CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53146 – media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()
https://notcve.org/view.php?id=CVE-2023-53146
14 May 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer() In dw2102_i2c_transfer, msg is controlled by user. ... Similar commit: commit 950e252cb469 ("[media] dw2102: limit messages to buffer size") In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer() In dw2102_i2c_transfer, msg is controlled by user. • https://git.kernel.org/stable/c/77cbd42d29de9ffc93d5529bab8813cde53af14c •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53145 – Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition
https://notcve.org/view.php?id=CVE-2023-53145
10 May 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. ... In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. • https://git.kernel.org/stable/c/6c3653627397a0d6eab19b20a59423e118985a6b •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37889 – ASoC: ops: Consistently treat platform_max as control value
https://notcve.org/view.php?id=CVE-2025-37889
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Consistently treat platform_max as control value This reverts commit 9bdd10d57a88 ("ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min"), and makes some additional related updates. In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Consistently treat platform_max as control value This reverts commit 9bdd10d57a88 ("ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min"),... • https://git.kernel.org/stable/c/c11fc224e58e7972ffd05b8f25e9b1d6a0b8d562 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37888 – net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()
https://notcve.org/view.php?id=CVE-2025-37888
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() Add NULL check for mlx5_get_flow_namespace() returns in mlx5_create_inner_ttc_table() and mlx5_create_ttc_table() to prevent NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() Add NULL check for mlx5_get_flow_namespace() returns in mlx5_create_inner_ttc_tab... • https://git.kernel.org/stable/c/137f3d50ad2a0f2e1ebe5181d6b32a5541786b99 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-37887 – pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result
https://notcve.org/view.php?id=CVE-2025-37887
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result If the FW doesn't support the PDS_CORE_CMD_FW_CONTROL command the driver might at the least print garbage and at the worst crash when the user runs the "devlink dev info" devlink command. In the Linux kernel, the following vulnerability has been resolved: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result If the FW doesn't support the PDS_CORE_CMD_FW_CONTROL ... • https://git.kernel.org/stable/c/45d76f492938cdc27ddadc16e1e75103f4cfbf56 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-37886 – pds_core: make wait_context part of q_info
https://notcve.org/view.php?id=CVE-2025-37886
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: pds_core: make wait_context part of q_info Make the wait_context a full part of the q_info struct rather than a stack variable that goes away after pdsc_adminq_post() is done so that the context is still available after the wait loop has given up. In the Linux kernel, the following vulnerability has been resolved: pds_core: make wait_context part of q_info Make the wait_context a full part of the q_info struct rather than a st... • https://git.kernel.org/stable/c/01ba61b55b2041a39c54aefb3153c770dd59a0ef •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2025-37885 – KVM: x86: Reset IRTE to host control if *new* route isn't postable
https://notcve.org/view.php?id=CVE-2025-37885
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an IRTE back to host control (remapped or posted MSI mode) if the *new* GSI route prevents posting the IRQ directly to a vCPU, regardless of the GSI routing type. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if *new* route isn't postable Restore an IRTE back to host control (remapped or posted ... • https://git.kernel.org/stable/c/efc644048ecde54f016011fe10110addd0de348f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-37884 – bpf: Fix deadlock between rcu_tasks_trace and event_mutex.
https://notcve.org/view.php?id=CVE-2025-37884
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcu_tasks_trace and event_mutex. ... In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcu_tasks_trace and event_mutex. • https://git.kernel.org/stable/c/255cbc9db7067a83713fd2f4b31034ddd266549a •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-37883 – s390/sclp: Add check for get_zeroed_page()
https://notcve.org/view.php?id=CVE-2025-37883
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Add check for get_zeroed_page() Add check for the return value of get_zeroed_page() in sclp_console_init() to prevent null pointer dereference. In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Add check for get_zeroed_page() Add check for the return value of get_zeroed_page() in sclp_console_init() to prevent null pointer dereference. • https://git.kernel.org/stable/c/e1e00dc45648125ef7cb87ebc3b581ac224e7b39 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-37882 – usb: xhci: Fix isochronous Ring Underrun/Overrun event handling
https://notcve.org/view.php?id=CVE-2025-37882
09 May 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's ... • https://git.kernel.org/stable/c/16a7a8e6c47fea5c847beb696c8c21a7a44c1915 •