CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37940 – ftrace: Add cond_resched() to ftrace_graph_set_hash()
https://notcve.org/view.php?id=CVE-2025-37940
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Add cond_resched() to ftrace_graph_set_hash() When the kernel contains a large number of functions that can be traced, the loop in ftrace_graph_set_hash() may take a lot of time to execute. This may trigger the softlockup watchdog. Add cond_resched() within the loop to allow the kernel to remain responsive even when processing a large number of functions. This matches the cond_resched() that is used in other locations of the code th... • https://git.kernel.org/stable/c/b9b0c831bed2682c2e3e9f5420fb6985549ef020 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37939 – libbpf: Fix accessing BTF.ext core_relo header
https://notcve.org/view.php?id=CVE-2025-37939
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext core_relo header Update btf_ext_parse_info() to ensure the core_relo header is present before reading its fields. This avoids a potential buffer read overflow reported by the OSS Fuzz project. In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext core_relo header Update btf_ext_parse_info() to ensure the core_relo header is present before reading its fields. This avoi... • https://git.kernel.org/stable/c/cf579164e9ea9cd41c7c1da931683a319d224890 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37938 – tracing: Verify event formats that have "%*p.."
https://notcve.org/view.php?id=CVE-2025-37938
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%*p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. If an event references data that was allocated when the event triggered and that same data is freed before the event is read, then the kernel can crash by reading freed memory. The verifier runs at boot up (or modul... • https://git.kernel.org/stable/c/5013f454a352cce8e62162976026a9c472595e42 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37937 – objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()
https://notcve.org/view.php?id=CVE-2025-37937
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() If dib8000_set_dds()'s call to dib8000_read32() returns zero, the result is a divide-by-zero. Prevent that from happening. Fixes the following warning with an UBSAN kernel: drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx() In the Linux kernel, the following vulnerability has been resolved: objtool, m... • https://git.kernel.org/stable/c/173a64cb3fcff1993b2aa8113e53fd379f6a968f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37936 – perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value.
https://notcve.org/view.php?id=CVE-2025-37936
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value. When generating the MSR_IA32_PEBS_ENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PEBS_ENABLE value. Consulting only the host kernel's host vs. guest masks results in running the guest with PEBS enabled even when the guest doesn't want to use PEBS. Because KVM uses perf events to proxy the guest virtual PMU, simply l... • https://git.kernel.org/stable/c/c59a1f106f5cd4843c097069ff1bb2ad72103a67 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-37935 – net: ethernet: mtk_eth_soc: fix SER panic with 4GB+ RAM
https://notcve.org/view.php?id=CVE-2025-37935
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix SER panic with 4GB+ RAM If the mtk_poll_rx() function detects the MTK_RESETTING flag, it will jump to release_desc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtk_rx_clean will process an incorrect SDP, leading to a panic. Add patch from MediaTek's SDK to resolve this. In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix SER panic with 4GB+ ... • https://git.kernel.org/stable/c/2d75891ebc09ba9cf30697dfd54497ef0220308f •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37934 – ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction
https://notcve.org/view.php?id=CVE-2025-37934
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction Actually check if the passed pointers are valid, before writing to them. This also fixes a USBAN warning: UBSAN: invalid-load in ../sound/soc/fsl/imx-card.c:687:25 load of value 255 is not a valid value for type '_Bool' This is because playback_only is uninitialized and is not written to, as the playback-only property is absent. In the Linux kernel, the following ... • https://git.kernel.org/stable/c/844de7eebe97a1c277f8a408457712086c957195 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-37933 – octeon_ep: Fix host hang issue during device reboot
https://notcve.org/view.php?id=CVE-2025-37933
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix host hang issue during device reboot When the host loses heartbeat messages from the device, the driver calls the device-specific ndo_stop function, which frees the resources. If the driver is unloaded in this scenario, it calls ndo_stop again, attempting to free resources that have already been freed, leading to a host hang issue. To resolve this, dev_close should be called instead of the device-specific stop function.dev_cl... • https://git.kernel.org/stable/c/5cb96c29aa0ea359e4f5d30585538dc6a847d69d •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37932 – sch_htb: make htb_qlen_notify() idempotent
https://notcve.org/view.php?id=CVE-2025-37932
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qlen_notify() always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life. In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_qlen_notify() idempotent htb_qle... • https://git.kernel.org/stable/c/73cf6af13153d62f9b76eff422eea79dbc70f15e •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37931 – btrfs: adjust subpage bit start based on sectorsize
https://notcve.org/view.php?id=CVE-2025-37931
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing tree log corruption in production. This turned out to be because we were not writing out dirty blocks sometimes, so this in fact affects all metadata writes. When writing out a subpage EB we scan the subpage bitmap for a dirty range. If the range isn't dirty we do bit_start++; to move onto the next bit. The probl... • https://git.kernel.org/stable/c/c4aec299fa8f73f0fd10bc556f936f0da50e3e83 •