5.5
CVE-2025-21790 - vxlan: check vxlan_vnigroup_init() return value
In the Linux kernel, the following vulnerability has been resolved: vxlan: check vxlan_vnigroup_init() return value vxlan_init() must check vxlan_vnigroup_init() success otherwise a crash happens later, spotted by syzbot. Oops: general protection fault, probably for non-canonical address 0xdffffβ¦
5.5
CVE-2025-21784 - drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() In function psp_init_cap_microcode(), it should bail out when failed to load firmware, otherwise it may cause invalid memory access.
7.1
CVE-2024-58015 - wifi: ath12k: Fix for out-of bound access error
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory eβ¦
7.8
CVE-2025-21722 - nilfs2: do not force clear folio if buffer is referenced
In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not force clear folio if buffer is referenced Patch series "nilfs2: protect busy buffer heads from being force-cleared". This series fixes the buffer head state inconsistency issues reported by syzbot that occurs whenβ¦
7.8
CVE-2024-54456 - NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() name is char[64] where the size of clnt->cl_program->name remains unknown. Invoking strcat() directly will also lead to potential buffer overflow. Change them to stβ¦
7.1
CVE-2024-58014 - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN() instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access. Compile tested onlβ¦
5.5
CVE-2025-21771 - sched_ext: Fix incorrect autogroup migration detection
In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix incorrect autogroup migration detection scx_move_task() is called from sched_move_task() and tells the BPF scheduler that cgroup migration is being committed. sched_move_task() is used by both cgroup and autogroup β¦
7.8
CVE-2025-21772 - partitions: mac: fix handling of bogus partition table
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeeded. - If the partitβ¦
5.5
CVE-2024-57973 - rdma/cxgb4: Prevent potential integer overflow on 32bit
In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The "gl->tot_len" variable is controlled by the user. It comes from process_responses(). On 32bit systems, the "gl->tot_len + sizeof(struct cpl_pass_accept_req) + sizeof(sβ¦
5.5
CVE-2025-21779 - KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SEND_IPI and SEND_IPI_EX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject sβ¦