CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-57947 – netfilter: nf_set_pipapo: fix initial map fill
https://notcve.org/view.php?id=CVE-2024-57947
23 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. ... In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. • https://git.kernel.org/stable/c/3c4287f62044a90e73a561aa05fc46e62da173da •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-57946 – virtio-blk: don't keep queue frozen during system suspend
https://notcve.org/view.php?id=CVE-2024-57946
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio-blk: don't keep queue frozen during system suspend Commit 4ce6e2db00de ("virtio-blk: Ensure no requests in virtqueues before deleting vqs.") replaces queue quiesce with queue freeze in virtio-blk's PM callbacks. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: don't keep queue frozen during system suspend Commit 4ce6e2db00de ("virtio-blk: Ensure no requests in virtqueues before deleting vq... • https://git.kernel.org/stable/c/d738f3215bb4f88911ff4579780a44960c8e0ca5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21664 – dm thin: make get_first_thin use rcu-safe list first function
https://notcve.org/view.php?id=CVE-2025-21664
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: dm thin: make get_first_thin use rcu-safe list first function The documentation in rculist.h explains the absence of list_empty_rcu() and cautions programmers against relying on a list_empty() -> list_first() sequence in RCU safe code. In the Linux kernel, the following vulnerability has been resolved: dm thin: make get_first_thin use rcu-safe list first function The documentation in rculist.h explains the absence of list_empt... • https://git.kernel.org/stable/c/b10ebd34cccae1b431caf1be54919aede2be7cbe •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21663 – net: stmmac: dwmac-tegra: Read iommu stream id from device tree
https://notcve.org/view.php?id=CVE-2025-21663
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SID) to be written to the MGBE_WRAP_AXI_ASID0_CTRL register. ... • https://git.kernel.org/stable/c/d8ca113724e79b324f553914cefa9dd6961de152 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21662 – net/mlx5: Fix variable not being completed when function returns
https://notcve.org/view.php?id=CVE-2025-21662
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix variable not being completed when function returns When cmd_alloc_index(), fails cmd_work_handler() needs to complete ent->slotted before returning early. Otherwise the task which issued the command may hang: mlx5_core 0000:01:00.0: cmd_work_handler:877:(pid 3880418): failed to allocate command entry INFO: task kworker/13:2:4055883 blocked for more than 120 seconds. • https://git.kernel.org/stable/c/4baae687a20ef2b82fde12de3c04461e6f2521d6 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21661 – gpio: virtuser: fix missing lookup table cleanups
https://notcve.org/view.php?id=CVE-2025-21661
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. ... In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. • https://git.kernel.org/stable/c/91581c4b3f29e2e22aeb1a62e842d529ca638b2d •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21660 – ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked
https://notcve.org/view.php?id=CVE-2025-21660
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked When `ksmbd_vfs_kern_path_locked` met an error and it is not the last entry, it will exit without restoring changed path buffer. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked When `ksmbd_vfs_kern_path_locked` met an error and it is not the last entry, it will exit without r... • https://git.kernel.org/stable/c/d1b2d2a9c912fc7b788985fbaf944e80f4b3f2af •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21659 – netdev: prevent accessing NAPI instances from another namespace
https://notcve.org/view.php?id=CVE-2025-21659
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. ... In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. • https://git.kernel.org/stable/c/27f91aaf49b3a50e5a02ad5fa27b7c453d029a72 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21658 – btrfs: avoid NULL pointer dereference if no valid extent tree
https://notcve.org/view.php?id=CVE-2025-21658
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG] Syzbot reported a crash with the following call trace: BTRFS info (device loop0): scrub: started on devid 1 BUG: kernel NULL pointer dereference, address: 0000000000000208 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 106e70067 P4D 106e70067 PUD 107143067 PMD 0 Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 UID: 0 PID: 689 ... • https://git.kernel.org/stable/c/42437a6386ffeaaf200731e73d723ea491f3fe7d •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21657 – sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass()
https://notcve.org/view.php?id=CVE-2025-21657
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass() scx_ops_bypass() iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rq_lock() regardless of whether a CPU is offline or the CPU is currently running a task in a higher scheduler class (e.g., deadline). ... = &balance_push_callback [ 6.615208] WARNING: CPU: 2 PID: 0 at kernel/sched/sched.h:1730 __schedule+0x1130/0x1c90 ===== E... • https://git.kernel.org/stable/c/0e7ffff1b8117b05635c87d3c9099f6aa9c9b689 •