7.1
CVE-2025-38320 - arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
In the Linux kernel, the following vulnerability has been resolved: arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth() KASAN reports a stack-out-of-bounds read in regs_get_kernel_stack_nth(). Call Trace: [ 97.283505] BUG: KASAN: stack-out-of-bounds in regs_get_kernel_staβ¦
5.5
CVE-2025-38278 - octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback This patch addresses below issues, 1. Active traffic on the leaf node must be stopped before its send queue is reassigned to the parent. This patch resolves the issue β¦
5.5
CVE-2025-38268 - usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work A state check was previously added to tcpm_queue_vdm_unlocked to prevent a deadlock where the DisplayPort Alt Mode driver would be executing work and attempting β¦
5.5
CVE-2025-38331 - net: ethernet: cortina: Use TOE/TSO on all TCP
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb->len to the "TOE/TSO" offloader and it will handle them. Without this quiβ¦
5.5
CVE-2025-38287 - IB/cm: Drop lockdep assert and WARN when freeing old msg
In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cm_id has advanced to another message. The cm_id lock is not needed in this case, but a recent change re-used cm_free_priv_msg(),β¦
4.7
CVE-2025-38306 - fs/fhandle.c: fix a race in call of has_locked_children()
In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks. That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem β¦
5.5
CVE-2025-38327 - fgraph: Do not enable function_graph tracer when setting funcgraph-args
In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable function_graph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never rβ¦
7.8
CVE-2025-38279 - bpf: Do not include stack ptr register in precision backtracking bookkeeping
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue ([1]) where the following warning appears in kernel dmesg: [ 60.643604] verifier backtracking bug [ 60.643635] WARNING:β¦
7.8
CVE-2025-38289 - scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk Smatch detected a potential use-after-free of an ndlp oject in dev_loss_tmo_callbk during driver unload or fatal error handling. Fix by reordering code to avβ¦
5.5
CVE-2025-38334 - x86/sgx: Prevent attempts to reclaim poisoned pages
In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Prevent attempts to reclaim poisoned pages TL;DR: SGX page reclaim touches the page to copy its contents to secondary storage. SGX instructions do not gracefully handle machine checks. Despite this, the existing SGX codeβ¦