CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21912 – gpio: rcar: Use raw_spinlock to protect register access
https://notcve.org/view.php?id=CVE-2025-21912
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: rcar: Use raw_spinlock to protect register access Use raw_spinlock in order to fix spurious messages about invalid context when spinlock debugging is enabled. The lock is only used to serialize register access. [ 4.239592] ============================= [ 4.239595] [ BUG: Invalid wait context ] [ 4.239599] 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35 Not tainted [ 4.239603] ----------------------------- [ 4.239606] kworker/u8:5/76 ... • https://git.kernel.org/stable/c/7c1f36f9c9aca507d317479a3d3388150ae40a87 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21910 – wifi: cfg80211: regulatory: improve invalid hints checking
https://notcve.org/view.php?id=CVE-2025-21910
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot keeps reporting an issue [1] that occurs when erroneous symbols sent from userspace get through into user_alpha2[] via regulatory_hint_user() call. Such invalid regulatory hints should be rejected. While a sanity check from commit 47caf685a685 ("cfg80211: regulatory: reject invalid hints") looks to be enough to deter these very cases, there is a way to get around it due to 2 ... • https://git.kernel.org/stable/c/09d989d179d0c679043556dda77c51b41a2dae7e •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21909 – wifi: nl80211: reject cooked mode if it is set along with other flags
https://notcve.org/view.php?id=CVE-2025-21909
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject cooked mode if it is set along with other flags It is possible to set both MONITOR_FLAG_COOK_FRAMES and MONITOR_FLAG_ACTIVE flags simultaneously on the same monitor interface from the userspace. This causes a sub-interface to be created with no IEEE80211_SDATA_IN_DRIVER bit set because the monitor interface is in the cooked state and it takes precedence over all other states. When the interface is then being deleted th... • https://git.kernel.org/stable/c/66f7ac50ed7cc5c19a62bc97e8f6e7891004a03a •
CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21908 – NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback
https://notcve.org/view.php?id=CVE-2025-21908
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback Add PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so nfs_release_folio() can skip calling nfs_wb_folio() from kcompactd. Otherwise NFS can deadlock waiting for kcompactd enduced writeback which recurses back to NFS (which triggers writeback to NFSD via NFS loopback mount on the same host, NFSD blocks waiting for XFS's call to __filemap_get_folio): 607... • https://git.kernel.org/stable/c/96780ca55e3cbf4f150fd5a833a61492c9947b5b •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21907 – mm: memory-failure: update ttu flag inside unmap_poisoned_folio
https://notcve.org/view.php?id=CVE-2025-21907
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: mm: memory-failure: update ttu flag inside unmap_poisoned_folio Patch series "mm: memory_failure: unmap poisoned folio during migrate properly", v3. Fix two bugs during folio migration if the folio is poisoned. This patch (of 3): Commit 6da6b1d4a7df ("mm/hwpoison: convert TTU_IGNORE_HWPOISON to TTU_HWPOISON") introduce TTU_HWPOISON to replace TTU_IGNORE_HWPOISON in order to stop send SIGBUS signal when accessing an error page after a memory... • https://git.kernel.org/stable/c/6da6b1d4a7df8c35770186b53ef65d388398e139 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21905 – wifi: iwlwifi: limit printed string from FW file
https://notcve.org/view.php?id=CVE-2025-21905
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perhaps even read beyond the end of the file buffer. Fix that by limiting the print format to the size of the buffer we have. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit print... • https://git.kernel.org/stable/c/aee1b6385e29e472ae5592b9652b750a29bf702e •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21904 – caif_virtio: fix wrong pointer check in cfv_probe()
https://notcve.org/view.php?id=CVE-2025-21904
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: caif_virtio: fix wrong pointer check in cfv_probe() del_vqs() frees virtqueues, therefore cfv->vq_tx pointer should be checked for NULL before calling it, not cfv->vdev. Also the current implementation is redundant because the pointer cfv->vdev is dereferenced before it is checked for NULL. Fix this by checking cfv->vq_tx for NULL instead of cfv->vdev before calling del_vqs(). In the Linux kernel, the following vulnerability has been resolv... • https://git.kernel.org/stable/c/0d2e1a2926b1839a4b74519e660739b2566c9386 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21903 – mctp i3c: handle NULL header address
https://notcve.org/view.php?id=CVE-2025-21903
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: mctp i3c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is transmitted by a different protocol. In the Linux kernel, the following vulnerability has been resolved: mctp i3c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case... • https://git.kernel.org/stable/c/c8755b29b58ec65be17bcb8c40763d2dcb1f1db5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21899 – tracing: Fix bad hist from corrupting named_triggers list
https://notcve.org/view.php?id=CVE-2025-21899
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix bad hist from corrupting named_triggers list The following commands causes a crash: ~# cd /sys/kernel/tracing/events/rcu/rcu_callback ~# echo 'hist:name=bad:keys=common_pid:onmax(bogus).save(common_pid)' > trigger bash: echo: write error: Invalid argument ~# echo 'hist:name=bad:keys=common_pid' > trigger Because the following occurs: event_trigger_write() { trigger_process_regex() { event_hist_trigger_parse() { data = event_tri... • https://git.kernel.org/stable/c/067fe038e70f6e64960d26a79c4df5f1413d0f13 •
CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2025-21898 – ftrace: Avoid potential division by zero in function_stat_show()
https://notcve.org/view.php?id=CVE-2025-21898
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in function_stat_show() Check whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64} produce zero and skip stddev computation in that case. For now don't care about rec->counter * rec->counter overflow because rec->time * rec->time overflow will likely happen earlier. In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in function_s... • https://git.kernel.org/stable/c/f0629ee3922f10112584b1898491fecc74d98b3b •