CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38638 – ipv6: add a retry logic in net6_rt_notify()
https://notcve.org/view.php?id=CVE-2025-38638
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6_rt_notify() inet6_rt_notify() can be called under RCU protection only. This means the route could be changed concurrently and rt6_fill_node() could return -EMSGSIZE. Re-size the skb when this happens and retry, removing one WARN_ON() that syzbot was able to trigger: WARNING: CPU: 3 PID: 6291 at net/ipv6/route.c:6342 inet6_rt_notify+0x475/0x4b0 net/ipv6/route.c:6342 Modules linked in: CPU: 3 UID: 0 PID: 6291 C... • https://git.kernel.org/stable/c/169fd62799e8acabbfb4760799be11138ced949c •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38636 – rv: Use strings in da monitors tracepoints
https://notcve.org/view.php?id=CVE-2025-38636
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: rv: Use strings in da monitors tracepoints Using DA monitors tracepoints with KASAN enabled triggers the following warning: BUG: KASAN: global-out-of-bounds in do_trace_event_raw_event_event_da_monitor+0xd6/0x1a0 Read of size 32 at addr ffffffffaada8980 by task ... Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-38635 – clk: davinci: Add NULL check in davinci_lpsc_clk_register()
https://notcve.org/view.php?id=CVE-2025-38635
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Currently, davinci_lpsc_clk_register() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue and ensuring no resources are left allocated. In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davi... • https://git.kernel.org/stable/c/c6ed4d734bc7f731709dab0ffd69eed499dd5277 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-38634 – power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
https://notcve.org/view.php?id=CVE-2025-38634
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for power_supply_get_by_name In the cpcap_usb_detect() function, the power_supply_get_by_name() function may return `NULL` instead of an error pointer. To prevent potential null pointer dereferences, Added a null check. In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for power_supply_get_by_name In the cpcap_usb_detect() function, t... • https://git.kernel.org/stable/c/eab4e6d953c1059a30ac0f15826abc7dd2374d3c •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38633 – clk: spacemit: mark K1 pll1_d8 as critical
https://notcve.org/view.php?id=CVE-2025-38633
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: mark K1 pll1_d8 as critical The pll1_d8 clock is enabled by the boot loader, and is ultimately a parent for numerous clocks, including those used by APB and AXI buses. Guodong Xu discovered that this clock got disabled while responding to getting -EPROBE_DEFER when requesting a reset controller. The needed clock (CLK_DMA, along with its parents) had already been enabled. To respond to the probe deferral return, the CLK_DMA cl... • https://git.kernel.org/stable/c/1b72c59db0add8e47fa116b21f78ed0b09a264f3 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38632 – pinmux: fix race causing mux_owner NULL with active mux_usecount
https://notcve.org/view.php?id=CVE-2025-38632
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: pinmux: fix race causing mux_owner NULL with active mux_usecount commit 5a3e85c3c397 ("pinmux: Use sequential access to access desc->pinmux data") tried to address the issue when two client of the same gpio calls pinctrl_select_state() for the same functionality, was resulting in NULL pointer issue while accessing desc->mux_owner. However, issue was not completely fixed due to the way it was handled and it can still result in the same NULL ... • https://git.kernel.org/stable/c/2da32aed4a97ca1d70fb8b77926f72f30ce5fb4b •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-38631 – clk: imx95-blk-ctl: Fix synchronous abort
https://notcve.org/view.php?id=CVE-2025-38631
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: imx95-blk-ctl: Fix synchronous abort When enabling runtime PM for clock suppliers that also belong to a power domain, the following crash is thrown: error: synchronous external abort: 0000000096000010 [#1] PREEMPT SMP Workqueue: events_unbound deferred_probe_work_func pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : clk_mux_get_parent+0x60/0x90 lr : clk_core_reparent_orphans_nolock+0x58/0xd8 Call trace: clk_mux_get_... • https://git.kernel.org/stable/c/5224b189462ff70df328f173b71acfd925092c3c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-38630 – fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
https://notcve.org/view.php?id=CVE-2025-38630
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref fb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot allocate a struct fb_modelist. If that happens, the modelist stays empty but the driver continues to register. Add a check for its return value to prevent poteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 ("fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_... • https://git.kernel.org/stable/c/1b6c79361ba5ce30b40f0f7d6fc2421dc5fcbe0c •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38629 – ALSA: usb: scarlett2: Fix missing NULL check
https://notcve.org/view.php?id=CVE-2025-38629
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fix missing NULL check scarlett2_input_select_ctl_info() sets up the string arrays allocated via kasprintf(), but it misses NULL checks, which may lead to NULL dereference Oops. Let's add the proper NULL check. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fix missing NULL check scarlett2_input_select_ctl_info() sets up the string arrays allocated via kasprintf(), but it miss... • https://git.kernel.org/stable/c/8eba063b5b2b498ddd01ea6f29fc9b12368c3d53 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-38628 – vdpa/mlx5: Fix release of uninitialized resources on error path
https://notcve.org/view.php?id=CVE-2025-38628
22 Aug 2025 — In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5_vdpa_free() is the single entrypoint for removing the vdpa device resources added in mlx5_vdpa_dev_add(), even in the cleanup path of mlx5_vdpa_dev_add(). This means that all functions from mlx5_vdpa_free() should be able to handle uninitialized resources. This was not the case though: mlx5_vdpa_destroy_mr_resources() and mlx5_cmd... • https://git.kernel.org/stable/c/83e445e64f48bdae3f25013e788fcf592f142576 •