL check after cpufreq_cpu_get_raw() to prevent this issue. In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_g... • https://git.kernel.org/stable/c/99d6bdf3387734d75e3e34e94a58b8a355b7a9c8 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-37829 – cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
https://notcve.org/view.php?id=CVE-2025-37829
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. scpi_cpufreq_get_rate() does not check for this case, which results in a NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CP... • https://git.kernel.org/stable/c/343a8d17fa8d6dd97f408e8fedbcef12073f3774 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-37828 – scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
https://notcve.org/view.php?id=CVE-2025-37828
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort() A race can occur between the MCQ completion path and the abort handler: once a request completes, __blk_mq_free_request() sets rq->mq_hctx to NULL, meaning the subsequent ufshcd_mcq_req_to_hwq() call in ufshcd_mcq_abort() can return a NULL pointer. If this NULL pointer is dereferenced, the kernel will crash. Add a NULL check for the returned hwq pointer. If hwq is NULL, log an error and r... • https://git.kernel.org/stable/c/f1304d4420777f82a1d844c606db3d9eca841765 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37826 – scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer()
https://notcve.org/view.php?id=CVE-2025-37826
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer() Add a NULL check for the returned hwq pointer by ufshcd_mcq_req_to_hwq(). This is similar to the fix in commit 74736103fb41 ("scsi: ufs: core: Fix ufshcd_abort_one racing issue"). In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer() Add a NULL check for the returned hwq pointer by ufshc... • https://git.kernel.org/stable/c/ab248643d3d68b30f95ee9c238a5a20a06891204 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37824 – tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
https://notcve.org/view.php?id=CVE-2025-37824
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() syzbot reported: tipc: Node number set to 1055423674 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] CPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q... • https://git.kernel.org/stable/c/28845c28f842e9e55e75b2c116bff714bb039055 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-37823 – net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
https://notcve.org/view.php?id=CVE-2025-37823
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer. In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37822 – riscv: uprobes: Add missing fence.i after building the XOL buffer
https://notcve.org/view.php?id=CVE-2025-37822
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: uprobes: Add missing fence.i after building the XOL buffer The XOL (execute out-of-line) buffer is used to single-step the replaced instruction(s) for uprobes. The RISC-V port was missing a proper fence.i (i$ flushing) after constructing the XOL buffer, which can result in incorrect execution of stale/broken instructions. This was found running the BPF selftests "test_progs: uprobe_autoattach, attach_probe" on the Spacemit K1/X60, wh... • https://git.kernel.org/stable/c/74784081aac8a0f3636965fc230e2d3b7cc123c6 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37820 – xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()
https://notcve.org/view.php?id=CVE-2025-37820
08 May 2025 — In the Linux kernel, the following vulnerability has been resolved: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() The function xdp_convert_buff_to_frame() may return NULL if it fails to correctly convert the XDP buffer into an XDP frame due to memory constraints, internal errors, or invalid data. Failing to check for NULL may lead to a NULL pointer dereference if the result is used later in processing, potentially causing crashes, data corruption, or undefined behavior. On XDP redirect f... • https://git.kernel.org/stable/c/6c5aa6fc4defc2a0977a2c59e4710d50fa1e834c •