CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21756 – vsock: Keep the binding until socket destruction
https://notcve.org/view.php?id=CVE-2025-21756
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket unbinding during a transport reassignment, which fixes a use-after-free: 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2) 2. transport->release() calls vsock_remove_bound() without checking if sk was bound and moved t... • https://git.kernel.org/stable/c/c0cfa2d8a788fcf45df5bf4070ab2474c88d543a • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-58021 – HID: winwing: Add NULL check in winwing_init_led()
https://notcve.org/view.php?id=CVE-2024-58021
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: winwing: Add NULL check in winwing_init_led() devm_kasprintf() can return a NULL pointer on failure,but this returned value in winwing_init_led() is not checked. Add NULL check in winwing_init_led(), to handle kernel NULL pointer dereference error. In the Linux kernel, the following vulnerability has been resolved: HID: winwing: Add NULL check in winwing_init_led() devm_kasprintf() can return a NULL pointer on failure,but this returned... • https://git.kernel.org/stable/c/266c990debad2f9589c7a412e897a8e312b09766 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-58020 – HID: multitouch: Add NULL check in mt_input_configured
https://notcve.org/view.php?id=CVE-2024-58020
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configured(), to handle kernel NULL pointer dereference error. In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but... • https://git.kernel.org/stable/c/2763732ec1e68910719c75b6b896e11b6d3d622b •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57852 – firmware: qcom: scm: smc: Handle missing SCM device
https://notcve.org/view.php?id=CVE-2024-57852
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") makes it explicit that qcom_scm_get_tzmem_pool() can return NULL, therefore its users should handle this. In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") makes it expli... • https://git.kernel.org/stable/c/cd955b75849b58b650ca3f87b83bd78cde1da8bc •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-57834 – media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread
https://notcve.org/view.php?id=CVE-2024-57834
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread syzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1] If dvb->mux is not initialized successfully by vidtv_mux_init() in the vidtv_start_streaming(), it will trigger null pointer dereference about mux in vidtv_mux_stop_thread(). Adjust the timing of streaming initialization and check it before stopping it. [1] KASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000... • https://git.kernel.org/stable/c/86307e443c5844f38e1b98e2c51a4195c55576cd •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-54458 – scsi: ufs: bsg: Set bsg_queue to NULL after removal
https://notcve.org/view.php?id=CVE-2024-54458
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after removing it to prevent potential use-after-free (UAF) access. In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after re... • https://git.kernel.org/stable/c/5e7b6e44468c3242c21c2a8656d009fb3eb50a73 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-54456 – NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()
https://notcve.org/view.php?id=CVE-2024-54456
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() name is char[64] where the size of clnt->cl_program->name remains unknown. Invoking strcat() directly will also lead to potential buffer overflow. Change them to strscpy() and strncat() to fix potential issues. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() name is char[64] where the size of ... • https://git.kernel.org/stable/c/19b3ca651b4b473878c73539febe477905041442 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52560 – fs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr()
https://notcve.org/view.php?id=CVE-2024-52560
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr() Extended the `mi_enum_attr()` function interface with an additional parameter, `struct ntfs_inode *ni`, to allow marking the inode as bad as soon as an error is detected. In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr() Extended the `mi_enum_attr()` function interface with an addi... • https://git.kernel.org/stable/c/d9c699f2c4dc174940ffe8600b20c267897da155 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52559 – drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()
https://notcve.org/view.php?id=CVE-2024-52559
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() The "submit->cmd[i].size" and "submit->cmd[i].offset" variables are u32 values that come from the user via the submit_lookup_cmds() function. This addition could lead to an integer wrapping bug so use size_add() to prevent that. Patchwork: https://patchwork.freedesktop.org/patch/624696/ In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: prevent int... • https://git.kernel.org/stable/c/198725337ef1f73b73e7dc953c6ffb0799f26ffe •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52557 – drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get()
https://notcve.org/view.php?id=CVE-2024-52557
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get() This patch fixes a potential integer overflow in the zynqmp_dp_rate_get() The issue comes up when the expression drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000 is evaluated using 32-bit Now the constant is a compatible 64-bit type. Resolves coverity issues: CID 1636340 and CID 1635811 In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dp: Fix in... • https://git.kernel.org/stable/c/28edaacb821c69241f6c0be6bbd29f7145f1b44f •