7.0
CVE-2025-40157 - EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller
In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nm_edac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in drivers/edac/skx_commβ¦
5.5
CVE-2025-40143 - bpf: dont report verifier bug for missing bpf_scc_visit on speculative path
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpf_scc_visit on speculative path Syzbot generated a program that triggers a verifier_bug() call in maybe_exit_scc(). maybe_exit_scc() assumes that, when called for a state with insn_idx β¦
7.0
CVE-2025-40140 - net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast
In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast syzbot reported WARNING in rtl8150_start_xmit/usb_submit_urb. This is the sequence of events that leads to the warning: rtl8150_start_xmit() { netif_stop_queβ¦
5.5
CVE-2025-40136 - crypto: hisilicon/qm - request reserved interrupt for virtual function
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - request reserved interrupt for virtual function The device interrupt vector 3 is an error interrupt for physical function and a reserved interrupt for virtual function. However, the driver has not registereβ¦
7.0
CVE-2025-40132 - ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback In create_sdw_dailink() check that sof_end->codec_info->add_sidecar is not NULL before calling it. The original code assumed that if include_sidecar is true, the coβ¦
5.5
CVE-2025-40131 - wifi: ath12k: Fix peer lookup in ath12k_dp_mon_rx_deliver_msdu()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix peer lookup in ath12k_dp_mon_rx_deliver_msdu() In ath12k_dp_mon_rx_deliver_msdu(), peer lookup fails because rxcb->peer_id is not updated with a valid value. This is expected in monitor mode, where RX frames bypβ¦
7.0
CVE-2025-40129 - sunrpc: fix null pointer dereference on zero-length checksum
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix null pointer dereference on zero-length checksum In xdr_stream_decode_opaque_auth(), zero-length checksum.len causes checksum.data to be set to NULL. This triggers a NPD when accessing checksum.data in gss_krb5_verifyβ¦
5.5
CVE-2025-40124 - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III Anthony Yznaga tracked down that a BUG_ON in ext4 code with large folios enabled resulted from copy_from_user() returning impossibly large values gβ¦
7.0
CVE-2025-40121 - ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver just ignores and leaves as is, which may lead to unepxected results like OOB access. Thisβ¦
7.0
CVE-2025-40119 - ext4: fix potential null deref in ext4_mb_init()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4_mb_init() In ext4_mb_init(), ext4_mb_avg_fragment_size_destroy() may be called when sbi->s_mb_avg_fragment_size remains uninitialized (e.g., if groupinfo slab cache allocation fails). Since β¦