CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21820 – tty: xilinx_uartps: split sysrq handling
https://notcve.org/view.php?id=CVE-2025-21820
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: xilinx_uartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdns_uart_isr() printk() uart_port_lock(port) console_lock() cdns_uart_console_write() if (!port->sysrq) uart_port_lock(port) uart_handle_break() port->sysrq = ... uart_handle_sysrq_char() printk() console_lock() The fixed commit attempts to avoid this situation by only takin... • https://git.kernel.org/stable/c/74ea66d4ca061a3cd4c0e924e51b60e924644852 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21819 – Revert "drm/amd/display: Use HW lock mgr for PSR1"
https://notcve.org/view.php?id=CVE-2025-21819
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 ("drm/amd/display: Use HW lock mgr for PSR1") Because it may cause system hang while connect with two edp panel. In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 ("drm/amd/display: Use HW lock mgr for PSR1") Because it may cause system hang while connect wi... • https://git.kernel.org/stable/c/b7d2461858ac75c9d6bc4ab8af1a738d0814b716 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21817 – block: mark GFP_NOIO around sysfs ->store()
https://notcve.org/view.php?id=CVE-2025-21817
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: block: mark GFP_NOIO around sysfs ->store() sysfs ->store is called with queue freezed, meantime we have several ->store() callbacks(update_nr_requests, wbt, scheduler) to allocate memory with GFP_KERNEL which may run into direct reclaim code path, then potential deadlock can be caused. Fix the issue by marking NOIO around sysfs ->store() In the Linux kernel, the following vulnerability has been resolved: block: mark GFP_NOIO around sysfs -... • https://git.kernel.org/stable/c/2566ce907e5d5db8a039647208e029ce559baa31 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-21816 – hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING
https://notcve.org/view.php?id=CVE-2025-21816
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING hrtimers are migrated away from the dying CPU to any online target at the CPUHP_AP_HRTIMERS_DYING stage in order not to delay bandwidth timers handling tasks involved in the CPU hotplug forward progress. However wakeups can still be performed by the outgoing CPU after CPUHP_AP_HRTIMERS_DYING. Those can result again in bandwidth timers being armed. Depending on severa... • https://git.kernel.org/stable/c/5c0930ccaad5a74d74e8b18b648c5eb21ed2fe94 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21815 – mm/compaction: fix UBSAN shift-out-of-bounds warning
https://notcve.org/view.php?id=CVE-2025-21815
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/compaction: fix UBSAN shift-out-of-bounds warning syzkaller reported a UBSAN shift-out-of-bounds warning of (1UL << order) in isolate_freepages_block(). The bogus compound_order can be any value because it is union with flags. Add back the MAX_PAGE_ORDER check to fix the warning. In the Linux kernel, the following vulnerability has been resolved: mm/compaction: fix UBSAN shift-out-of-bounds warning syzkaller reported a UBSAN shift-out-of... • https://git.kernel.org/stable/c/3da0272a4c7d0d37b47b28e87014f421296fc2be •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21814 – ptp: Ensure info->enable callback is always set
https://notcve.org/view.php?id=CVE-2025-21814
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers unconditionally call the ->enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c. Instead use a dummy callback if no better was specified by the driver. In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always... • https://git.kernel.org/stable/c/d94ba80ebbea17f036cecb104398fbcd788aa742 •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21813 – timers/migration: Fix off-by-one root mis-connection
https://notcve.org/view.php?id=CVE-2025-21813
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: timers/migration: Fix off-by-one root mis-connection Before attaching a new root to the old root, the children counter of the new root is checked to verify that only the upcoming CPU's top group have been connected to it. However since the recently added commit b729cc1ec21a ("timers/migration: Fix another race between hotplug and idle entry/exit") this check is not valid anymore because the old root is pre-accounted as a child to the new ro... • https://git.kernel.org/stable/c/12ead225b7996252a8bc1a49b03aad57c0794880 •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2025-21812 – ax25: rcu protect dev->ax25_ptr
https://notcve.org/view.php?id=CVE-2025-21812
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. We should remove ax25 RTNL dependency in ax25_setsockopt() This should also fix a variety of possible UAF in ax25. [1] WARNING: possible circular locking dependency detected 6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0 Not tainted ------------------------------------------------------ syz.5.1818/12806 is trying to acquire lock: ffffffff8fcb3988 (rtnl_mutex){+.+.}-{4:4}, at: ax... • https://git.kernel.org/stable/c/c433570458e49bccea5c551df628d058b3526289 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21811 – nilfs2: protect access to buffers with no active references
https://notcve.org/view.php?id=CVE-2025-21811
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfs_lookup_dirty_data_buffers(), which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For data cache, nilfs_clear_folio_dirty() may be called asynchronously when the file system degenerates to read only, so nilfs_lookup_dirty_data_buffers() still has the potential to cause use after free issues whe... • https://git.kernel.org/stable/c/8c26c4e2694a163d525976e804d81cd955bbb40c • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21810 – driver core: class: Fix wild pointer dereferences in API class_dev_iter_next()
https://notcve.org/view.php?id=CVE-2025-21810
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() There are a potential wild pointer dereferences issue regarding APIs class_dev_iter_(init|next|exit)(), as explained by below typical usage: // All members of @iter are wild pointers. struct class_dev_iter iter; // class_dev_iter_init(@iter, @class, ...) checks parameter @class for // potential class_to_subsys() error, and it returns void type and does // not ini... • https://git.kernel.org/stable/c/7b884b7f24b42fa25e92ed724ad82f137610afaf •