CVSS: 6.1EPSS: %CPEs: 5EXPL: 0CVE-2025-21823 – batman-adv: Drop unmanaged ELP metric worker
https://notcve.org/view.php?id=CVE-2025-21823
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require locks which might need to sleep. This sleep is incompatible with the RCU list iterator used for the recorded neighbors. The initial approach to work around of this problem was to queue another work item per neighbor and then run this in a new context. Even w... • https://git.kernel.org/stable/c/c833484e5f3872a38fe232c663586069d5ad9645 •
CVSS: 7.8EPSS: %CPEs: 5EXPL: 0CVE-2025-21821 – fbdev: omap: use threaded IRQ for LCD DMA
https://notcve.org/view.php?id=CVE-2025-21821
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2 Hardware name: Nokia 770 Call trace: unwind_backtrace from show_stack+0x10/0x14 show_stack fro... • https://git.kernel.org/stable/c/7bbbd311dd503653a2cc86d9226740883051dc92 •
CVSS: 7.1EPSS: %CPEs: 5EXPL: 0CVE-2025-21820 – tty: xilinx_uartps: split sysrq handling
https://notcve.org/view.php?id=CVE-2025-21820
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: xilinx_uartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdns_uart_isr() printk() uart_port_lock(port) console_lock() cdns_uart_console_write() if (!port->sysrq) uart_port_lock(port) uart_handle_break() port->sysrq = ... uart_handle_sysrq_char() printk() console_lock() The fixed commit attempts to avoid this situation by only takin... • https://git.kernel.org/stable/c/74ea66d4ca061a3cd4c0e924e51b60e924644852 •
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2025-21819 – Revert "drm/amd/display: Use HW lock mgr for PSR1"
https://notcve.org/view.php?id=CVE-2025-21819
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 ("drm/amd/display: Use HW lock mgr for PSR1") Because it may cause system hang while connect with two edp panel. In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 ("drm/amd/display: Use HW lock mgr for PSR1") Because it may cause system hang while connect wi... • https://git.kernel.org/stable/c/915697c2e69ac8d14dad498e6d6f43dbb7de3787 •
CVSS: 5.5EPSS: %CPEs: 2EXPL: 0CVE-2025-21817 – block: mark GFP_NOIO around sysfs ->store()
https://notcve.org/view.php?id=CVE-2025-21817
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: block: mark GFP_NOIO around sysfs ->store() sysfs ->store is called with queue freezed, meantime we have several ->store() callbacks(update_nr_requests, wbt, scheduler) to allocate memory with GFP_KERNEL which may run into direct reclaim code path, then potential deadlock can be caused. Fix the issue by marking NOIO around sysfs ->store() In the Linux kernel, the following vulnerability has been resolved: block: mark GFP_NOIO around sysfs -... • https://git.kernel.org/stable/c/2566ce907e5d5db8a039647208e029ce559baa31 •
CVSS: 5.5EPSS: %CPEs: 9EXPL: 0CVE-2025-21816 – hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING
https://notcve.org/view.php?id=CVE-2025-21816
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING hrtimers are migrated away from the dying CPU to any online target at the CPUHP_AP_HRTIMERS_DYING stage in order not to delay bandwidth timers handling tasks involved in the CPU hotplug forward progress. However wakeups can still be performed by the outgoing CPU after CPUHP_AP_HRTIMERS_DYING. Those can result again in bandwidth timers being armed. Depending on severa... • https://git.kernel.org/stable/c/5c0930ccaad5a74d74e8b18b648c5eb21ed2fe94 •
CVSS: 7.1EPSS: %CPEs: 5EXPL: 0CVE-2025-21814 – ptp: Ensure info->enable callback is always set
https://notcve.org/view.php?id=CVE-2025-21814
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers unconditionally call the ->enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c. Instead use a dummy callback if no better was specified by the driver. In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always... • https://git.kernel.org/stable/c/d94ba80ebbea17f036cecb104398fbcd788aa742 •
CVSS: 6.6EPSS: %CPEs: 11EXPL: 0CVE-2025-21812 – ax25: rcu protect dev->ax25_ptr
https://notcve.org/view.php?id=CVE-2025-21812
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev->ax25_ptr syzbot found a lockdep issue [1]. We should remove ax25 RTNL dependency in ax25_setsockopt() This should also fix a variety of possible UAF in ax25. [1] WARNING: possible circular locking dependency detected 6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0 Not tainted ------------------------------------------------------ syz.5.1818/12806 is trying to acquire lock: ffffffff8fcb3988 (rtnl_mutex){+.+.}-{4:4}, at: ax... • https://git.kernel.org/stable/c/c433570458e49bccea5c551df628d058b3526289 •
CVSS: 7.1EPSS: %CPEs: 5EXPL: 0CVE-2025-21811 – nilfs2: protect access to buffers with no active references
https://notcve.org/view.php?id=CVE-2025-21811
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfs_lookup_dirty_data_buffers(), which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For data cache, nilfs_clear_folio_dirty() may be called asynchronously when the file system degenerates to read only, so nilfs_lookup_dirty_data_buffers() still has the potential to cause use after free issues whe... • https://git.kernel.org/stable/c/8c26c4e2694a163d525976e804d81cd955bbb40c •
CVSS: 5.5EPSS: %CPEs: 5EXPL: 0CVE-2025-21806 – net: let net.core.dev_weight always be non-zero
https://notcve.org/view.php?id=CVE-2025-21806
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget of 0. ------------[ cut here ]------------ list_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \ next=ffff88905f746e40. WARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \ __list_add_valid_or_report+0xf3/0x130 CPU: 18 UID:... • https://git.kernel.org/stable/c/e3876605450979fe52a1a03e7eb78a89bf59e76a •