CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2025-40021 – tracing: dynevent: Add a missing lockdown check on dynevent
https://notcve.org/view.php?id=CVE-2025-40021
24 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamic_events interface on tracefs is compatible with kprobe_events and uprobe_events, it should also check the lockdown status and reject if it is set. In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamic_events interface on tracefs is compatible with kprobe_events and uprobe_events, it... • https://git.kernel.org/stable/c/17911ff38aa58d3c95c07589dbf5d3564c4cf3c5 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2025-40020 – can: peak_usb: fix shift-out-of-bounds issue
https://notcve.org/view.php?id=CVE-2025-40020
24 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 (which is the case for PC CAN FD interfaces supported by this driver). [mkl: update subject, apply manually] In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 (whic... • https://git.kernel.org/stable/c/bb4785551f64e18b2c8bb15a3bd2b22f5ebf624d •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2025-40019 – crypto: essiv - Check ssize for decryption and in-place encryption
https://notcve.org/view.php?id=CVE-2025-40019
24 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption. In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption. • https://git.kernel.org/stable/c/be1eb7f78aa8fbe34779c56c266ccd0364604e71 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-40018 – ipvs: Defer ip_vs_ftp unregister during netns cleanup
https://notcve.org/view.php?id=CVE-2025-40018
24 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_modul... • https://git.kernel.org/stable/c/61b1ab4583e275af216c8454b9256de680499b19 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53733 – net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode
https://notcve.org/view.php?id=CVE-2023-53733
24 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode When u32_replace_hw_knode fails, we need to undo the tcf_bind_filter operation done at u32_set_parms. In the Linux kernel, the following vulnerability has been resolved: net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode When u32_replace_hw_knode fails, we need to undo the tcf_bind_filter operation done at u32_set_parms. • https://git.kernel.org/stable/c/d34e3e181395192d6d1f50dd97bd7854e04e33a4 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53732 – fs/ntfs3: Fix NULL dereference in ni_write_inode
https://notcve.org/view.php?id=CVE-2023-53732
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix NULL dereference in ni_write_inode Syzbot reports a NULL dereference in ni_write_inode. When creating a new inode, if allocation fails in mi_init function (called in mi_format_new function), mi->mrec is set to NULL. In the error path of this inode creation, mi->mrec is later dereferenced in ni_write_inode. Add a NULL check to prevent NULL dereference. In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3... • https://git.kernel.org/stable/c/d4b74482529516477cf7b12502538e51827c699f •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-53731 – netlink: fix potential deadlock in netlink_set_err()
https://notcve.org/view.php?id=CVE-2023-53731
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: netlink: fix potential deadlock in netlink_set_err() syzbot reported a possible deadlock in netlink_set_err() [1] A similar issue was fixed in commit 1d482e666b8e ("netlink: disable IRQs for netlink_lock_table()") in netlink_lock_table() This patch adds IRQ safety to netlink_set_err() and __netlink_diag_dump() which were not covered by cited commit. [1] WARNING: possible irq lock inversion dependency detected 6.4.0-rc6-syzkaller-00240-g4e9f... • https://git.kernel.org/stable/c/82b2ea5f904b3826934df4a00f3b8806272185f6 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53730 – blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
https://notcve.org/view.php?id=CVE-2023-53730
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost adjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabled when unlock. DEADLOCK might happen if we have held other locks and disabled IRQ before invoking it. Fix it by using spin_lock_irqsave() instead, which can keep IRQ state consistent with before when unlock. ================================ WARNING: inconsistent lock state 5.10.0-02758-g8e5f91fd772f #26 Not ... • https://git.kernel.org/stable/c/b0853ab4a238c54b8f97ca7dde1ae156e2bbd5e4 •
CVSS: 9.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53729 – soc: qcom: qmi_encdec: Restrict string length in decode
https://notcve.org/view.php?id=CVE-2023-53729
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmi_encdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAX_LEN + 1. If a string is actually MAX_LEN + 1 length, this will cause an out of bounds access when the NULL character is appended in decoding. In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmi_encdec: Restrict string length in decode The QMI... • https://git.kernel.org/stable/c/9b8a11e82615274d4133aab3cf5aa1c59191f0a2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53728 – posix-timers: Ensure timer ID search-loop limit is valid
https://notcve.org/view.php?id=CVE-2023-53728
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posix_timer_add() tries to allocate a posix timer ID by starting from the cached ID which was stored by the last successful allocation. This is done in a loop searching the ID space for a free slot one by one. The loop has to terminate when the search wrapped around to the starting point. But that's racy vs. establishing the starting point. That is read out lockless, which leads to th... • https://git.kernel.org/stable/c/8dc52c200b889bc1cb34288fbf623d4ff381d2ae •