5.5
CVE-2025-38390 - firmware: arm_ffa: Fix memory leak by freeing notifier callback node
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf ("firmware: arm_ffa: Add interfaces to request notification callbacks") adds support for notifier callbacks by allocating and inserting a caโฆ
7.8
CVE-2025-38389 - drm/i915/gt: Fix timeline left held on VMA alloc error
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix timeline left held on VMA alloc error The following error has been reported sporadically by CI when a test unbinds the i915 driver on a ring submission platform: <4> [239.330153] ------------[ cut here ]--------โฆ
5.5
CVE-2025-38374 - optee: ffa: fix sleep in atomic context
In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notif_callback() for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronโฆ
7.8
CVE-2025-38369 - dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proceโฆ
5.5
CVE-2025-38368 - misc: tps6594-pfsm: Add NULL pointer check in tps6594_pfsm_probe()
In the Linux kernel, the following vulnerability has been resolved: misc: tps6594-pfsm: Add NULL pointer check in tps6594_pfsm_probe() The returned value, pfsm->miscdev.name, from devm_kasprintf() could be NULL. A pointer check is added to prevent potential NULL pointer dereference. This is similโฆ
5.5
CVE-2025-38363 - drm/tegra: Fix a possible null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix a possible null pointer dereference In tegra_crtc_reset(), new memory is allocated with kzalloc(), but no check is performed. Before calling __drm_atomic_helper_crtc_reset, state should be checked to prevent possibโฆ
5.5
CVE-2025-38362 - drm/amd/display: Add null pointer check for get_first_active_display()
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for get_first_active_display() The function mod_hdcp_hdcp1_enable_encryption() calls the function get_first_active_display(), but does not check its return value. The return value is a nullโฆ
7.8
CVE-2025-38361 - drm/amd/display: Check dce_hwseq before dereferencing it
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dce_hwseq before dereferencing it [WHAT] hws was checked for null earlier in dce110_blank_stream, indicating hws can be null, and should be checked whenever it is used. (cherry picked from commit 79db4361โฆ
5.5
CVE-2025-38360 - drm/amd/display: Add more checks for DSC / HUBP ONO guarantees
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees [WHY] For non-zero DSC instances it's possible that the HUBP domain required to drive it for sequential ONO ASICs isn't met, potentially causing the logic to the tileโฆ
5.5
CVE-2025-38353 - drm/xe: Fix taking invalid lock on wedge
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabled and the state is not even initialized. Protect the wedge call so it does nothing in this case. It fixes the followingโฆ