5.5
CVE-2025-37977 - scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set If dma-coherent property isn't set then descriptors are non-cacheable and the iocc shareability bits should be disabled. Without this UFS can end up in an incompaβ¦
5.5
CVE-2025-37986 - usb: typec: class: Invalidate USB device pointers on partner unregistration
In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Invalidate USB device pointers on partner unregistration To avoid using invalid USB device pointers after a Type-C partner disconnects, this patch clears the pointers upon partner unregistration. This ensures aβ¦
5.5
CVE-2025-37905 - firmware: arm_scmi: Balance device refcount when destroying devices
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Balance device refcount when destroying devices Using device_find_child() to lookup the proper SCMI device to destroy causes an unbalance in device refcount, since device_find_child() calls an implicit get_devβ¦
5.5
CVE-2025-37904 - btrfs: fix the inode leak in btrfs_iget()
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix the inode leak in btrfs_iget() [BUG] There is a bug report that a syzbot reproducer can lead to the following busy inode at unmount time: BTRFS info (device loop1): last unmount of filesystem 1680000e-3c1e-4c46-84b6β¦
7.8
CVE-2025-37981 - scsi: smartpqi: Use is_kdump_kernel() to check for kdump
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Use is_kdump_kernel() to check for kdump The smartpqi driver checks the reset_devices variable to determine whether special adjustments need to be made for kdump. This has the effect that after a regular kexec rebβ¦
7.1
CVE-2025-37973 - wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation Currently during the multi-link element defragmentation process, the multi-link element length added to the total IEs length when calculating the β¦
5.5
CVE-2025-37971 - staging: bcm2835-camera: Initialise dev in v4l2_dev
In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2_dev Commit 42a2f6664e18 ("staging: vc04_services: Move global g_state to vchiq_state") changed mmal_init to pass dev->v4l2_dev.dev to vchiq_mmal_init, however nothing iniitialised dβ¦
5.5
CVE-2025-37965 - drm/amd/display: Fix invalid context error in dml helper
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix invalid context error in dml helper [Why] "BUG: sleeping function called from invalid context" error. after: "drm/amd/display: Protect FPU in dml2_validate()/dml21_validate()" The populate_dml_plane_cfg_fromβ¦
5.5
CVE-2025-37956 - ksmbd: prevent rename with empty string
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from d_alloc. This patch return the error when attempting to rename a file or directory with an empty new nβ¦
5.5
CVE-2025-37955 - virtio-net: free xsk_buffs on error in virtnet_xsk_pool_enable()
In the Linux kernel, the following vulnerability has been resolved: virtio-net: free xsk_buffs on error in virtnet_xsk_pool_enable() The selftests added to our CI by Bui Quang Minh recently reveals that there is a mem leak on the error path of virtnet_xsk_pool_enable(): unreferenced object 0xfffβ¦