CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37858 – fs/jfs: Prevent integer overflow in AG size calculation
https://notcve.org/view.php?id=CVE-2025-37858
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group (AG) size using 1 << l2agsize in dbExtendFS(). ... Found by Linux Verification Center (linuxtesting.org) with SVACE. Found by Linux Verification Center (linuxtesting.org) with SVACE. ... Found by Linux Verification Center (linuxtesting.org) with SVACE. Michael Randrianantenaina discovered that the Bluetooth driv... • https://git.kernel.org/stable/c/dd07a985e2ded47b6c7d69fc93c1fe02977c8454 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37857 – scsi: st: Fix array overflow in st_setup()
https://notcve.org/view.php?id=CVE-2025-37857
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in st_setup() Change the array size to follow parms size instead of a fixed value. Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. ... It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. • https://git.kernel.org/stable/c/736ae988bfb5932c05625baff70fba224d547c08 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-37856 – btrfs: harden block_group::bg_list against list_del() races
https://notcve.org/view.php?id=CVE-2025-37856
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: harden block_group::bg_list against list_del() races As far as I can tell, these calls of list_del_init() on bg_list cannot run concurrently with btrfs_mark_bg_unused() or btrfs_mark_bg_to_reclaim(), as they are in transaction error paths and situations where the block group is readonly. In the Linux kernel, the following vulnerability has been resolved: btrfs: harden block_group::bg_list against list_del() races As far... • https://git.kernel.org/stable/c/bf089c4d1141b27332c092b1dcca5022c415a3b6 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-37855 – drm/amd/display: Guard Possible Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2025-37855
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Guard Possible Null Pointer Dereference [WHY] In some situations, dc->res_pool may be null. ... In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Guard Possible Null Pointer Dereference [WHY] In some situations, dc->res_pool may be null. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/59fb2d0697de0fa9e48b98414420f5a59ca5583c •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37854 – drm/amdkfd: Fix mode1 reset crash issue
https://notcve.org/view.php?id=CVE-2025-37854
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mode1 reset crash issue If HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal user space to abort the processes. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mode1 reset crash issue If HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal user space to abort the processes. ... • https://git.kernel.org/stable/c/57c9dabda80ac167de8cd71231baae37cc2f442d •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37853 – drm/amdkfd: debugfs hang_hws skip GPU with MES
https://notcve.org/view.php?id=CVE-2025-37853
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: debugfs hang_hws skip GPU with MES debugfs hang_hws is used by GPU reset test with HWS, for MES this crash the kernel with NULL pointer access because dqm->packet_mgr is not setup for MES path. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: debugfs hang_hws skip GPU with MES debugfs hang_hws is used by GPU reset test with HWS, for MES this crash the kernel with NULL pointer access b... • https://git.kernel.org/stable/c/a36f8d544522a19ef06ed9e84667d154dcb6be52 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37852 – drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()
https://notcve.org/view.php?id=CVE-2025-37852
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() Add error handling to propagate amdgpu_cgs_create_device() failures to the caller. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() Add error handling to propagate amdgpu_cgs_create_device() failures to the caller. ... • https://git.kernel.org/stable/c/55ef52c30c3e747f145a64de96192e37a8fed670 •
CVSS: 8.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37851 – fbdev: omapfb: Add 'plane' value check
https://notcve.org/view.php?id=CVE-2025-37851
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB of the enum parameter plane. In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB of the enum parameter plane. ... Found by Linux Verification Center (linuxtesting.org) with SVAC... • https://git.kernel.org/stable/c/559d67018950ced65c73358cd69c4bdd2b0c5dd6 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-37850 – pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()
https://notcve.org/view.php?id=CVE-2025-37850
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() With CONFIG_COMPILE_TEST && !... Fixes the following warning: drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section [ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/] In the Linux kernel, the following vulnerability has been resolved: pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() With CONFIG_COMPILE_TEST && !... Fixes the following ... • https://git.kernel.org/stable/c/caf065f8fd583b43a3f95d84c8a0a0d07597963b •
CVSS: 5.6EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37849 – KVM: arm64: Tear down vGIC on failed vCPU creation
https://notcve.org/view.php?id=CVE-2025-37849
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we propagate the error ba... • https://git.kernel.org/stable/c/07476e0d932afc53c05468076393ac35d0b4999e •