CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22096 – drm/msm/gem: Fix error code msm_parse_deps()
https://notcve.org/view.php?id=CVE-2025-22096
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fix error code msm_parse_deps() The SUBMIT_ERROR() macro turns the error code negative. ... Patchwork: https://patchwork.freedesktop.org/patch/637625/ In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fix error code msm_parse_deps() The SUBMIT_ERROR() macro turns the error code negative. • https://git.kernel.org/stable/c/866e43b945bf98f8e807dfa45eca92f931f3a032 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-22095 – PCI: brcmstb: Fix error path after a call to regulator_bulk_get()
https://notcve.org/view.php?id=CVE-2025-22095
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_bulk_get() returns an error and no regulators are created, we need to set their number to zero. ... [kwilczynski: commit log, use comma in the message to match style with other similar messages] In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_b... • https://git.kernel.org/stable/c/9e6be018b26347c26a93e63fb50a37ee2c9311de •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22094 – powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu'
https://notcve.org/view.php?id=CVE-2025-22094
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' Commit 176cda0619b6 ("powerpc/perf: Add perf interface to expose vpa counters") introduced 'vpa_pmu' to expose Book3s-HV nested APIv2 provided L1<->L2 context switch latency counters to L1 user-space via perf-events. In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' Commit 176cda0619b6 ("powerpc/perf: Add p... • https://git.kernel.org/stable/c/176cda0619b6c17a553625f6e2fcbc3981ad667d •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-22093 – drm/amd/display: avoid NPD when ASIC does not support DMUB
https://notcve.org/view.php?id=CVE-2025-22093
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid NPD when ASIC does not support DMUB ctx->dmub_srv will de NULL if the ASIC does not support DMUB, which is tested in dm_dmub_sw_init. ... srso_return_thunk+0x5/0 ---truncated--- In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid NPD when ASIC does not support DMUB ctx->dmub_srv will de NULL if the ASIC does not support DMUB, which is tested in dm_dmub_sw_init. • https://git.kernel.org/stable/c/b7d2461858ac75c9d6bc4ab8af1a738d0814b716 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22092 – PCI: Fix NULL dereference in SR-IOV VF creation error path
https://notcve.org/view.php?id=CVE-2025-22092
16 Apr 2025 — BUG: kernel NULL pointer dereference, address: 00000000000000d0 RIP: 0010:device_del+0x3d/0x3d0 Call Trace: pci_remove_bus_device+0x7c/0x100 pci_iov_add_virtfn+0xfa/0x200 sriov_enable+0x208/0x420 mlx5_core_sriov_configure+0x6a/0x160 [mlx5_core] sriov_numvfs_store+0xae/0x1a0 [bhelgaas: commit log, return ERR_PTR(-ENOMEM) directly] In the Linux kernel, the following vulnerability has been resolved: PCI: Fix NULL dereference in SR-IOV VF creation error path Clean up when virtfn setup fails to prevent NU... • https://git.kernel.org/stable/c/e3f30d563a388220a7c4e3b9a7b52ac0b0324b26 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-22091 – RDMA/mlx5: Fix page_size variable overflow
https://notcve.org/view.php?id=CVE-2025-22091
16 Apr 2025 — __pte_offset_map_lock+0x80/0x100 ib_uverbs_ioctl+0xac/0x110 [ib_uverbs] __x64_sys_ioctl+0x94/0xb0 do_syscall_64+0x50/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7fb7ecf0737b Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 7d 2a 0f 00 f7 d8 64 89 01 48 RSP: 002b:00007ffdbe03ecc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007ffdbe03edb8 RCX: 000... • https://git.kernel.org/stable/c/cef7dde8836ab09a3bfe96ada4f18ef2496eacc9 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-22090 – x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()
https://notcve.org/view.php?id=CVE-2025-22090
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() If track_pfn_copy() fails, we already added the dst VMA to the maple tree. In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() If track_pfn_copy() fails, we already added the dst VMA to the maple tree. ... Keep the documentation of these functions in include/linux/... • https://git.kernel.org/stable/c/2ab640379a0ab4cef746ced1d7e04a0941774bcb •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-22089 – RDMA/core: Don't expose hw_counters outside of init net namespace
https://notcve.org/view.php?id=CVE-2025-22089
16 Apr 2025 — With this fix applied hw_counters are not available in a non-init net namespace: find /sys/class/infiniband/mlx4_0/ -name hw_counters /sys/class/infiniband/mlx4_0/ports/1/hw_counters /sys/class/infiniband/mlx4_0/ports/2/hw_counters /sys/class/infiniband/mlx4_0/hw_counters ip netns add foo ip netns exec foo bash find /sys/class/infiniband/mlx4_0/ -name hw_counters In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hw_counters outside of init net namespace Commi... • https://git.kernel.org/stable/c/467f432a521a284c418e3d521ee51840a5e23424 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-22088 – RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()
https://notcve.org/view.php?id=CVE-2025-22088
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem. In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a U... • https://git.kernel.org/stable/c/920d93eac8b97778fef48f34f10e58ddf870fc2a • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-22087 – bpf: Fix array bounds error with may_goto
https://notcve.org/view.php?id=CVE-2025-22087
16 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error with may_goto may_goto uses an additional 8 bytes on the stack, which causes the interpreters[] array to go out of bounds when calculating index by stack_size. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error with may_goto may_goto uses an additional 8 bytes on the stack, which causes the interpreters[] array to go out of bounds when calculating index b... • https://git.kernel.org/stable/c/011832b97b311bb9e3c27945bc0d1089a14209c9 •