CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38302 – block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work
https://notcve.org/view.php?id=CVE-2025-38302
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work Bios queued up in the zone write plug have already gone through all all preparation in the submit_bio path, including the freeze protection. Submitting them through submit_bio_noacct_nocheck duplicates the work and can can cause deadlocks when freezing a queue with pending bio write plugs. Go straight to ->submit_bio or blk_mq_submit_bio to bypass the superfluous extra fr... • https://git.kernel.org/stable/c/9b1ce7f0c6f82e241196febabddba5fab66c8f05 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38301 – nvmem: zynqmp_nvmem: unbreak driver after cleanup
https://notcve.org/view.php?id=CVE-2025-38301
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmp_nvmem: unbreak driver after cleanup Commit 29be47fcd6a0 ("nvmem: zynqmp_nvmem: zynqmp_nvmem_probe cleanup") changed the driver to expect the device pointer to be passed as the "context", but in nvmem the context parameter comes from nvmem_config.priv which is never set - Leading to null pointer exceptions when the device is accessed. In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmp_nvmem: unbre... • https://git.kernel.org/stable/c/29be47fcd6a06ea2e79eeeca6e69ad1e23254a69 •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38300 – crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()
https://notcve.org/view.php?id=CVE-2025-38300
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() Fix two DMA cleanup issues on the error path in sun8i_ce_cipher_prepare(): 1] If dma_map_sg() fails for areq->dst, the device driver would try to free DMA memory it has not allocated in the first place. To fix this, on the "theend_sgs" error path, call dma unmap only if the corresponding dma map was successful. 2] If the dma_map_single() call for the IV fails, the dev... • https://git.kernel.org/stable/c/06f751b613296cc34b86fc83fccaf30d646eb8bc •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38299 – ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY()
https://notcve.org/view.php?id=CVE-2025-38299
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() ETDM2_IN_BE and ETDM1_OUT_BE are defined as COMP_EMPTY(), in the case the codec dai_name will be null. Avoid a crash if the device tree is not assigning a codec to these links. [ 1.179936] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 1.181065] Mem abort info: [ 1.181420] ESR = 0x0000000096000004 [ 1.181892] EC = 0x25: DABT (current EL), IL =... • https://git.kernel.org/stable/c/e70b8dd26711704b1ff1f1b4eb3d048ba69e29da •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2025-38298 – EDAC/skx_common: Fix general protection fault
https://notcve.org/view.php?id=CVE-2025-38298
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: EDAC/skx_common: Fix general protection fault After loading i10nm_edac (which automatically loads skx_edac_common), if unload only i10nm_edac, then reload it and perform error injection testing, a general protection fault may occur: mce: [Hardware Error]: Machine check events logged Oops: general protection fault ... ... Workqueue: events mce_gen_pool_process RIP: 0010:string+0x53/0xe0 ... Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38297 – PM: EM: Fix potential division-by-zero error in em_compute_costs()
https://notcve.org/view.php?id=CVE-2025-38297
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix potential division-by-zero error in em_compute_costs() When the device is of a non-CPU type, table[i].performance won't be initialized in the previous em_init_performance(), resulting in division by zero when calculating costs in em_compute_costs(). Since the 'cost' algorithm is only used for EAS energy efficiency calculations and is currently not utilized by other device drivers, we should add the _is_cpu_device(dev) check to p... • https://git.kernel.org/stable/c/1b600da510735a0f92c8b4140a7e2cb037a6a6c3 •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2025-38295 – perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create()
https://notcve.org/view.php?id=CVE-2025-38295
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create() The Amlogic DDR PMU driver meson_ddr_pmu_create() function incorrectly uses smp_processor_id(), which assumes disabled preemption. This leads to kernel warnings during module loading because meson_ddr_pmu_create() can be called in a preemptible context. Following kernel warning and stack trace: [ 31.745138] [ T2289] BUG: using smp_processor_id() i... • https://git.kernel.org/stable/c/2016e2113d35ba06866961a39e9a9c822f2ffabd •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2025-38293 – wifi: ath11k: fix node corruption in ar->arvifs list
https://notcve.org/view.php?id=CVE-2025-38293
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath11k_core_halt() only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an invalid list node. Because the prev of that node still points to the list head "arvifs", but the next of the list head "arvifs" no longer points to that list node. When a WLAN recovery occurs during the execution o... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38292 – wifi: ath12k: fix invalid access to memory
https://notcve.org/view.php?id=CVE-2025-38292
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean is_continuation is part of rxcb. Currently, after freeing the skb, the rxcb->is_continuation accessed again which is wrong since the memory is already freed. This might lead use-after-free error. Hence, fix by locally defining bool is_continuation from rxcb, so that after freeing skb, is_continuation can be used. Compile tested o... • https://git.kernel.org/stable/c/d889913205cf7ebda905b1e62c5867ed4e39f6c2 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-38290 – wifi: ath12k: fix node corruption in ar->arvifs list
https://notcve.org/view.php?id=CVE-2025-38290
10 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath12k_core_halt() only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an invalid list node. Because the prev of that node still points to the list head "arvifs", but the next of the list head "arvifs" no longer points to that list node. When a WLAN recovery occurs during the execution o... • https://git.kernel.org/stable/c/d889913205cf7ebda905b1e62c5867ed4e39f6c2 •