CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21821 – fbdev: omap: use threaded IRQ for LCD DMA
https://notcve.org/view.php?id=CVE-2025-21821
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2 Hardware name: Nokia 770 Call trace: unwind_backtrace from show_stack+0x10/0x14 show_stack fro... • https://git.kernel.org/stable/c/7bbbd311dd503653a2cc86d9226740883051dc92 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21817 – block: mark GFP_NOIO around sysfs ->store()
https://notcve.org/view.php?id=CVE-2025-21817
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: block: mark GFP_NOIO around sysfs ->store() sysfs ->store is called with queue freezed, meantime we have several ->store() callbacks(update_nr_requests, wbt, scheduler) to allocate memory with GFP_KERNEL which may run into direct reclaim code path, then potential deadlock can be caused. Fix the issue by marking NOIO around sysfs ->store() In the Linux kernel, the following vulnerability has been resolved: block: mark GFP_NOIO around sysfs -... • https://git.kernel.org/stable/c/2566ce907e5d5db8a039647208e029ce559baa31 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21814 – ptp: Ensure info->enable callback is always set
https://notcve.org/view.php?id=CVE-2025-21814
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers unconditionally call the ->enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c. Instead use a dummy callback if no better was specified by the driver. In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always... • https://git.kernel.org/stable/c/d94ba80ebbea17f036cecb104398fbcd788aa742 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21811 – nilfs2: protect access to buffers with no active references
https://notcve.org/view.php?id=CVE-2025-21811
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfs_lookup_dirty_data_buffers(), which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For data cache, nilfs_clear_folio_dirty() may be called asynchronously when the file system degenerates to read only, so nilfs_lookup_dirty_data_buffers() still has the potential to cause use after free issues whe... • https://git.kernel.org/stable/c/8c26c4e2694a163d525976e804d81cd955bbb40c • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21806 – net: let net.core.dev_weight always be non-zero
https://notcve.org/view.php?id=CVE-2025-21806
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget of 0. ------------[ cut here ]------------ list_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \ next=ffff88905f746e40. WARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \ __list_add_valid_or_report+0xf3/0x130 CPU: 18 UID:... • https://git.kernel.org/stable/c/e3876605450979fe52a1a03e7eb78a89bf59e76a •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21796 – nfsd: clear acl_access/acl_default after releasing them
https://notcve.org/view.php?id=CVE-2025-21796
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the released posix_acl, which will trigger a WARNING in nfs3svc_release_getacl like this: ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 26 PID: 3199 at lib/refcount.c:28 refcount_warn_saturate+0... • https://git.kernel.org/stable/c/a257cdd0e2179630d3201c32ba14d7fcb3c3a055 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21787 – team: better TEAM_OPTION_TYPE_STRING validation
https://notcve.org/view.php?id=CVE-2025-21787
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: team: better TEAM_OPTION_TYPE_STRING validation syzbot reported following splat [1] Make sure user-provided data contains one nul byte. [1] BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline] BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714 string_nocheck lib/vsprintf.c:633 [inline] string+0x3ec/0x5f0 lib/vsprintf.c:714 vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843 __request_module+0x252/0x9f0 kernel/module/... • https://git.kernel.org/stable/c/3d249d4ca7d0ed6629a135ea1ea21c72286c0d80 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21776 – USB: hub: Ignore non-compliant devices with too many configs or interfaces
https://notcve.org/view.php?id=CVE-2025-21776
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer: Oops: general protection fault, probably for non-canonical address 0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI CPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14 Hardware name: FreeBSD BHYVE/BHYVE,... • https://git.kernel.org/stable/c/49f077106fa07919a6a6dda99bb490dd1d1a8218 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21772 – partitions: mac: fix handling of bogus partition table
https://notcve.org/view.php?id=CVE-2025-21772
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeeded. - If the partition table claims a silly sector size like 0xfff bytes (which results in partition table entries straddling sector boundaries), bail out instead of accessing out-of-bounds memory. - We must not assume that the partition ta... • https://git.kernel.org/stable/c/a3e77da9f843e4ab93917d30c314f0283e28c124 •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21765 – ipv6: use RCU protection in ip6_default_advmss()
https://notcve.org/view.php?id=CVE-2025-21765
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear. In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear. • https://git.kernel.org/stable/c/5578689a4e3c04f2d43ea39736fd3fa396d80c6e •