CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2025-38410 – drm/msm: Fix a fence leak in submit error path
https://notcve.org/view.php?id=CVE-2025-38410
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drm_sched_entity_push_job(), so msm_job_free() will never get called. Since drm_sched_job_cleanup() will NULL out the s_fence, we can use that to detect this case. Patchwork: https://patchwork.freedesktop.org/patch/653584/ En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/msm: Se corrige una fuga de la valla en la ru... • https://git.kernel.org/stable/c/0cf6c71d70d8aa39b8fd0e39c9009602a0e0d300 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38409 – drm/msm: Fix another leak in the submit error path
https://notcve.org/view.php?id=CVE-2025-38409
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path put_unused_fd() doesn't free the installed file, if we've already done fd_install(). So we need to also free the sync_file. Patchwork: https://patchwork.freedesktop.org/patch/653583/ En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/msm: Se corrige otra fuga en la ruta de error de envío. Put_unused_fd() no libera el archivo instalado si ya se ha ejecutado fd_install(). ... • https://git.kernel.org/stable/c/0cf6c71d70d8aa39b8fd0e39c9009602a0e0d300 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38408 – genirq/irq_sim: Initialize work context pointers properly
https://notcve.org/view.php?id=CVE-2025-38408
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: genirq/irq_sim: Initialize work context pointers properly Initialize `ops` member's pointers properly by using kzalloc() instead of kmalloc() when allocating the simulation work context. Otherwise the pointers contain random content leading to invalid dereferencing. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: genirq/irq_sim: Inicializar correctamente los punteros del contexto de trabajo. Inicializar correctamente los ... • https://git.kernel.org/stable/c/337cbeb2c13eb4cab84f576fd402d7ae4ed31ae1 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38406 – wifi: ath6kl: remove WARN on bad firmware input
https://notcve.org/view.php?id=CVE-2025-38406
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: remove WARN on bad firmware input If the firmware gives bad input, that's nothing to do with the driver's stack at this point etc., so the WARN_ON() doesn't add any value. Additionally, this is one of the top syzbot reports now. Just print a message, and as an added bonus, print the sizes too. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: ath6kl: eliminar WARN sobre entrada de firmware incorrecta. Si... • https://git.kernel.org/stable/c/7a2afdc5af3b82b601f6a2f0d1c90d5f0bc27aeb •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38403 – vsock/vmci: Clear the vmci transport packet properly when initializing it
https://notcve.org/view.php?id=CVE-2025-38403
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet before populating the fields to avoid any uninitialised data being left in the structure. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vsock/vmci: borre el paquete de transporte vmci correctamente al inicializarlo. En vmci_transport_packet_init, configure el vmci_transport_packet ante... • https://git.kernel.org/stable/c/d021c344051af91f42c5ba9fdedc176740cbd238 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38401 – mtk-sd: Prevent memory corruption from DMA map failure
https://notcve.org/view.php?id=CVE-2025-38401
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: mtk-sd: Prevent memory corruption from DMA map failure If msdc_prepare_data() fails to map the DMA region, the request is not prepared for data receiving, but msdc_start_data() proceeds the DMA with previous setting. Since this will lead a memory corruption, we have to stop the request operation soon after the msdc_prepare_data() fails to prepare it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mtk-sd: Prevenir la corr... • https://git.kernel.org/stable/c/208489032bdd8d4a7de50f3057c175058f271956 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2025-38400 – nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.
https://notcve.org/view.php?id=CVE-2025-38400
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails. syzbot reported a warning below [1] following a fault injection in nfs_fs_proc_net_init(). [0] When nfs_fs_proc_net_init() fails, /proc/net/rpc/nfs is not removed. Later, rpc_proc_exit() tries to remove /proc/net/rpc, and the warning is logged as the directory is not empty. Let's handle the error of nfs_fs_proc_net_init() properly. [0]: FAULT_INJECTION: forcing a failure. na... • https://git.kernel.org/stable/c/31dd0cda5aa0547de447aaf184812f85ccc34044 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2025-38399 – scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()
https://notcve.org/view.php?id=CVE-2025-38399
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() The function core_scsi3_decode_spec_i_port(), in its error code path, unconditionally calls core_scsi3_lunacl_undepend_item() passing the dest_se_deve pointer, which may be NULL. This can lead to a NULL pointer dereference if dest_se_deve remains unset. SPC-3 PR SPEC_I_PT: Unable to locate dest_tpg Unable to handle kernel paging request at virtual address dfff8000... • https://git.kernel.org/stable/c/70ddb8133fdb512d4b1f2b4fd1c9e518514f182c •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38396 – fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass
https://notcve.org/view.php?id=CVE-2025-38396
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass Export anon_inode_make_secure_inode() to allow KVM guest_memfd to create anonymous inodes with proper security context. This replaces the current pattern of calling alloc_anon_inode() followed by inode_init_security_anon() for creating security context manually. This change also fixes a security regression in secretmem where the S_PRIVATE flag was not cleared after alloc... • https://git.kernel.org/stable/c/2bfe15c5261212130f1a71f32a300bcf426443d4 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2025-38395 – regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods
https://notcve.org/view.php?id=CVE-2025-38395
25 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods drvdata::gpiods is supposed to hold an array of 'gpio_desc' pointers. But the memory is allocated for only one pointer. This will lead to out-of-bounds access later in the code if 'config::ngpios' is > 1. So fix the code to allocate enough memory to hold 'config::ngpios' of GPIO descriptors. While at it, also move the check for memory allocation failure to be below the allocat... • https://git.kernel.org/stable/c/d6cd33ad71029a3f77ba1686caf55d4dea58d916 •