
CVE-2025-37951 – drm/v3d: Add job to pending list if the reset was skipped
https://notcve.org/view.php?id=CVE-2025-37951
20 May 2025 — If so, instead of resetting the hardware, we skip the reset and let the timer get rearmed. ... If so, instead of resetting the hardware, we skip the reset and let the timer get rearmed. ... Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/5235b56b7e5449d990d21d78723b1a5e7bb5738e •

CVE-2025-37949 – xenbus: Use kref to track req lifetime
https://notcve.org/view.php?id=CVE-2025-37949
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track req lifetime Marek reported seeing a NULL pointer fault in the xenbus_thread callstack: BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: e030:__wake_up_common+0x4c/0x180 Call Trace:

CVE-2025-37948 – arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs
https://notcve.org/view.php?id=CVE-2025-37948
20 May 2025 — Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/8fe5c37b0e08a97cf0210bb75970e945aaaeebab •

CVE-2025-37947 – ksmbd: prevent out-of-bounds stream writes by validating *pos
https://notcve.org/view.php?id=CVE-2025-37947
20 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating *pos ksmbd_vfs_stream_write() did not validate whether the write offset (*pos) was within the bounds of the existing stream data length (v_len). In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating *pos ksmbd_vfs_stream_write() did not validate whether the write offset (*pos) was within the bo... • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf •

CVE-2025-37936 – perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value.
https://notcve.org/view.php?id=CVE-2025-37936
20 May 2025 — Because KVM uses perf events to proxy the guest virtual PMU, simply looking at exclude_host can't differentiate between events created by host userspace, and events created by KVM on behalf of the guest. Running the guest with PEBS unexpectedly enabled typically manifests as crashes due to a near-infinite stream of #PFs. Running the guest with PEBS unexpectedly enabled typically manifests as crashes due to a near-infinite stream of #PFs. ... • https://git.kernel.org/stable/c/c59a1f106f5cd4843c097069ff1bb2ad72103a67 •

CVE-2025-37932 – sch_htb: make htb_qlen_notify() idempotent
https://notcve.org/view.php?id=CVE-2025-37932
20 May 2025 — Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/73cf6af13153d62f9b76eff422eea79dbc70f15e •

CVE-2025-37930 – drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()
https://notcve.org/view.php?id=CVE-2025-37930
20 May 2025 — Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/ea13e5abf807ea912ce84eef6a1946b9a38c6508 •

CVE-2025-37929 – arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays
https://notcve.org/view.php?id=CVE-2025-37929
20 May 2025 — Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/46e22de65eb45a67a68ddfe9301f79b0c3821ca8 •

CVE-2025-37928 – dm-bufio: don't schedule in atomic context
https://notcve.org/view.php?id=CVE-2025-37928
20 May 2025 — Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/7cd326747f46ffe1c7bff5682e97dfbcb98990ec •

CVE-2025-37927 – iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid
https://notcve.org/view.php?id=CVE-2025-37927
20 May 2025 — For example if the length of hid string is 4 and the length of the uid string is 260, the length of str will be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer which size is 256. For example if the length of hid string is 4 and the length of the uid string is 260, the length of str will be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer which size is 256. ... Check the length of hid and uid strings separately to prevent buffer ... • https://git.kernel.org/stable/c/ca3bf5d47cec8b7614bcb2e9132c40081d6d81db •