5.5
CVE-2025-40143 - bpf: dont report verifier bug for missing bpf_scc_visit on speculative path
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpf_scc_visit on speculative path Syzbot generated a program that triggers a verifier_bug() call in maybe_exit_scc(). maybe_exit_scc() assumes that, when called for a state with insn_idx β¦
5.5
CVE-2025-40136 - crypto: hisilicon/qm - request reserved interrupt for virtual function
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - request reserved interrupt for virtual function The device interrupt vector 3 is an error interrupt for physical function and a reserved interrupt for virtual function. However, the driver has not registereβ¦
7.0
CVE-2025-40132 - ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback In create_sdw_dailink() check that sof_end->codec_info->add_sidecar is not NULL before calling it. The original code assumed that if include_sidecar is true, the coβ¦
5.5
CVE-2025-40131 - wifi: ath12k: Fix peer lookup in ath12k_dp_mon_rx_deliver_msdu()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix peer lookup in ath12k_dp_mon_rx_deliver_msdu() In ath12k_dp_mon_rx_deliver_msdu(), peer lookup fails because rxcb->peer_id is not updated with a valid value. This is expected in monitor mode, where RX frames bypβ¦
5.5
CVE-2025-40124 - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III Anthony Yznaga tracked down that a BUG_ON in ext4 code with large folios enabled resulted from copy_from_user() returning impossibly large values gβ¦
7.0
CVE-2025-40119 - ext4: fix potential null deref in ext4_mb_init()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4_mb_init() In ext4_mb_init(), ext4_mb_avg_fragment_size_destroy() may be called when sbi->s_mb_avg_fragment_size remains uninitialized (e.g., if groupinfo slab cache allocation fails). Since β¦
7.0
CVE-2025-40113 - remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E
In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E The ADSP firmware on X1E has separate firmware binaries for the main firmware and the DTB. The same applies for the "lite" firmware loaded by the boot firmware. When preparingβ¦
5.5
CVE-2025-40117 - misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()
In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl() Commit eefb83790a0d ("misc: pci_endpoint_test: Add doorbell test case") added NO_BAR (-1) to the pci_barno enum which, in practical terms, changes the enumβ¦
5.5
CVE-2025-40184 - KVM: arm64: Fix debug checking for np-guests using huge mappings
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIG_NVHE_EL2_DEBUG then the debug checking in assert_host_shared_guest() fails on the launch of an np-guest. This WAβ¦
9.1
CVE-2025-63289 -
Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryption_helper.dart file