CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21696 – mm: clear uffd-wp PTE/PMD state on mremap()
https://notcve.org/view.php?id=CVE-2025-21696
12 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mm: clear uffd-wp PTE/PMD state on mremap() When mremap()ing a memory region previously registered with userfaultfd as write-protected but without UFFD_FEATURE_EVENT_REMAP, an inconsistency in flag clearing leads to a mismatch between the vma flags (which have uffd-wp cleared) and the pte/pmd flags (which do not have uffd-wp cleared). This mismatch causes a subsequent mprotect(PROT_WRITE) to trigger a warning in page_table_check_pte_flags()... • https://git.kernel.org/stable/c/63b2d4174c4ad1f40b48d7138e71bcb564c1fe03 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-21694 – fs/proc: fix softlockup in __read_vmcore (part 2)
https://notcve.org/view.php?id=CVE-2025-21694
12 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore (part 2) Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the number of softlockups in __read_vmcore at kdump time have gone down, but they still happen sometimes. In a memory constrained environment like the kdump image, a softlockup is not just a harmless message, but it can interfere with things like RCU freeing memory, causing the crashdump to get stuck. The second loop in _... • https://git.kernel.org/stable/c/803d5a33d5ffdc2d86dcc0cfa01655a330612cdb •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-57951 – hrtimers: Handle CPU state correctly on hotplug
https://notcve.org/view.php?id=CVE-2024-57951
12 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: hrtimers: Handle CPU state correctly on hotplug Consider a scenario where a CPU transitions from CPUHP_ONLINE to halfway through a CPU hotunplug down to CPUHP_HRTIMERS_PREPARE, and then back to CPUHP_ONLINE: Since hrtimers_prepare_cpu() does not run, cpu_base.hres_active remains set to 1 throughout. However, during a CPU unplug operation, the tick and the clockevents are shut down at CPUHP_AP_TICK_DYING. On return to the online state, for i... • https://git.kernel.org/stable/c/54d0d83a53508d687fd4a225f8aa1f18559562d0 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21692 – net: sched: fix ets qdisc OOB Indexing
https://notcve.org/view.php?id=CVE-2025-21692
10 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21690 – scsi: storvsc: Ratelimit warning logs to prevent VM denial of service
https://notcve.org/view.php?id=CVE-2025-21690
10 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preventing troubleshooting from the VM side. Ratelimit the warning so it doesn't DoS the VM. In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there... • https://git.kernel.org/stable/c/81d4dd05c412ba04f9f6b85b718e6da833be290c •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21689 – USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()
https://notcve.org/view.php?id=CVE-2025-21689
10 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() This patch addresses a null-ptr-deref in qt2_process_read_urb() due to an incorrect bounds check in the following: if (newport > serial->num_ports) { dev_err(&port->dev, "%s - port change to invalid port: %i\n", __func__, newport); break; } The condition doesn't account for the valid range of the serial->port buffer, which is from 0 to serial->num_ports - 1. When newport is... • https://git.kernel.org/stable/c/f7a33e608d9ae022b7f49307921627e34e9484ed •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2025-21687 – vfio/platform: check the bounds of read/write syscalls
https://notcve.org/view.php?id=CVE-2025-21687
10 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device. In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be us... • https://git.kernel.org/stable/c/6e3f264560099869f68830cb14b3b3e71e5ac76a •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-57950 – drm/amd/display: Initialize denominator defaults to 1
https://notcve.org/view.php?id=CVE-2024-57950
10 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominator defaults to 1 [WHAT & HOW] Variables, used as denominators and maybe not assigned to other values, should be initialized to non-zero to avoid DIVIDE_BY_ZERO, as reported by Coverity. (cherry picked from commit e2c4c6c10542ccfe4a0830bb6c9fd5b177b7bbb7) In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominator defaults to 1 [WHAT & HOW] Variables, used a... • https://git.kernel.org/stable/c/c9d6afb4f9c338049662d27d169fba7dd60e337d •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52925 – netfilter: nf_tables: don't fail inserts if duplicate has expired
https://notcve.org/view.php?id=CVE-2023-52925
05 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't fail inserts if duplicate has expired nftables selftests fail: run-tests.sh testcases/sets/0044interval_overlap_0 Expected: 0-2 . 0-3, got: W: [FAILED] ./testcases/sets/0044interval_overlap_0: got 1 Insertion must ignore duplicate but expired entries. Moreover, there is a strange asymmetry in nft_pipapo_activate: It refetches the current element, whereas the other ->activate callbacks (bitmap, hash, rhash, rbtree... • https://git.kernel.org/stable/c/bd156ce9553dcaf2d6ee2c825d1a5a1718e86524 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52924 – netfilter: nf_tables: don't skip expired elements during walk
https://notcve.org/view.php?id=CVE-2023-52924
05 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't skip expired elements during walk There is an asymmetry between commit/abort and preparation phase if the following conditions are met: 1. set is a verdict map ("1.2.3.4 : jump foo") 2. timeouts are enabled In this case, following sequence is problematic: 1. element E in set S refers to chain C 2. userspace requests removal of set S 3. kernel does a set walk to decrement chain->use count for all elements from pre... • https://git.kernel.org/stable/c/9d0982927e79049675cb6c6c04a0ebb3dad5a434 •