CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58055 – usb: gadget: f_tcm: Don't free command immediately
https://notcve.org/view.php?id=CVE-2024-58055
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free the command. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the command. • https://git.kernel.org/stable/c/cff834c16d23d614388aab1b86d19eb67b3f80c4 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58054 – staging: media: max96712: fix kernel oops when removing module
https://notcve.org/view.php?id=CVE-2024-58054
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following kernel oops is thrown when trying to remove the max96712 module: Unable to handle kernel paging request at virtual address 00007375746174db Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: level 0 translation fault Data abort info: ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 CM = 0, ... • https://git.kernel.org/stable/c/5814f32fef137e34577c4f053272c53e7ca33cd9 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-58053 – rxrpc: Fix handling of received connection abort
https://notcve.org/view.php?id=CVE-2024-58053
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix handling of received connection abort Fix the handling of a connection abort that we've received. Though the abort is at the connection level, it needs propagating to the calls on that connection. Whilst the propagation bit is performed, the calls aren't then woken up to go and process their termination, and as no further input is forthcoming, they just hang. Also add some tracing for the logging of connection aborts. En el kerne... • https://git.kernel.org/stable/c/248f219cb8bcbfbd7f132752d44afa2df7c241d1 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58052 – drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table
https://notcve.org/view.php?id=CVE-2024-58052
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_table() does not check the return value of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to retrieve SMU_Info table, it returns NULL which is later dereferenced. Found by Linux Verification Center (linuxtesting.org) with SVACE. In practice this should never happen as this code only gets called on p... • https://git.kernel.org/stable/c/a23eefa2f4615af91ea496ca5b55c9e7c6fa934c •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58051 – ipmi: ipmb: Add check devm_kasprintf() returned value
https://notcve.org/view.php?id=CVE-2024-58051
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipmi: ipmb: Agregar verificación del valor devuelto por devm_kasprintf() devm_kasprintf() puede devolver un puntero NULL en caso de error, pero este valor devuelto no se verifica. In the Linux kernel, the following vulnerability ... • https://git.kernel.org/stable/c/51bd6f291583684f495ea498984dfc22049d7fd2 •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49733 – ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
https://notcve.org/view.php?id=CVE-2022-49733
02 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC There is a small race window at snd_pcm_oss_sync() that is called from OSS PCM SNDCTL_DSP_SYNC ioctl; namely the function calls snd_pcm_oss_make_ready() at first, then takes the params_lock mutex for the rest. When the stream is set up again by another thread between them, it leads to inconsistency, and may result in unexpected results such as NULL dereference of OSS buffer as a fuzzer spotted rec... • https://git.kernel.org/stable/c/4051324a6dafd7053c74c475e80b3ba10ae672b0 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21824 – gpu: host1x: Fix a use of uninitialized mutex
https://notcve.org/view.php?id=CVE-2025-21824
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 ("gpu: host1x: Fix boot regression for Tegra") caused a use of uninitialized mutex leading to below warning when CONFIG_DEBUG_MUTEXES and CONFIG_DEBUG_LOCK_ALLOC are enabled. [ 41.662843] ------------[ cut here ]------------ [ 41.663012] DEBUG_LOCKS_WARN_ON(lock->magic != lock) [ 41.663035] WARNING: CPU: 4 PID: 794 at kernel/locking/mutex.c:587 __mutex_lock+0x670/0x878 [ 41.6... • https://git.kernel.org/stable/c/c8347f915e6779f6c861e7a041adf3559d51b363 •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21823 – batman-adv: Drop unmanaged ELP metric worker
https://notcve.org/view.php?id=CVE-2025-21823
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require locks which might need to sleep. This sleep is incompatible with the RCU list iterator used for the recorded neighbors. The initial approach to work around of this problem was to queue another work item per neighbor and then run this in a new context. Even w... • https://git.kernel.org/stable/c/c833484e5f3872a38fe232c663586069d5ad9645 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21822 – ptp: vmclock: Set driver data before its usage
https://notcve.org/view.php?id=CVE-2025-21822
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Set driver data before its usage If vmclock_ptp_register() fails during probing, vmclock_remove() is called to clean up the ptp clock and misc device. It uses dev_get_drvdata() to access the vmclock state. However the driver data is not yet set at this point. Assign the driver data earlier. In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Set driver data before its usage If vmclock_ptp_register... • https://git.kernel.org/stable/c/20503272422693d793b84f88bf23fe4e955d3a33 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21821 – fbdev: omap: use threaded IRQ for LCD DMA
https://notcve.org/view.php?id=CVE-2025-21821
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2 Hardware name: Nokia 770 Call trace: unwind_backtrace from show_stack+0x10/0x14 show_stack fro... • https://git.kernel.org/stable/c/7bbbd311dd503653a2cc86d9226740883051dc92 •