CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38507 – HID: nintendo: avoid bluetooth suspend/resume stalls
https://notcve.org/view.php?id=CVE-2025-38507
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: avoid bluetooth suspend/resume stalls Ensure we don't stall or panic the kernel when using bluetooth-connected controllers. This was reported as an issue on android devices using kernel 6.6 due to the resume hook which had been added for usb joycons. First, set a new state value to JOYCON_CTLR_STATE_SUSPENDED in a newly-added nintendo_hid_suspend. This makes sure we will not stall out the kernel waiting for input reports duri... • https://git.kernel.org/stable/c/2af16c1f846bd60240745bbd3afa13d5f040c61a •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38506 – KVM: Allow CPU to reschedule while setting per-page memory attributes
https://notcve.org/view.php?id=CVE-2025-38506
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory (1TB+), the host can experience CPU soft lockups when running an operation in kvm_vm_set_mem_attributes() to set memory attributes on the whole range of guest memory. watchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372] CPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.1... • https://git.kernel.org/stable/c/5a475554db1e476a14216e742ea2bdb77362d5d5 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38505 – wifi: mwifiex: discard erroneous disassoc frames on STA interface
https://notcve.org/view.php?id=CVE-2025-38505
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: discard erroneous disassoc frames on STA interface When operating in concurrent STA/AP mode with host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when clients disconnect from the AP interface. This causes kernel warnings as the STA interface processes disconnect events that don't apply to it: [ 1303.240540] WARNING: CPU: 0 PID: 513 at net/wireless/mlme.c:141 cfg80211_process_disasso... • https://git.kernel.org/stable/c/36995892c271cce5e2230bc165a06f109b117222 •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38503 – btrfs: fix assertion when building free space tree
https://notcve.org/view.php?id=CVE-2025-38503
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion when building free space tree When building the free space tree with the block group tree feature enabled, we can hit an assertion failure like this: BTRFS info (device loop0 state M): rebuilding free space tree assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102 ------------[ cut here ]------------ kernel BUG at fs/btrfs/free-space-tree.c:1102! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP Modules li... • https://git.kernel.org/stable/c/7c77df23324f60bcff0ea44392e2c82e9486640c •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38502 – bpf: Fix oob access in cgroup local storage
https://notcve.org/view.php?id=CVE-2025-38502
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a cgroup local storage with a different value size, and one program doing a tail call into the other. The verifier will validate each of the indivial programs just fine. However, in the runtime context the bpf_cg_run_ctx holds an bpf_prog_array_item which contains t... • https://git.kernel.org/stable/c/7d9c3427894fe70d1347b4820476bf37736d2ff0 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-38501 – ksmbd: limit repeated connections from clients with the same IP
https://notcve.org/view.php?id=CVE-2025-38501
16 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated connections from clients with the same IP. In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the ... • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38500 – xfrm: interface: fix use-after-free after changing collect_md xfrm interface
https://notcve.org/view.php?id=CVE-2025-38500
12 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such interfaces. The check to enforce this was done only in the case where the xi was returned from xfrmi_locate() which doesn't look for the collect_md interface, and thus the validation was never reached. Calling changelink would thus erro... • https://git.kernel.org/stable/c/abc340b38ba25cd6c7aa2c0bd9150d30738c82d0 •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2025-38499 – clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns
https://notcve.org/view.php?id=CVE-2025-38499
11 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a result of MNT_LOCKED on a child, but it may also come from lacking admin rights in the userns of the namespace mount belongs to. clone_private_mnt() checks the former, but not the latter. There's a number of rat... • https://git.kernel.org/stable/c/427215d85e8d1476da1a86b8d67aceb485eb3631 •
CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-58238 – Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test
https://notcve.org/view.php?id=CVE-2024-58238
09 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test This fixes the tx timeout issue seen while running a stress test on btnxpuart for couple of hours, such that the interval between two HCI commands coincide with the power save timeout value of 2 seconds. Test procedure using bash script:
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-50233 – Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name}
https://notcve.org/view.php?id=CVE-2022-50233
09 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be truncated or not. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL ter... • https://git.kernel.org/stable/c/dd7b8cdde098cf9f7c8de409b5b7bbb98f97be80 •