CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38044 – media: cx231xx: set device_caps for 417
https://notcve.org/view.php?id=CVE-2025-38044
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set device_caps for 417 The video_device for the MPEG encoder did not set device_caps. Add this, otherwise the video device can't be registered (you get a WARN_ON instead). Not seen before since currently 417 support is disabled, but I found this while experimenting with it. In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set device_caps for 417 The video_device for the MPEG encoder did no... • https://git.kernel.org/stable/c/2ad41beb7df3bd63b209842d16765ec59dafe6e4 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38041 – clk: sunxi-ng: h616: Reparent GPU clock during frequency changes
https://notcve.org/view.php?id=CVE-2025-38041
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparent GPU clock during frequency changes The H616 manual does not state that the GPU PLL supports dynamic frequency configuration, so we must take extra care when changing the frequency. Currently any attempt to do device DVFS on the GPU lead to panfrost various ooops, and GPU hangs. The manual describes the algorithm for changing the PLL frequency, which the CPU PLL notifier code already support, so we reuse that to... • https://git.kernel.org/stable/c/1439673b78185eaaa5fae444b3a9d58c434ee78e •
CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38040 – serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
https://notcve.org/view.php?id=CVE-2025-38040
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs The following splat has been observed on a SAMA5D27 platform using atmel_serial: BUG: sleeping function called from invalid context at kernel/irq/manage.c:738 in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0 preempt_count: 1, expected: 0 INFO: lockdep is turned off. irq event stamp: 0 hardirqs last enabled at (0): [<00000000>] 0x0 hardirqs last di... • https://git.kernel.org/stable/c/68435c1fa3db696db4f480385db9e50e26691d0d •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-38039 – net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled
https://notcve.org/view.php?id=CVE-2025-38039
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled When attempting to enable MQPRIO while HTB offload is already configured, the driver currently returns `-EINVAL` and triggers a `WARN_ON`, leading to an unnecessary call trace. Update the code to handle this case more gracefully by returning `-EOPNOTSUPP` instead, while also providing a helpful user message. In the Linux kernel, the following vulnerability has been re... • https://git.kernel.org/stable/c/090c0ba179eaf7b670e720aa054533756a43d565 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38037 – vxlan: Annotate FDB data races
https://notcve.org/view.php?id=CVE-2025-38037
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: vxlan: Annotate FDB data races The 'used' and 'updated' fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to reports such as [1]. Can be reproduced using [2]. Suppress these reports by annotating these accesses using READ_ONCE() / WRITE_ONCE(). [1] BUG: KCSAN: data-race in vxlan_xmit / vxlan_xmit write to 0xffff942604d263a8 of 8 bytes by task 286 on cpu 0: vxlan_xmit+0xb29/0x2380 dev_hard_start_xmit... • https://git.kernel.org/stable/c/02a33b1035a307453a1da6ce0a1bf3676be287d7 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38034 – btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref
https://notcve.org/view.php?id=CVE-2025-38034
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref btrfs_prelim_ref() calls the old and new reference variables in the incorrect order. This causes a NULL pointer dereference because oldref is passed as NULL to trace_btrfs_prelim_ref_insert(). Note, trace_btrfs_prelim_ref_insert() is being called with newref as oldref (and oldref as NULL) on purpose in order to print out the values of newref. To reproduce: echo 1 > /sys/k... • https://git.kernel.org/stable/c/5755b6731655e248c4f1d52a2e1b18795b4a2a3a •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38024 – RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug
https://notcve.org/view.php?id=CVE-2025-38024
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38011 – drm/amdgpu: csa unmap use uninterruptible lock
https://notcve.org/view.php?id=CVE-2025-38011
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to unmap csa and free GPU vm, if signal is accepted and then waiting to take vm lock is interrupted and return, it causes memory leaking and below warning backtrace. Change to use uninterruptible wait lock fix the issue. WARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525 amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu] Call Trace:
CVSS: 6.4EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38004 – can: bcm: add locking for bcm_op runtime updates
https://notcve.org/view.php?id=CVE-2025-38004
08 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcm_op runtime updates The CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the 'currframe' counter is then set to zero. Although this appeared to be a safe operation the updates of 'currframe' can be triggered from user space and hrtimer context in bcm_can_tx(). Anderson Nascimento created a p... • https://git.kernel.org/stable/c/ffd980f976e7fd666c2e61bf8ab35107efd11828 •
CVSS: 6.4EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38000 – sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
https://notcve.org/view.php?id=CVE-2025-38000
06 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and sch->qstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may trigger an immediate dequeue and potential packet drop. In such cases, qdisc_tree_reduce_backlog() is called, but the HFSC qdisc's qlen and backlog have not ... • https://git.kernel.org/stable/c/12d0ad3be9c3854e52ec74bb83bb6f43612827c7 •