CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-37846 – arm64: mops: Do not dereference src reg for a set operation
https://notcve.org/view.php?id=CVE-2025-37846
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: arm64: mops: Do not dereference src reg for a set operation The source register is not used for SET* and reading it can result in a UBSAN out-of-bounds array access error, specifically when the MOPS exception is taken from a SET* sequence with XZR (reg 31) as the source. Architecturally this is the only case where a src/dst/size field in the ESR can be reported as 31. Prior to 2de451a329cf662b the code in do_el0_mops() was benign as the use... • https://git.kernel.org/stable/c/2de451a329cf662beeba71f63c7f83ee24ca6642 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-37845 – tracing: fprobe events: Fix possible UAF on modules
https://notcve.org/view.php?id=CVE-2025-37845
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 ("tracing: tprobe-events: Fix leakage of module refcount") moved try_module_get() from __find_tracepoint_module_cb() to find_tracepoint() caller, but that introduced a possible UAF because the module can be unloaded before try_module_get(). In this case, the module object should be freed too. Thus, try_module_get() does not only fail but may access to the freed object. ... • https://git.kernel.org/stable/c/71c9cf87776eaa556fc0a0a060df94200e1f521c •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2025-37844 – cifs: avoid NULL pointer dereference in dbg call
https://notcve.org/view.php?id=CVE-2025-37844
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE. • https://git.kernel.org/stable/c/e79b0332ae06b4895dcecddf4bbc5d3917e9383c •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-37843 – PCI: pciehp: Avoid unnecessary device replacement check
https://notcve.org/view.php?id=CVE-2025-37843
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement check Hot-removal of nested PCI hotplug ports suffers from a long-standing race condition which can lead to a deadlock: A parent hotplug port acquires pci_lock_rescan_remove(), then waits for pciehp to unbind from a child hotplug port. Meanwhile that child hotplug port tries to acquire pci_lock_rescan_remove() as well in order to remove its own children. The deadlock only occurs if the paren... • https://git.kernel.org/stable/c/9d573d19547b3fae0c1d4e5fce52bdad3fda3664 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2025-37842 – spi: fsl-qspi: use devm function instead of driver remove
https://notcve.org/view.php?id=CVE-2025-37842
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: use devm function instead of driver remove Driver use devm APIs to manage clk/irq/resources and register the spi controller, but the legacy remove function will be called first during device detach and trigger kernel panic. Drop the remove function and use devm_add_action_or_reset() for driver cleanup to ensure the release sequence. Trigger kernel panic on i.MX8MQ by echo 30bb0000.spi >/sys/bus/platform/drivers/fsl-quadspi/un... • https://git.kernel.org/stable/c/8fcb830a00f0980ffe38d223cdd9a4d2d24da476 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2025-37841 – pm: cpupower: bench: Prevent NULL dereference on malloc failure
https://notcve.org/view.php?id=CVE-2025-37841
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: pm: cpupower: bench: Prevent NULL dereference on malloc failure If malloc returns NULL due to low memory, 'config' pointer can be NULL. Add a check to prevent NULL dereference. • https://git.kernel.org/stable/c/34a9394794b0f97af6afedc0c9ee2012c24b28ed •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2025-37840 – mtd: rawnand: brcmnand: fix PM resume warning
https://notcve.org/view.php?id=CVE-2025-37840
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: fix PM resume warning Fixed warning on PM resume as shown below caused due to uninitialized struct nand_operation that checks chip select field : WARN_ON(op->cs >= nanddev_ntargets(&chip->base) [ 14.588522] ------------[ cut here ]------------ [ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8 [ 14.588553] Modules linked in: bdc udc_core [ 14.588579] CPU: 0 UID: 0... • https://git.kernel.org/stable/c/97d90da8a886949f09bb4754843fb0b504956ad2 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2025-37839 – jbd2: remove wrong sb->s_sequence check
https://notcve.org/view.php?id=CVE-2025-37839
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb->s_sequence check Journal emptiness is not determined by sb->s_sequence == 0 but rather by sb->s_start == 0 (which is set a few lines above). Furthermore 0 is a valid transaction ID so the check can spuriously trigger. Remove the invalid WARN_ON. • https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2025-37837 – iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()
https://notcve.org/view.php?id=CVE-2025-37837
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() Two WARNINGs are observed when SMMU driver rolls back upon failure: arm-smmu-v3.9.auto: Failed to register iommu arm-smmu-v3.9.auto: probe with driver arm-smmu-v3 failed with error -22 ------------[ cut here ]------------ WARNING: CPU: 5 PID: 1 at kernel/dma/mapping.c:74 dmam_free_coherent+0xc0/0xd8 Call trace: dmam_free_coherent+0xc0/0xd8 (P) tegra241_vintf_free_lvcmdq+0x74/0x1... • https://git.kernel.org/stable/c/483e0bd8883a40fd3dd3193997a4014337698d72 •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2025-37836 – PCI: Fix reference leak in pci_register_host_bridge()
https://notcve.org/view.php?id=CVE-2025-37836
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reference leak in pci_register_host_bridge() If device_register() fails, call put_device() to give up the reference to avoid a memory leak, per the comment at device_register(). Found by code review. [bhelgaas: squash Dan Carpenter's double free fix from https://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain] • https://git.kernel.org/stable/c/37d6a0a6f4700ad3ae7bbf8db38b4557e97b3fe4 •