0.0
CVE-2025-68257 - comedi: check device's attached status in compat ioctls
In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue [1] that crashes kernel, seemingly due to unexistent callback dev->get_valid_routes(). By all means, this should not occur as said callback must aβ¦
0.0
CVE-2025-68230 - drm/amdgpu: fix gpu page fault after hibernation on PF passthrough
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gpu page fault after hibernation on PF passthrough On PF passthrough environment, after hibernate and then resume, coralgemm will cause gpu page fault. Mode1 reset happens during hibernate, but partition mode is β¦
0.0
CVE-2025-68254 - staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates (ESR) IE handling in OnBeacon accessed *(p + 1 + ielen) and *(p + 2 + ielen) without verifying that these offsets lie within the rβ¦
7.0
CVE-2025-68185 - nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing
In the Linux kernel, the following vulnerability has been resolved: nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won'tβ¦
5.5
CVE-2025-68173 - ftrace: Fix softlockup in ftrace_module_enable
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix softlockup in ftrace_module_enable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls to kallsyms_lookup can spend too much time in RCU critical section β¦
0.0
CVE-2025-68255 - staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy() length when copying into a fixed-size 16-byte stackβ¦
5.5
CVE-2025-40351 - hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat()
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() The syzbot reported issue in hfsplus_delete_cat(): [ 70.682285][ T9333] ===================================================== [ 70.682943][ T9333] BUG: KMSAN: uniβ¦
0.0
CVE-2025-68202 - sched_ext: Fix unsafe locking in the scx_dump_state()
In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix unsafe locking in the scx_dump_state() For built with CONFIG_PREEMPT_RT=y kernels, the dump_lock will be converted sleepable spinlock and not disable-irq, so the following scenarios occur: inconsistent {IN-HARDIRQβ¦
5.5
CVE-2025-68295 - smb: client: fix memory leak in cifs_construct_tcon()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifs_construct_tcon() When having a multiuser mount with domain= specified and using cifscreds, cifs_set_cifscreds() will end up setting @ctx->domainname, so it needs to be freed before leaving cifβ¦
5.5
CVE-2025-68226 - smb: client: fix incomplete backport in cfids_invalidation_worker()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfids_invalidation_worker() The previous commit bdb596ceb4b7 ("smb: client: fix potential UAF in smb2_close_cached_fid()") was an incomplete backport and missed one kref_put() call in cfidsβ¦