CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-68176 – PCI: cadence: Check for the existence of cdns_pcie::ops before using it
https://notcve.org/view.php?id=CVE-2025-68176
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie::ops before using it cdns_pcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops. Hence, add a check to prevent NULL pointer dereference. [mani: reworded subject and description] In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie:... • https://git.kernel.org/stable/c/40d957e6f9eb3a8a585007b8b730340c829afbdb •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-68175 – media: nxp: imx8-isi: Fix streaming cleanup on release
https://notcve.org/view.php?id=CVE-2025-68175
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Fix streaming cleanup on release The current implementation unconditionally calls mxc_isi_video_cleanup_streaming() in mxc_isi_video_release(). This can lead to situations where any release call (like from a simple "v4l2-ctl -l") may release a currently streaming queue when called on such a device. This is reproducible on an i.MX8MP board by streaming from an ISI capture device using gstreamer: gst-launch-1.0 -v v4l2sr... • https://git.kernel.org/stable/c/cf21f328fcafacf4f96e7a30ef9dceede1076378 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-68174 – amd/amdkfd: enhance kfd process check in switch partition
https://notcve.org/view.php?id=CVE-2025-68174
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: enhance kfd process check in switch partition current switch partition only check if kfd_processes_table is empty. kfd_prcesses_table entry is deleted in kfd_process_notifier_release, but kfd_process tear down is in kfd_process_wq_release. consider two processes: Process A (workqueue) -> kfd_process_wq_release -> Access kfd_node member Process B switch partition -> amdgpu_xcp_pre_partition_switch -> amdgpu_amdkfd_device_fini_sw ... • https://git.kernel.org/stable/c/0c7315e7d5ef9b36ca4db32ffeb34a187cbaf231 •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2025-68173 – ftrace: Fix softlockup in ftrace_module_enable
https://notcve.org/view.php?id=CVE-2025-68173
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix softlockup in ftrace_module_enable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls to kallsyms_lookup can spend too much time in RCU critical section and with disabled preemption, causing kernel panic. This is the same issue that was fixed in commit d0b24b4e91fc ("ftrace: Prevent RCU stall on PREEMPT_VOLUNTARY kernels") and commit 42ea22e754ba ("ftrace: Add cond_... • https://git.kernel.org/stable/c/b7ffffbb46f205e7727a18bcc7a46c3c2b534f7c •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2025-68172 – crypto: aspeed - fix double free caused by devm
https://notcve.org/view.php?id=CVE-2025-68172
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unprepare() in error path and remove function causes double free. Remove the manual clock cleanup in both aspeed_acry_probe()'s error path and aspeed_acry_remove(). In the Linux kernel, the following vulnerability has been resolved: cryp... • https://git.kernel.org/stable/c/2f1cf4e50c956f882c9fc209c7cded832b67b8a3 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-68171 – x86/fpu: Ensure XFD state on signal delivery
https://notcve.org/view.php?id=CVE-2025-68171
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported [1] the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2025-68168 – jfs: fix uninitialized waitqueue in transaction manager
https://notcve.org/view.php?id=CVE-2025-68168
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on read-only filesystems. When a filesystem is mounted read-only, txBegin() returns tid=0 to indicate no transaction. However, txEnd(0) still gets called and tries to access TxBlock[0].waitor via tid_to_tblock(0), but this waitqueue was n... • https://git.kernel.org/stable/c/2a8807f9f511c64de0c7cc9900a1683e3d72a3e5 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2025-40363 – net: ipv6: fix field-spanning memcpy warning in AH output
https://notcve.org/view.php?id=CVE-2025-40363
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix field-spanning memcpy warning in AH output Fix field-spanning memcpy warnings in ah6_output() and ah6_output_done() where extension headers are copied to/from IPv6 address fields, triggering fortify-string warnings about writes beyond the 16-byte address fields. memcpy: detected field-spanning write (size 40) of single field "&top_iph->saddr" at net/ipv6/ah6.c:439 (size 16) WARNING: CPU: 0 PID: 8838 at net/ipv6/ah6.c:439 ah6_... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2025-40360 – drm/sysfb: Do not dereference NULL pointer in plane reset
https://notcve.org/view.php?id=CVE-2025-40360
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sysfb: Do not dereference NULL pointer in plane reset The plane state in __drm_gem_reset_shadow_plane() can be NULL. Do not deref that pointer, but forward NULL to the other plane-reset helpers. Clears plane->state to NULL. v2: - fix typo in commit description (Javier) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/b715650220311e50448cb499c71084ca8aeeeece •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2025-40358 – riscv: stacktrace: Disable KASAN checks for non-current tasks
https://notcve.org/view.php?id=CVE-2025-40358
16 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: stacktrace: Disable KASAN checks for non-current tasks Unwinding the stack of a task other than current, KASAN would report "BUG: KASAN: out-of-bounds in walk_stackframe+0x41c/0x460" There is a same issue on x86 and has been resolved by the commit 84936118bdf3 ("x86/unwind: Disable KASAN checks for non-current tasks") The solution could be applied to RISC-V too. This patch also can solve the issue: https://seclists.org/oss-sec/2025/q... • https://git.kernel.org/stable/c/5d8544e2d0075a5f3c9a2cf27152354d54360da1 •