CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37879 – 9p/net: fix improper handling of bogus negative read/write replies
https://notcve.org/view.php?id=CVE-2025-37879
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: 9p/net: fix improper handling of bogus negative read/write replies In p9_client_write() and p9_client_read_once(), if the server incorrectly replies with success but a negative write/read count then we would consider written (negative) <= rsize (positive) because both variables were signed. ... The reproducer linked below now fails with the following error instead of a null pointer deref: 9pnet: bogus RWRITE count (4294967295 > 3) In... • https://git.kernel.org/stable/c/468ff4a7c61fb811c596a7c44b6a5455e40fd12b •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-37878 – perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init
https://notcve.org/view.php?id=CVE-2025-37878
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARN_ON(!... This also maintains the author's original intent of passing in child_ctx to find_get_pmu_context before its refcount/assignment. [ mingo: Expanded the changelog from another email by Gabriel Shahrouzi. ] In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARN_ON(! • https://git.kernel.org/stable/c/1fe9b92eede32574dbe05b5bdb6ad666b350bed0 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37877 – iommu: Clear iommu-dma ops on cleanup
https://notcve.org/view.php?id=CVE-2025-37877
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu: Clear iommu-dma ops on cleanup If iommu_device_register() encounters an error, it can end up tearing down already-configured groups and default domains, however this currently still leaves devices hooked up to iommu-dma (and even historically the behaviour in this area was at best inconsistent across architectures/drivers...) ... In the Linux kernel, the following vulnerability has been resolved: iommu: Clear iommu-dma ... • https://git.kernel.org/stable/c/b14d98641312d972bb3f38e82eddf92898522389 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37876 – netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS
https://notcve.org/view.php?id=CVE-2025-37876
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS When testing a special config: CONFIG_NETFS_SUPPORTS=y CONFIG_PROC_FS=n The system crashes with something like: [ 3.766197] ------------[ cut here ]------------ [ 3.766484] kernel BUG at mm/mempool.c:560!... In the Linux kernel, the following vulnerability has been resolved: netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS When testing a special config: CONFIG_NETFS_SU... • https://git.kernel.org/stable/c/7eb5b3e3a0a55f2d166ca949ef47ca6e0c704aab •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37875 – igc: fix PTM cycle trigger logic
https://notcve.org/view.php?id=CVE-2025-37875
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. ... • https://git.kernel.org/stable/c/a90ec84837325df4b9a6798c2cc0df202b5680bd •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2025-37874 – net: ngbe: fix memory leak in ngbe_probe() error path
https://notcve.org/view.php?id=CVE-2025-37874
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbe_probe() error path When ngbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbe_probe() error path When ngbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). ... • https://git.kernel.org/stable/c/02338c484ab6250b81f0266ffb40d53c3efe0f47 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37873 – eth: bnxt: fix missing ring index trim on error path
https://notcve.org/view.php?id=CVE-2025-37873
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix missing ring index trim on error path Commit under Fixes converted tx_prod to be free running but missed masking it on the Tx error path. In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix missing ring index trim on error path Commit under Fixes converted tx_prod to be free running but missed masking it on the Tx error path. ... • https://git.kernel.org/stable/c/6d1add95536bafe585c500ad8114af7ed4225a0f •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37872 – net: txgbe: fix memory leak in txgbe_probe() error path
https://notcve.org/view.php?id=CVE-2025-37872
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix memory leak in txgbe_probe() error path When txgbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). ... In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix memory leak in txgbe_probe() error path When txgbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). • https://git.kernel.org/stable/c/937d46ecc5f941b26270bdf7ce37495f12b25955 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-37871 – nfsd: decrease sc_count directly if fail to queue dl_recall
https://notcve.org/view.php?id=CVE-2025-37871
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sc_count directly if fail to queue dl_recall A deadlock warning occurred when invoking nfs4_put_stid following a failed dl_recall queue operation: T1 T2 nfs4_laundromat nfs4_get_client_reaplist nfs4_anylock_blockers __break_lease spin_lock // ctx->flc_lock spin_lock // clp->cl_lock nfs4_lockowner_has_blockers locks_owner_has_blockers spin_lock // flctx->flc_lock nfsd_break_deleg_cb nfsd_break_one_deleg nfs4_put_stid re... • https://git.kernel.org/stable/c/b874cdef4e67e5150e07eff0eae1cbb21fb92da1 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37870 – drm/amd/display: prevent hang on link training fail
https://notcve.org/view.php?id=CVE-2025-37870
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: prevent hang on link training fail [Why] When link training fails, the phy clock will be disabled. ... In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: prevent hang on link training fail [Why] When link training fails, the phy clock will be disabled. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •