CVE-2024-57946 – virtio-blk: don't keep queue frozen during system suspend
https://notcve.org/view.php?id=CVE-2024-57946
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: virtio-blk: don't keep queue frozen during system suspend Commit 4ce6e2db00de ("virtio-blk: Ensure no requests in virtqueues before deleting vqs.") replaces queue quiesce with queue freeze in virtio-blk's PM callbacks. ... And Marek reported lockdep warning[1] caused by virtio-blk's freeze queue in virtblk_freeze(). [1] https://lore.kernel.org/linux-block/ca16370e-d646-4eee-b9cc-87277c89c43c@samsung.com/ Given the motivation i... • https://git.kernel.org/stable/c/d738f3215bb4f88911ff4579780a44960c8e0ca5 •
CVE-2025-21664 – dm thin: make get_first_thin use rcu-safe list first function
https://notcve.org/view.php?id=CVE-2025-21664
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: dm thin: make get_first_thin use rcu-safe list first function The documentation in rculist.h explains the absence of list_empty_rcu() and cautions programmers against relying on a list_empty() -> list_first() sequence in RCU safe code. • https://git.kernel.org/stable/c/b10ebd34cccae1b431caf1be54919aede2be7cbe •
CVE-2025-21663 – net: stmmac: dwmac-tegra: Read iommu stream id from device tree
https://notcve.org/view.php?id=CVE-2025-21663
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SID) to be written to the MGBE_WRAP_AXI_ASID0_CTRL register. • https://git.kernel.org/stable/c/d8ca113724e79b324f553914cefa9dd6961de152 •
CVE-2025-21662 – net/mlx5: Fix variable not being completed when function returns
https://notcve.org/view.php?id=CVE-2025-21662
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix variable not being completed when function returns When cmd_alloc_index(), fails cmd_work_handler() needs to complete ent->slotted before returning early. Otherwise the task which issued the command may hang: mlx5_core 0000:01:00.0: cmd_work_handler:877:(pid 3880418): failed to allocate command entry INFO: task kworker/13:2:4055883 blocked for more than 120 seconds. • https://git.kernel.org/stable/c/4baae687a20ef2b82fde12de3c04461e6f2521d6 •
CVE-2025-21661 – gpio: virtuser: fix missing lookup table cleanups
https://notcve.org/view.php?id=CVE-2025-21661
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. • https://git.kernel.org/stable/c/91581c4b3f29e2e22aeb1a62e842d529ca638b2d •
CVE-2025-21660 – ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked
https://notcve.org/view.php?id=CVE-2025-21660
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked When `ksmbd_vfs_kern_path_locked` met an error and it is not the last entry, it will exit without restoring changed path buffer. • https://git.kernel.org/stable/c/d1b2d2a9c912fc7b788985fbaf944e80f4b3f2af •
CVE-2025-21659 – netdev: prevent accessing NAPI instances from another namespace
https://notcve.org/view.php?id=CVE-2025-21659
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. • https://git.kernel.org/stable/c/27f91aaf49b3a50e5a02ad5fa27b7c453d029a72 •
CVE-2025-21658 – btrfs: avoid NULL pointer dereference if no valid extent tree
https://notcve.org/view.php?id=CVE-2025-21658
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG] Syzbot reported a crash with the following call trace: BTRFS info (device loop0): scrub: started on devid 1 BUG: kernel NULL pointer dereference, address: 0000000000000208 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 106e70067 P4D 106e70067 PUD 107143067 PMD 0 Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 UID: 0 PID: 689 ... • https://git.kernel.org/stable/c/42437a6386ffeaaf200731e73d723ea491f3fe7d •
CVE-2025-21657 – sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass()
https://notcve.org/view.php?id=CVE-2025-21657
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass() scx_ops_bypass() iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rq_lock() regardless of whether a CPU is offline or the CPU is currently running a task in a higher scheduler class (e.g., deadline). • https://git.kernel.org/stable/c/0e7ffff1b8117b05635c87d3c9099f6aa9c9b689 •
CVE-2025-21656 – hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur
https://notcve.org/view.php?id=CVE-2025-21656
21 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur scsi_execute_cmd() function can return both negative (linux codes) and positive (scsi_cmnd result field) error codes. • https://git.kernel.org/stable/c/5b46903d8bf372e563bf2150d46b87fff197a109 •