5.5
CVE-2025-38014 - dmaengine: idxd: Refactor remove call with idxd_cleanup() helper
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper The idxd_cleanup() helper cleans up perfmon, interrupts, internals and so on. Refactor remove call with the idxd_cleanup() helper to avoid code duplication. Note, tβ¦
7.8
CVE-2025-38076 - alloc_tag: allocate percpu counters for module tags dynamically
In the Linux kernel, the following vulnerability has been resolved: alloc_tag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still in use and if so, we keep the memory containing module's allocation tags alive until all tagsβ¦
5.5
CVE-2025-38072 - libnvdimm/labels: Fix divide error in nd_label_data_init()
In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in nd_label_data_init() If a faulty CXL memory device returns a broken zero LSA size in its memory device information (Identify Memory Device (Opcode 4000h), CXL spec. 3.1, 8.2.9.9.1.1), a dividβ¦
5.5
CVE-2025-38071 - x86/mm: Check return value from memblock_phys_alloc_range()
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Check return value from memblock_phys_alloc_range() At least with CONFIG_PHYSICAL_START=0x100000, if there is < 4 MiB of contiguous free memory available at this point, the kernel will crash and burn because memblock_physβ¦
7.8
CVE-2025-38069 - PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops Fix a kernel oops found while testing the stm32_pcie Endpoint driver with handling of PERST# deassertion: During EP initialization, pci_epf_test_alloc_spaceβ¦
5.5
CVE-2025-38058 - __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock
In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock ... or we risk stealing final mntput from sync umount - raising mnt_count after umount(2) has verified that victim is not busy, but before it has set MNT_SYβ¦
7.8
CVE-2022-50151 - usb: cdns3: fix random warning message when driver load
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: [ 4.141392] Unexpected gfp: 0x4 (GFP_DMA32). Fixing up to gfp: 0xa20 (GFP_ATOMIC). Fix your code! [ 4.150340] CPU: 1 PID: 175 Comm: 1-0050 Not tainted 5.1β¦
5.5
CVE-2025-38023 - nfs: handle failure of nfs_get_lock_context in unlock path
In the Linux kernel, the following vulnerability has been resolved: nfs: handle failure of nfs_get_lock_context in unlock path When memory is insufficient, the allocation of nfs_lock_context in nfs_get_lock_context() fails and returns -ENOMEM. If we mistakenly treat an nfs4_unlockdata structure (β¦
5.5
CVE-2022-49944 - Revert "usb: typec: ucsi: add a common function ucsi_unregister_connectors()"
In the Linux kernel, the following vulnerability has been resolved: Revert "usb: typec: ucsi: add a common function ucsi_unregister_connectors()" The recent commit 87d0e2f41b8c ("usb: typec: ucsi: add a common function ucsi_unregister_connectors()") introduced a regression that caused NULL derefeβ¦
7.1
CVE-2022-49945 - hwmon: (gpio-fan) Fix array out of bounds access
In the Linux kernel, the following vulnerability has been resolved: hwmon: (gpio-fan) Fix array out of bounds access The driver does not check if the cooling state passed to gpio_fan_set_cur_state() exceeds the maximum cooling state as stored in fan_data->num_speeds. Since the cooling state is laβ¦