CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38237 – media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode()
https://notcve.org/view.php?id=CVE-2025-38237
08 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() In fimc_is_hw_change_mode(), the function changes camera modes without waiting for hardware completion, risking corrupted data or system hangs if subsequent operations proceed before the hardware is ready. • https://git.kernel.org/stable/c/b0d92b94278561f43057003a73a17ce13b7c1a1a •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2025-38236 – af_unix: Don't leave consecutive consumed OOB skbs.
https://notcve.org/view.php?id=CVE-2025-38236
08 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't leave consecutive consumed OOB skbs. • https://git.kernel.org/stable/c/314001f0bf927015e459c9d387d62a231fe93af3 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38235 – HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting
https://notcve.org/view.php?id=CVE-2025-38235
06 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting During appletb_kbd_probe, probe attempts to get the backlight device by name. ... In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting During appletb_kbd_probe, probe attempts to get the backlight device by name. • https://git.kernel.org/stable/c/93a0fc48948107e0cc34e1de22c3cb363a8f2783 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38234 – sched/rt: Fix race in push_rt_task
https://notcve.org/view.php?id=CVE-2025-38234
04 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses to call push_rt_task and picks a task to push to another CPU's runqueue then it will call find_lock_lowest_rq method which would take a double lock on both CPUs' runqueues. ... asm_sysvec_reschedule_i ---truncated--- In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in push_rt_task Overview ======== When a CPU chooses t... • https://git.kernel.org/stable/c/07ecabfbca64f4f0b6071cf96e49d162fa9d138d •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-38233 – powerpc64/ftrace: fix clobbered r15 during livepatching
https://notcve.org/view.php?id=CVE-2025-38233
04 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix clobbered r15 during livepatching While r15 is clobbered always with PPC_FTRACE_OUT_OF_LINE, it is not restored in livepatch sequence leading to not so obvious fails like below: BUG: Unable to handle kernel data access on write at 0xc0000000000f9078 Faulting instruction address: 0xc0000000018ff958 Oops: Kernel access of bad area, sig: 11 [#1] ... In the Linux kernel, the following vulnerability has been r... • https://git.kernel.org/stable/c/eec37961a56aa4f3fe1c33ffd48eec7d1bb0c009 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38232 – NFSD: fix race between nfsd registration and exports_proc
https://notcve.org/view.php?id=CVE-2025-38232
04 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSD: fix race between nfsd registration and exports_proc As of now nfsd calls create_proc_exports_entry() at start of init_nfsd and cleanup by remove_proc_entry() at last of exit_nfsd. In the Linux kernel, the following vulnerability has been resolved: NFSD: fix race between nfsd registration and exports_proc As of now nfsd calls create_proc_exports_entry() at start of init_nfsd and cleanup by remove_proc_entry() at last of e... • https://git.kernel.org/stable/c/2029ca75cdfa6a25716a5a76b751486cce7e3822 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-38231 – nfsd: Initialize ssc before laundromat_work to prevent NULL dereference
https://notcve.org/view.php?id=CVE-2025-38231
04 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromat_work to prevent NULL dereference In nfs4_state_start_net(), laundromat_work may access nfsd_ssc through nfs4_laundromat -> nfsd4_ssc_expire_umount. In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromat_work to prevent NULL dereference In nfs4_state_start_net(), laundromat_work may access nfsd_ssc through nfs4_laundromat -> nfsd4_ssc_exp... • https://git.kernel.org/stable/c/a4bc287943f5695209ff36bdc89f17b48d68fae7 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-38230 – jfs: validate AG parameters in dbMount() to prevent crashes
https://notcve.org/view.php?id=CVE-2025-38230
04 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount() to prevent crashes Validate db_agheight, db_agwidth, and db_agstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount() to prevent crashes Validate db_agheight, db_agwidth, and db_agstart in dbMount to catch corrupted metadata early and avoid u... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 6.6EPSS: 0%CPEs: 7EXPL: 0CVE-2025-38229 – media: cxusb: no longer judge rbuf when the write fails
https://notcve.org/view.php?id=CVE-2025-38229
04 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusb_i2c_xfer. [1] Only when the write operation of usb_bulk_msg() in dvb_usb_generic_rw() succeeds and rlen is greater than 0, the read operation of usb_bulk_msg() will be executed to read rlen bytes of data from the dvb device into the rbuf. • https://git.kernel.org/stable/c/22c6d93a73105fddd58796d7cb10f5f90ee2a338 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-38228 – media: imagination: fix a potential memory leak in e5010_probe()
https://notcve.org/view.php?id=CVE-2025-38228
04 Jul 2025 — In the Linux kernel, the following vulnerability has been resolved: media: imagination: fix a potential memory leak in e5010_probe() Add video_device_release() to release the memory allocated by video_device_alloc() if something goes wrong. In the Linux kernel, the following vulnerability has been resolved: media: imagination: fix a potential memory leak in e5010_probe() Add video_device_release() to release the memory allocated by video_device_alloc() if something goes wrong. • https://git.kernel.org/stable/c/a1e2940458853d00c178c842c889e4ae3ef5eaec •