Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0743
Vulnerability from certfr_avis - Published: 2025-08-29 - Updated: 2025-08-29
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
}
],
"initial_release_date": "2025-08-29T00:00:00",
"last_revision_date": "2025-08-29T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0743",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-08-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7711-1",
"url": "https://ubuntu.com/security/notices/USN-7711-1"
},
{
"published_at": "2025-08-26",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7719-1",
"url": "https://ubuntu.com/security/notices/USN-7719-1"
},
{
"published_at": "2025-08-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7712-1",
"url": "https://ubuntu.com/security/notices/USN-7712-1"
}
]
}
CVE-2025-37862 (GCVE-0-2025-37862)
Vulnerability from cvelistv5 – Published: 2025-05-09 06:42 – Updated: 2026-05-11 21:16
VLAI
EPSS
Title
HID: pidff: Fix null pointer dereference in pidff_find_fields
Summary
In the Linux kernel, the following vulnerability has been resolved:
HID: pidff: Fix null pointer dereference in pidff_find_fields
This function triggered a null pointer dereference if used to search for
a report that isn't implemented on the device. This happened both for
optional and required reports alike.
The same logic was applied to pidff_find_special_field and although
pidff_init_fields should return an error earlier if one of the required
reports is missing, future modifications could change this logic and
resurface this possible null pointer dereference again.
LKML bug report:
https://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com
Severity
No CVSS data available.
Assigner
References
11 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
224ee88fe39564358ec99b46bf3ee6e6999ae17d , < 44a1b8b2027afbb37e418993fb23561bdb9efb38
(git)
Affected: 224ee88fe39564358ec99b46bf3ee6e6999ae17d , < d230becb9d38b7325c5c38d051693e4c26b1829b (git) Affected: 224ee88fe39564358ec99b46bf3ee6e6999ae17d , < 6b4449e4f03326fbd2136e67bfcc1e6ffe61541d (git) Affected: 224ee88fe39564358ec99b46bf3ee6e6999ae17d , < ddb147885225d768025f6818df533d30edf3e102 (git) Affected: 224ee88fe39564358ec99b46bf3ee6e6999ae17d , < be706a48bb7896d4130edc82811233d1d62158e7 (git) Affected: 224ee88fe39564358ec99b46bf3ee6e6999ae17d , < f8f4d77710e1c38f4a2bd26c88c4878b5b5e817a (git) Affected: 224ee88fe39564358ec99b46bf3ee6e6999ae17d , < 3a507184f9307e19cb441b897c49e7843c94e56b (git) Affected: 224ee88fe39564358ec99b46bf3ee6e6999ae17d , < e368698da79af821f18c099520deab1219c2044b (git) Affected: 224ee88fe39564358ec99b46bf3ee6e6999ae17d , < 22a05462c3d0eee15154faf8d13c49e6295270a5 (git) |
|
| Linux | Linux |
Affected:
2.6.19
Unaffected: 0 , < 2.6.19 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:56:41.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/hid/usbhid/hid-pidff.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "44a1b8b2027afbb37e418993fb23561bdb9efb38",
"status": "affected",
"version": "224ee88fe39564358ec99b46bf3ee6e6999ae17d",
"versionType": "git"
},
{
"lessThan": "d230becb9d38b7325c5c38d051693e4c26b1829b",
"status": "affected",
"version": "224ee88fe39564358ec99b46bf3ee6e6999ae17d",
"versionType": "git"
},
{
"lessThan": "6b4449e4f03326fbd2136e67bfcc1e6ffe61541d",
"status": "affected",
"version": "224ee88fe39564358ec99b46bf3ee6e6999ae17d",
"versionType": "git"
},
{
"lessThan": "ddb147885225d768025f6818df533d30edf3e102",
"status": "affected",
"version": "224ee88fe39564358ec99b46bf3ee6e6999ae17d",
"versionType": "git"
},
{
"lessThan": "be706a48bb7896d4130edc82811233d1d62158e7",
"status": "affected",
"version": "224ee88fe39564358ec99b46bf3ee6e6999ae17d",
"versionType": "git"
},
{
"lessThan": "f8f4d77710e1c38f4a2bd26c88c4878b5b5e817a",
"status": "affected",
"version": "224ee88fe39564358ec99b46bf3ee6e6999ae17d",
"versionType": "git"
},
{
"lessThan": "3a507184f9307e19cb441b897c49e7843c94e56b",
"status": "affected",
"version": "224ee88fe39564358ec99b46bf3ee6e6999ae17d",
"versionType": "git"
},
{
"lessThan": "e368698da79af821f18c099520deab1219c2044b",
"status": "affected",
"version": "224ee88fe39564358ec99b46bf3ee6e6999ae17d",
"versionType": "git"
},
{
"lessThan": "22a05462c3d0eee15154faf8d13c49e6295270a5",
"status": "affected",
"version": "224ee88fe39564358ec99b46bf3ee6e6999ae17d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/hid/usbhid/hid-pidff.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.19"
},
{
"lessThan": "2.6.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.293",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.237",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.135",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.88",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.24",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.293",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.237",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.135",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.88",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.24",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.12",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.3",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "2.6.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Fix null pointer dereference in pidff_find_fields\n\nThis function triggered a null pointer dereference if used to search for\na report that isn\u0027t implemented on the device. This happened both for\noptional and required reports alike.\n\nThe same logic was applied to pidff_find_special_field and although\npidff_init_fields should return an error earlier if one of the required\nreports is missing, future modifications could change this logic and\nresurface this possible null pointer dereference again.\n\nLKML bug report:\nhttps://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:16:32.976Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/44a1b8b2027afbb37e418993fb23561bdb9efb38"
},
{
"url": "https://git.kernel.org/stable/c/d230becb9d38b7325c5c38d051693e4c26b1829b"
},
{
"url": "https://git.kernel.org/stable/c/6b4449e4f03326fbd2136e67bfcc1e6ffe61541d"
},
{
"url": "https://git.kernel.org/stable/c/ddb147885225d768025f6818df533d30edf3e102"
},
{
"url": "https://git.kernel.org/stable/c/be706a48bb7896d4130edc82811233d1d62158e7"
},
{
"url": "https://git.kernel.org/stable/c/f8f4d77710e1c38f4a2bd26c88c4878b5b5e817a"
},
{
"url": "https://git.kernel.org/stable/c/3a507184f9307e19cb441b897c49e7843c94e56b"
},
{
"url": "https://git.kernel.org/stable/c/e368698da79af821f18c099520deab1219c2044b"
},
{
"url": "https://git.kernel.org/stable/c/22a05462c3d0eee15154faf8d13c49e6295270a5"
}
],
"title": "HID: pidff: Fix null pointer dereference in pidff_find_fields",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37862",
"datePublished": "2025-05-09T06:42:07.941Z",
"dateReserved": "2025-04-16T04:51:23.958Z",
"dateUpdated": "2026-05-11T21:16:32.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37867 (GCVE-0-2025-37867)
Vulnerability from cvelistv5 – Published: 2025-05-09 06:43 – Updated: 2026-05-11 21:16
VLAI
EPSS
Title
RDMA/core: Silence oversized kvmalloc() warning
Summary
In the Linux kernel, the following vulnerability has been resolved:
RDMA/core: Silence oversized kvmalloc() warning
syzkaller triggered an oversized kvmalloc() warning.
Silence it by adding __GFP_NOWARN.
syzkaller log:
WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180
CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014
RIP: 0010:__kvmalloc_node_noprof+0x175/0x180
RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246
RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b
RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002
RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000
R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000
R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000
FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
ib_umem_odp_get+0x1f6/0x390
mlx5_ib_reg_user_mr+0x1e8/0x450
ib_uverbs_reg_mr+0x28b/0x440
ib_uverbs_write+0x7d3/0xa30
vfs_write+0x1ac/0x6c0
ksys_write+0x134/0x170
? __sanitizer_cov_trace_pc+0x1c/0x50
do_syscall_64+0x50/0x110
entry_SYSCALL_64_after_hwframe+0x76/0x7e
Severity
No CVSS data available.
Assigner
References
9 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e , < f94ac90ce7bd6f9266ad0d99044ed86e8d1416c1
(git)
Affected: 37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e , < 791daf8240cedf27af8794038ae1d32ef643bce6 (git) Affected: 37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e , < 6c588e9afbab240c921f936cb676dac72e2e2b66 (git) Affected: 37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e , < ae470d06320dea4002d441784d691f0a26b4322d (git) Affected: 37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e , < 0d81bb58a203ad5f4044dc18cfbc230c194f650a (git) Affected: 37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e , < f476eba25fdf70faa7b19a3e0fb00e65c5b53106 (git) Affected: 37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e , < 9a0e6f15029e1a8a21e40f06fd05aa52b7f063de (git) |
|
| Linux | Linux |
Affected:
5.4
Unaffected: 0 , < 5.4 (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.25 , ≤ 6.12.* (semver) Unaffected: 6.14.4 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:56:45.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/core/umem_odp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f94ac90ce7bd6f9266ad0d99044ed86e8d1416c1",
"status": "affected",
"version": "37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e",
"versionType": "git"
},
{
"lessThan": "791daf8240cedf27af8794038ae1d32ef643bce6",
"status": "affected",
"version": "37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e",
"versionType": "git"
},
{
"lessThan": "6c588e9afbab240c921f936cb676dac72e2e2b66",
"status": "affected",
"version": "37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e",
"versionType": "git"
},
{
"lessThan": "ae470d06320dea4002d441784d691f0a26b4322d",
"status": "affected",
"version": "37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e",
"versionType": "git"
},
{
"lessThan": "0d81bb58a203ad5f4044dc18cfbc230c194f650a",
"status": "affected",
"version": "37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e",
"versionType": "git"
},
{
"lessThan": "f476eba25fdf70faa7b19a3e0fb00e65c5b53106",
"status": "affected",
"version": "37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e",
"versionType": "git"
},
{
"lessThan": "9a0e6f15029e1a8a21e40f06fd05aa52b7f063de",
"status": "affected",
"version": "37824952dc8fcd96e5c5a1ce9abf3f0ba09b1e5e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/core/umem_odp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.4"
},
{
"lessThan": "5.4",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.237",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.135",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.88",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.25",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.237",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.135",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.88",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.25",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.4",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:16:38.667Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f94ac90ce7bd6f9266ad0d99044ed86e8d1416c1"
},
{
"url": "https://git.kernel.org/stable/c/791daf8240cedf27af8794038ae1d32ef643bce6"
},
{
"url": "https://git.kernel.org/stable/c/6c588e9afbab240c921f936cb676dac72e2e2b66"
},
{
"url": "https://git.kernel.org/stable/c/ae470d06320dea4002d441784d691f0a26b4322d"
},
{
"url": "https://git.kernel.org/stable/c/0d81bb58a203ad5f4044dc18cfbc230c194f650a"
},
{
"url": "https://git.kernel.org/stable/c/f476eba25fdf70faa7b19a3e0fb00e65c5b53106"
},
{
"url": "https://git.kernel.org/stable/c/9a0e6f15029e1a8a21e40f06fd05aa52b7f063de"
}
],
"title": "RDMA/core: Silence oversized kvmalloc() warning",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37867",
"datePublished": "2025-05-09T06:43:56.749Z",
"dateReserved": "2025-04-16T04:51:23.959Z",
"dateUpdated": "2026-05-11T21:16:38.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37871 (GCVE-0-2025-37871)
Vulnerability from cvelistv5 – Published: 2025-05-09 06:43 – Updated: 2026-05-23 15:58
VLAI
EPSS
Title
nfsd: decrease sc_count directly if fail to queue dl_recall
Summary
In the Linux kernel, the following vulnerability has been resolved:
nfsd: decrease sc_count directly if fail to queue dl_recall
A deadlock warning occurred when invoking nfs4_put_stid following a failed
dl_recall queue operation:
T1 T2
nfs4_laundromat
nfs4_get_client_reaplist
nfs4_anylock_blockers
__break_lease
spin_lock // ctx->flc_lock
spin_lock // clp->cl_lock
nfs4_lockowner_has_blockers
locks_owner_has_blockers
spin_lock // flctx->flc_lock
nfsd_break_deleg_cb
nfsd_break_one_deleg
nfs4_put_stid
refcount_dec_and_lock
spin_lock // clp->cl_lock
When a file is opened, an nfs4_delegation is allocated with sc_count
initialized to 1, and the file_lease holds a reference to the delegation.
The file_lease is then associated with the file through kernel_setlease.
The disassociation is performed in nfsd4_delegreturn via the following
call chain:
nfsd4_delegreturn --> destroy_delegation --> destroy_unhashed_deleg -->
nfs4_unlock_deleg_lease --> kernel_setlease --> generic_delete_lease
The corresponding sc_count reference will be released after this
disassociation.
Since nfsd_break_one_deleg executes while holding the flc_lock, the
disassociation process becomes blocked when attempting to acquire flc_lock
in generic_delete_lease. This means:
1) sc_count in nfsd_break_one_deleg will not be decremented to 0;
2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to
acquire cl_lock;
3) Consequently, no deadlock condition is created.
Given that sc_count in nfsd_break_one_deleg remains non-zero, we can
safely perform refcount_dec on sc_count directly. This approach
effectively avoids triggering deadlock warnings.
Severity
No CVSS data available.
Assigner
References
9 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
b874cdef4e67e5150e07eff0eae1cbb21fb92da1 , < b9bbe8f9d5663311d06667ce36d6ed255ead1a26
(git)
Affected: cdb796137c57e68ca34518d53be53b679351eb86 , < a70832d3555987035fc430ccd703acd89393eadb (git) Affected: d96587cc93ec369031bcd7658c6adc719873c9fd , < ba903539fff745d592d893c71b30e5e268a95413 (git) Affected: 9a81cde8c7ce65dd90fb47ceea93a45fc1a2fbd1 , < 7d192e27a431026c58d60edf66dc6cd98d0c01fc (git) Affected: cad3479b63661a399c9df1d0b759e1806e2df3c8 , < a7fce086f6ca84db409b9d58493ea77c1978897c (git) Affected: 133f5e2a37ce08c82d24e8fba65e0a81deae4609 , < 14985d66b9b99c12995dd99d1c6c8dec4114c2a5 (git) Affected: 230ca758453c63bd38e4d9f4a21db698f7abada8 , < a1d14d931bf700c1025db8c46d6731aa5cf440f9 (git) Affected: 63b91c8ff4589f5263873b24c052447a28e10ef7 (git) Affected: 6.13.11 , < 6.14 (semver) |
|
| Linux | Linux |
Affected:
5.10.236 , < 5.10.237
(semver)
Affected: 5.15.180 , < 5.15.181 (semver) Affected: 6.1.134 , < 6.1.135 (semver) Affected: 6.6.87 , < 6.6.88 (semver) Affected: 6.12.23 , < 6.12.25 (semver) Affected: 6.14.2 , < 6.14.4 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:56:48.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/nfsd/nfs4state.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b9bbe8f9d5663311d06667ce36d6ed255ead1a26",
"status": "affected",
"version": "b874cdef4e67e5150e07eff0eae1cbb21fb92da1",
"versionType": "git"
},
{
"lessThan": "a70832d3555987035fc430ccd703acd89393eadb",
"status": "affected",
"version": "cdb796137c57e68ca34518d53be53b679351eb86",
"versionType": "git"
},
{
"lessThan": "ba903539fff745d592d893c71b30e5e268a95413",
"status": "affected",
"version": "d96587cc93ec369031bcd7658c6adc719873c9fd",
"versionType": "git"
},
{
"lessThan": "7d192e27a431026c58d60edf66dc6cd98d0c01fc",
"status": "affected",
"version": "9a81cde8c7ce65dd90fb47ceea93a45fc1a2fbd1",
"versionType": "git"
},
{
"lessThan": "a7fce086f6ca84db409b9d58493ea77c1978897c",
"status": "affected",
"version": "cad3479b63661a399c9df1d0b759e1806e2df3c8",
"versionType": "git"
},
{
"lessThan": "14985d66b9b99c12995dd99d1c6c8dec4114c2a5",
"status": "affected",
"version": "133f5e2a37ce08c82d24e8fba65e0a81deae4609",
"versionType": "git"
},
{
"lessThan": "a1d14d931bf700c1025db8c46d6731aa5cf440f9",
"status": "affected",
"version": "230ca758453c63bd38e4d9f4a21db698f7abada8",
"versionType": "git"
},
{
"status": "affected",
"version": "63b91c8ff4589f5263873b24c052447a28e10ef7",
"versionType": "git"
},
{
"lessThan": "6.14",
"status": "affected",
"version": "6.13.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/nfsd/nfs4state.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5.10.237",
"status": "affected",
"version": "5.10.236",
"versionType": "semver"
},
{
"lessThan": "5.15.181",
"status": "affected",
"version": "5.15.180",
"versionType": "semver"
},
{
"lessThan": "6.1.135",
"status": "affected",
"version": "6.1.134",
"versionType": "semver"
},
{
"lessThan": "6.6.88",
"status": "affected",
"version": "6.6.87",
"versionType": "semver"
},
{
"lessThan": "6.12.25",
"status": "affected",
"version": "6.12.23",
"versionType": "semver"
},
{
"lessThan": "6.14.4",
"status": "affected",
"version": "6.14.2",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.237",
"versionStartIncluding": "5.10.236",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "5.15.180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.135",
"versionStartIncluding": "6.1.134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.88",
"versionStartIncluding": "6.6.87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.25",
"versionStartIncluding": "6.12.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.4",
"versionStartIncluding": "6.14.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.13.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:58:29.441Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b9bbe8f9d5663311d06667ce36d6ed255ead1a26"
},
{
"url": "https://git.kernel.org/stable/c/a70832d3555987035fc430ccd703acd89393eadb"
},
{
"url": "https://git.kernel.org/stable/c/ba903539fff745d592d893c71b30e5e268a95413"
},
{
"url": "https://git.kernel.org/stable/c/7d192e27a431026c58d60edf66dc6cd98d0c01fc"
},
{
"url": "https://git.kernel.org/stable/c/a7fce086f6ca84db409b9d58493ea77c1978897c"
},
{
"url": "https://git.kernel.org/stable/c/14985d66b9b99c12995dd99d1c6c8dec4114c2a5"
},
{
"url": "https://git.kernel.org/stable/c/a1d14d931bf700c1025db8c46d6731aa5cf440f9"
}
],
"title": "nfsd: decrease sc_count directly if fail to queue dl_recall",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37871",
"datePublished": "2025-05-09T06:43:59.720Z",
"dateReserved": "2025-04-16T04:51:23.959Z",
"dateUpdated": "2026-05-23T15:58:29.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37875 (GCVE-0-2025-37875)
Vulnerability from cvelistv5 – Published: 2025-05-09 06:44 – Updated: 2026-05-11 21:16
VLAI
EPSS
Title
igc: fix PTM cycle trigger logic
Summary
In the Linux kernel, the following vulnerability has been resolved:
igc: fix PTM cycle trigger logic
Writing to clear the PTM status 'valid' bit while the PTM cycle is
triggered results in unreliable PTM operation. To fix this, clear the
PTM 'trigger' and status after each PTM transaction.
The issue can be reproduced with the following:
$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m
Note: 1000 Hz (-R 1000) is unrealistically large, but provides a way to
quickly reproduce the issue.
PHC2SYS exits with:
"ioctl PTP_OFFSET_PRECISE: Connection timed out" when the PTM transaction
fails
This patch also fixes a hang in igc_probe() when loading the igc
driver in the kdump kernel on systems supporting PTM.
The igc driver running in the base kernel enables PTM trigger in
igc_probe(). Therefore the driver is always in PTM trigger mode,
except in brief periods when manually triggering a PTM cycle.
When a crash occurs, the NIC is reset while PTM trigger is enabled.
Due to a hardware problem, the NIC is subsequently in a bad busmaster
state and doesn't handle register reads/writes. When running
igc_probe() in the kdump kernel, the first register access to a NIC
register hangs driver probing and ultimately breaks kdump.
With this patch, igc has PTM trigger disabled most of the time,
and the trigger is only enabled for very brief (10 - 100 us) periods
when manually triggering a PTM cycle. Chances that a crash occurs
during a PTM trigger are not 0, but extremely reduced.
Severity
No CVSS data available.
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
a90ec84837325df4b9a6798c2cc0df202b5680bd , < c1f174edaccc5a00f8e218c42a0aa9156efd5f76
(git)
Affected: a90ec84837325df4b9a6798c2cc0df202b5680bd , < 0c03e4fbe1321697d9d04587e21e416705e1b19f (git) Affected: a90ec84837325df4b9a6798c2cc0df202b5680bd , < 16194ca3f3b4448a062650c869a7b3b206c6f5d3 (git) Affected: a90ec84837325df4b9a6798c2cc0df202b5680bd , < f3516229cd12dcd45f23ed01adab17e8772b1bd5 (git) Affected: a90ec84837325df4b9a6798c2cc0df202b5680bd , < 31959e06143692f7e02b8eef7d7d6ac645637906 (git) Affected: a90ec84837325df4b9a6798c2cc0df202b5680bd , < 8e404ad95d2c10c261e2ef6992c7c12dde03df0e (git) |
|
| Linux | Linux |
Affected:
5.15
Unaffected: 0 , < 5.15 (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.25 , ≤ 6.12.* (semver) Unaffected: 6.14.4 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:56:49.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/igc/igc_defines.h",
"drivers/net/ethernet/intel/igc/igc_ptp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c1f174edaccc5a00f8e218c42a0aa9156efd5f76",
"status": "affected",
"version": "a90ec84837325df4b9a6798c2cc0df202b5680bd",
"versionType": "git"
},
{
"lessThan": "0c03e4fbe1321697d9d04587e21e416705e1b19f",
"status": "affected",
"version": "a90ec84837325df4b9a6798c2cc0df202b5680bd",
"versionType": "git"
},
{
"lessThan": "16194ca3f3b4448a062650c869a7b3b206c6f5d3",
"status": "affected",
"version": "a90ec84837325df4b9a6798c2cc0df202b5680bd",
"versionType": "git"
},
{
"lessThan": "f3516229cd12dcd45f23ed01adab17e8772b1bd5",
"status": "affected",
"version": "a90ec84837325df4b9a6798c2cc0df202b5680bd",
"versionType": "git"
},
{
"lessThan": "31959e06143692f7e02b8eef7d7d6ac645637906",
"status": "affected",
"version": "a90ec84837325df4b9a6798c2cc0df202b5680bd",
"versionType": "git"
},
{
"lessThan": "8e404ad95d2c10c261e2ef6992c7c12dde03df0e",
"status": "affected",
"version": "a90ec84837325df4b9a6798c2cc0df202b5680bd",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/igc/igc_defines.h",
"drivers/net/ethernet/intel/igc/igc_ptp.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.15"
},
{
"lessThan": "5.15",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.135",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.88",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.25",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.135",
"versionStartIncluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.88",
"versionStartIncluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.25",
"versionStartIncluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.4",
"versionStartIncluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "5.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:16:48.077Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c1f174edaccc5a00f8e218c42a0aa9156efd5f76"
},
{
"url": "https://git.kernel.org/stable/c/0c03e4fbe1321697d9d04587e21e416705e1b19f"
},
{
"url": "https://git.kernel.org/stable/c/16194ca3f3b4448a062650c869a7b3b206c6f5d3"
},
{
"url": "https://git.kernel.org/stable/c/f3516229cd12dcd45f23ed01adab17e8772b1bd5"
},
{
"url": "https://git.kernel.org/stable/c/31959e06143692f7e02b8eef7d7d6ac645637906"
},
{
"url": "https://git.kernel.org/stable/c/8e404ad95d2c10c261e2ef6992c7c12dde03df0e"
}
],
"title": "igc: fix PTM cycle trigger logic",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37875",
"datePublished": "2025-05-09T06:44:03.368Z",
"dateReserved": "2025-04-16T04:51:23.960Z",
"dateUpdated": "2026-05-11T21:16:48.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37881 (GCVE-0-2025-37881)
Vulnerability from cvelistv5 – Published: 2025-05-09 06:45 – Updated: 2026-05-11 21:16
VLAI
EPSS
Title
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
Summary
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
The variable d->name, returned by devm_kasprintf(), could be NULL.
A pointer check is added to prevent potential NULL pointer dereference.
This is similar to the fix in commit 3027e7b15b02
("ice: Fix some null pointer dereference issues in ice_ptp.c").
This issue is found by our static analysis tool
Severity
No CVSS data available.
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
7ecca2a4080cb6b1fa174adc588fce9e9014c43c , < a777ccfb9ba8d43f745e41b69ba39d4a506a081e
(git)
Affected: 7ecca2a4080cb6b1fa174adc588fce9e9014c43c , < c8d4faf452a627f9b09c3a5c366133a19e5b7a28 (git) Affected: 7ecca2a4080cb6b1fa174adc588fce9e9014c43c , < d26a6093d52904cacdbb75424c323c19b443a890 (git) Affected: 7ecca2a4080cb6b1fa174adc588fce9e9014c43c , < 36d68151712e525450f0fbb3045e7110f0d9b610 (git) Affected: 7ecca2a4080cb6b1fa174adc588fce9e9014c43c , < cfa7984f69359761b07a7831c1258c0fde1e0389 (git) Affected: 7ecca2a4080cb6b1fa174adc588fce9e9014c43c , < 052fb65335befeae8500e88d69ea022266baaf6d (git) Affected: 7ecca2a4080cb6b1fa174adc588fce9e9014c43c , < 61006ca381b4d65d2b8ca695ea8da1ce18d6dee3 (git) Affected: 7ecca2a4080cb6b1fa174adc588fce9e9014c43c , < 8c75f3e6a433d92084ad4e78b029ae680865420f (git) |
|
| Linux | Linux |
Affected:
4.18
Unaffected: 0 , < 4.18 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.136 , ≤ 6.1.* (semver) Unaffected: 6.6.89 , ≤ 6.6.* (semver) Unaffected: 6.12.26 , ≤ 6.12.* (semver) Unaffected: 6.14.5 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:56:53.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/gadget/udc/aspeed-vhub/dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a777ccfb9ba8d43f745e41b69ba39d4a506a081e",
"status": "affected",
"version": "7ecca2a4080cb6b1fa174adc588fce9e9014c43c",
"versionType": "git"
},
{
"lessThan": "c8d4faf452a627f9b09c3a5c366133a19e5b7a28",
"status": "affected",
"version": "7ecca2a4080cb6b1fa174adc588fce9e9014c43c",
"versionType": "git"
},
{
"lessThan": "d26a6093d52904cacdbb75424c323c19b443a890",
"status": "affected",
"version": "7ecca2a4080cb6b1fa174adc588fce9e9014c43c",
"versionType": "git"
},
{
"lessThan": "36d68151712e525450f0fbb3045e7110f0d9b610",
"status": "affected",
"version": "7ecca2a4080cb6b1fa174adc588fce9e9014c43c",
"versionType": "git"
},
{
"lessThan": "cfa7984f69359761b07a7831c1258c0fde1e0389",
"status": "affected",
"version": "7ecca2a4080cb6b1fa174adc588fce9e9014c43c",
"versionType": "git"
},
{
"lessThan": "052fb65335befeae8500e88d69ea022266baaf6d",
"status": "affected",
"version": "7ecca2a4080cb6b1fa174adc588fce9e9014c43c",
"versionType": "git"
},
{
"lessThan": "61006ca381b4d65d2b8ca695ea8da1ce18d6dee3",
"status": "affected",
"version": "7ecca2a4080cb6b1fa174adc588fce9e9014c43c",
"versionType": "git"
},
{
"lessThan": "8c75f3e6a433d92084ad4e78b029ae680865420f",
"status": "affected",
"version": "7ecca2a4080cb6b1fa174adc588fce9e9014c43c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/usb/gadget/udc/aspeed-vhub/dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.18"
},
{
"lessThan": "4.18",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.293",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.237",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.136",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.89",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.26",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.293",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.237",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.136",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.89",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.26",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.5",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:16:55.201Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a777ccfb9ba8d43f745e41b69ba39d4a506a081e"
},
{
"url": "https://git.kernel.org/stable/c/c8d4faf452a627f9b09c3a5c366133a19e5b7a28"
},
{
"url": "https://git.kernel.org/stable/c/d26a6093d52904cacdbb75424c323c19b443a890"
},
{
"url": "https://git.kernel.org/stable/c/36d68151712e525450f0fbb3045e7110f0d9b610"
},
{
"url": "https://git.kernel.org/stable/c/cfa7984f69359761b07a7831c1258c0fde1e0389"
},
{
"url": "https://git.kernel.org/stable/c/052fb65335befeae8500e88d69ea022266baaf6d"
},
{
"url": "https://git.kernel.org/stable/c/61006ca381b4d65d2b8ca695ea8da1ce18d6dee3"
},
{
"url": "https://git.kernel.org/stable/c/8c75f3e6a433d92084ad4e78b029ae680865420f"
}
],
"title": "usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37881",
"datePublished": "2025-05-09T06:45:45.205Z",
"dateReserved": "2025-04-16T04:51:23.962Z",
"dateUpdated": "2026-05-11T21:16:55.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37883 (GCVE-0-2025-37883)
Vulnerability from cvelistv5 – Published: 2025-05-09 06:45 – Updated: 2026-05-11 21:16
VLAI
EPSS
Title
s390/sclp: Add check for get_zeroed_page()
Summary
In the Linux kernel, the following vulnerability has been resolved:
s390/sclp: Add check for get_zeroed_page()
Add check for the return value of get_zeroed_page() in
sclp_console_init() to prevent null pointer dereference.
Furthermore, to solve the memory leak caused by the loop
allocation, add a free helper to do the free job.
Severity
No CVSS data available.
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
4c8f4794b61e89dd68f96cfc23a9d9b6c25be420 , < e1e00dc45648125ef7cb87ebc3b581ac224e7b39
(git)
Affected: 4c8f4794b61e89dd68f96cfc23a9d9b6c25be420 , < 397254706eba9d8f99fd237feede7ab3169a7f9a (git) Affected: 4c8f4794b61e89dd68f96cfc23a9d9b6c25be420 , < 28e5a867aa542e369e211c2baba7044228809a99 (git) Affected: 4c8f4794b61e89dd68f96cfc23a9d9b6c25be420 , < 3b3aa72636a6205933609ec274a8747720c1ee3f (git) Affected: 4c8f4794b61e89dd68f96cfc23a9d9b6c25be420 , < f69f8a93aacf6e99af7b1cc992d8ca2cc07b96fb (git) Affected: 4c8f4794b61e89dd68f96cfc23a9d9b6c25be420 , < 3db42c75a921854a99db0a2775814fef97415bac (git) |
|
| Linux | Linux |
Affected:
2.6.31
Unaffected: 0 , < 2.6.31 (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.136 , ≤ 6.1.* (semver) Unaffected: 6.6.89 , ≤ 6.6.* (semver) Unaffected: 6.12.26 , ≤ 6.12.* (semver) Unaffected: 6.14.5 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:56:55.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/s390/char/sclp_con.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e1e00dc45648125ef7cb87ebc3b581ac224e7b39",
"status": "affected",
"version": "4c8f4794b61e89dd68f96cfc23a9d9b6c25be420",
"versionType": "git"
},
{
"lessThan": "397254706eba9d8f99fd237feede7ab3169a7f9a",
"status": "affected",
"version": "4c8f4794b61e89dd68f96cfc23a9d9b6c25be420",
"versionType": "git"
},
{
"lessThan": "28e5a867aa542e369e211c2baba7044228809a99",
"status": "affected",
"version": "4c8f4794b61e89dd68f96cfc23a9d9b6c25be420",
"versionType": "git"
},
{
"lessThan": "3b3aa72636a6205933609ec274a8747720c1ee3f",
"status": "affected",
"version": "4c8f4794b61e89dd68f96cfc23a9d9b6c25be420",
"versionType": "git"
},
{
"lessThan": "f69f8a93aacf6e99af7b1cc992d8ca2cc07b96fb",
"status": "affected",
"version": "4c8f4794b61e89dd68f96cfc23a9d9b6c25be420",
"versionType": "git"
},
{
"lessThan": "3db42c75a921854a99db0a2775814fef97415bac",
"status": "affected",
"version": "4c8f4794b61e89dd68f96cfc23a9d9b6c25be420",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/s390/char/sclp_con.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.31"
},
{
"lessThan": "2.6.31",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.136",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.89",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.26",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "2.6.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.136",
"versionStartIncluding": "2.6.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.89",
"versionStartIncluding": "2.6.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.26",
"versionStartIncluding": "2.6.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.5",
"versionStartIncluding": "2.6.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "2.6.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Add check for get_zeroed_page()\n\nAdd check for the return value of get_zeroed_page() in\nsclp_console_init() to prevent null pointer dereference.\nFurthermore, to solve the memory leak caused by the loop\nallocation, add a free helper to do the free job."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:16:57.446Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e1e00dc45648125ef7cb87ebc3b581ac224e7b39"
},
{
"url": "https://git.kernel.org/stable/c/397254706eba9d8f99fd237feede7ab3169a7f9a"
},
{
"url": "https://git.kernel.org/stable/c/28e5a867aa542e369e211c2baba7044228809a99"
},
{
"url": "https://git.kernel.org/stable/c/3b3aa72636a6205933609ec274a8747720c1ee3f"
},
{
"url": "https://git.kernel.org/stable/c/f69f8a93aacf6e99af7b1cc992d8ca2cc07b96fb"
},
{
"url": "https://git.kernel.org/stable/c/3db42c75a921854a99db0a2775814fef97415bac"
}
],
"title": "s390/sclp: Add check for get_zeroed_page()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37883",
"datePublished": "2025-05-09T06:45:46.716Z",
"dateReserved": "2025-04-16T04:51:23.962Z",
"dateUpdated": "2026-05-11T21:16:57.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37885 (GCVE-0-2025-37885)
Vulnerability from cvelistv5 – Published: 2025-05-09 06:45 – Updated: 2026-05-11 21:16
VLAI
EPSS
Title
KVM: x86: Reset IRTE to host control if *new* route isn't postable
Summary
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86: Reset IRTE to host control if *new* route isn't postable
Restore an IRTE back to host control (remapped or posted MSI mode) if the
*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of
the GSI routing type. Updating the IRTE if and only if the new GSI is an
MSI results in KVM leaving an IRTE posting to a vCPU.
The dangling IRTE can result in interrupts being incorrectly delivered to
the guest, and in the worst case scenario can result in use-after-free,
e.g. if the VM is torn down, but the underlying host IRQ isn't freed.
Severity
No CVSS data available.
Assigner
References
9 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
efc644048ecde54f016011fe10110addd0de348f , < e5f2dee9f7fcd2ff4b97869f3c66a0d89c167769
(git)
Affected: efc644048ecde54f016011fe10110addd0de348f , < 116c7d35b8f72eac383b9fd371d7c1a8ffc2968b (git) Affected: efc644048ecde54f016011fe10110addd0de348f , < 023816bd5fa46fab94d1e7917fe131b79ed1fb41 (git) Affected: efc644048ecde54f016011fe10110addd0de348f , < 3481fd96d801715942b6f69fe251133128156f30 (git) Affected: efc644048ecde54f016011fe10110addd0de348f , < b5de7ac74f69603ad803c524b840bffd36368fc3 (git) Affected: efc644048ecde54f016011fe10110addd0de348f , < 3066ec21d1a33896125747f68638725f456308db (git) Affected: efc644048ecde54f016011fe10110addd0de348f , < 9bcac97dc42d2f4da8229d18feb0fe2b1ce523a2 (git) |
|
| Linux | Linux |
Affected:
4.4
Unaffected: 0 , < 4.4 (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.136 , ≤ 6.1.* (semver) Unaffected: 6.6.89 , ≤ 6.6.* (semver) Unaffected: 6.12.26 , ≤ 6.12.* (semver) Unaffected: 6.14.5 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:56:59.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/svm/avic.c",
"arch/x86/kvm/vmx/posted_intr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e5f2dee9f7fcd2ff4b97869f3c66a0d89c167769",
"status": "affected",
"version": "efc644048ecde54f016011fe10110addd0de348f",
"versionType": "git"
},
{
"lessThan": "116c7d35b8f72eac383b9fd371d7c1a8ffc2968b",
"status": "affected",
"version": "efc644048ecde54f016011fe10110addd0de348f",
"versionType": "git"
},
{
"lessThan": "023816bd5fa46fab94d1e7917fe131b79ed1fb41",
"status": "affected",
"version": "efc644048ecde54f016011fe10110addd0de348f",
"versionType": "git"
},
{
"lessThan": "3481fd96d801715942b6f69fe251133128156f30",
"status": "affected",
"version": "efc644048ecde54f016011fe10110addd0de348f",
"versionType": "git"
},
{
"lessThan": "b5de7ac74f69603ad803c524b840bffd36368fc3",
"status": "affected",
"version": "efc644048ecde54f016011fe10110addd0de348f",
"versionType": "git"
},
{
"lessThan": "3066ec21d1a33896125747f68638725f456308db",
"status": "affected",
"version": "efc644048ecde54f016011fe10110addd0de348f",
"versionType": "git"
},
{
"lessThan": "9bcac97dc42d2f4da8229d18feb0fe2b1ce523a2",
"status": "affected",
"version": "efc644048ecde54f016011fe10110addd0de348f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/kvm/svm/avic.c",
"arch/x86/kvm/vmx/posted_intr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.4"
},
{
"lessThan": "4.4",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.237",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.136",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.89",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.26",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.237",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.136",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.89",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.26",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.5",
"versionStartIncluding": "4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn\u0027t freed."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:16:59.731Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e5f2dee9f7fcd2ff4b97869f3c66a0d89c167769"
},
{
"url": "https://git.kernel.org/stable/c/116c7d35b8f72eac383b9fd371d7c1a8ffc2968b"
},
{
"url": "https://git.kernel.org/stable/c/023816bd5fa46fab94d1e7917fe131b79ed1fb41"
},
{
"url": "https://git.kernel.org/stable/c/3481fd96d801715942b6f69fe251133128156f30"
},
{
"url": "https://git.kernel.org/stable/c/b5de7ac74f69603ad803c524b840bffd36368fc3"
},
{
"url": "https://git.kernel.org/stable/c/3066ec21d1a33896125747f68638725f456308db"
},
{
"url": "https://git.kernel.org/stable/c/9bcac97dc42d2f4da8229d18feb0fe2b1ce523a2"
}
],
"title": "KVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37885",
"datePublished": "2025-05-09T06:45:48.150Z",
"dateReserved": "2025-04-16T04:51:23.963Z",
"dateUpdated": "2026-05-11T21:16:59.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37890 (GCVE-0-2025-37890)
Vulnerability from cvelistv5 – Published: 2025-05-16 13:01 – Updated: 2026-06-11 18:44
VLAI
EPSS
Title
net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
Summary
In the Linux kernel, the following vulnerability has been resolved:
net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
As described in Gerrard's report [1], we have a UAF case when an hfsc class
has a netem child qdisc. The crux of the issue is that hfsc is assuming
that checking for cl->qdisc->q.qlen == 0 guarantees that it hasn't inserted
the class in the vttree or eltree (which is not true for the netem
duplicate case).
This patch checks the n_active class variable to make sure that the code
won't insert the class in the vttree or eltree twice, catering for the
reentrant case.
[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 273bbcfa53541cde38b2003ad88a59b770306421
(git)
Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < e0cf8ee23e1915431f262a7b2dee0c7a7d699af0 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < e3e949a39a91d1f829a4890e7dfe9417ac72e4d0 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 8df7d37d626430035b413b97cee18396b3450bef (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 6082a87af4c52f58150d40dec1716011d871ac21 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 2e7093c7a8aba5d4f8809f271488e5babe75e202 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < ac39fd4a757584d78ed062d4f6fd913f83bd98b5 (git) Affected: 37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea , < 141d34391abbb315d68556b7c67ad97885407547 (git) |
|
| Linux | Linux |
Affected:
5.0
Unaffected: 0 , < 5.0 (semver) Unaffected: 5.4.294 , ≤ 5.4.* (semver) Unaffected: 5.10.238 , ≤ 5.10.* (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:02.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37890",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T20:42:08.844756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T18:44:19.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_hfsc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "273bbcfa53541cde38b2003ad88a59b770306421",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "e0cf8ee23e1915431f262a7b2dee0c7a7d699af0",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "e3e949a39a91d1f829a4890e7dfe9417ac72e4d0",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "8df7d37d626430035b413b97cee18396b3450bef",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "6082a87af4c52f58150d40dec1716011d871ac21",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "2e7093c7a8aba5d4f8809f271488e5babe75e202",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "ac39fd4a757584d78ed062d4f6fd913f83bd98b5",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
},
{
"lessThan": "141d34391abbb315d68556b7c67ad97885407547",
"status": "affected",
"version": "37d9cf1a3ce35de3df6f7d209bfb1f50cf188cea",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/sch_hfsc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"lessThan": "5.0",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.294",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.238",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.294",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.238",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:06.552Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/273bbcfa53541cde38b2003ad88a59b770306421"
},
{
"url": "https://git.kernel.org/stable/c/e0cf8ee23e1915431f262a7b2dee0c7a7d699af0"
},
{
"url": "https://git.kernel.org/stable/c/e3e949a39a91d1f829a4890e7dfe9417ac72e4d0"
},
{
"url": "https://git.kernel.org/stable/c/8df7d37d626430035b413b97cee18396b3450bef"
},
{
"url": "https://git.kernel.org/stable/c/6082a87af4c52f58150d40dec1716011d871ac21"
},
{
"url": "https://git.kernel.org/stable/c/2e7093c7a8aba5d4f8809f271488e5babe75e202"
},
{
"url": "https://git.kernel.org/stable/c/ac39fd4a757584d78ed062d4f6fd913f83bd98b5"
},
{
"url": "https://git.kernel.org/stable/c/141d34391abbb315d68556b7c67ad97885407547"
}
],
"title": "net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37890",
"datePublished": "2025-05-16T13:01:12.798Z",
"dateReserved": "2025-04-16T04:51:23.963Z",
"dateUpdated": "2026-06-11T18:44:19.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37892 (GCVE-0-2025-37892)
Vulnerability from cvelistv5 – Published: 2025-05-20 11:00 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
mtd: inftlcore: Add error check for inftl_read_oob()
Summary
In the Linux kernel, the following vulnerability has been resolved:
mtd: inftlcore: Add error check for inftl_read_oob()
In INFTL_findwriteunit(), the return value of inftl_read_oob()
need to be checked. A proper implementation can be
found in INFTL_deleteblock(). The status will be set as
SECTOR_IGNORE to break from the while-loop correctly
if the inftl_read_oob() fails.
Severity
No CVSS data available.
Assigner
References
10 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
8593fbc68b0df1168995de76d1af38eb62fd6b62 , < b828d394308e8e00df0a6f57e7dabae609bb8b7b
(git)
Affected: 8593fbc68b0df1168995de76d1af38eb62fd6b62 , < 0300e751170cf80c05ca1a762a7b449e8ca6b693 (git) Affected: 8593fbc68b0df1168995de76d1af38eb62fd6b62 , < e7d6ceff95c55297f0ee8f9dbc4da5c558f30e9e (git) Affected: 8593fbc68b0df1168995de76d1af38eb62fd6b62 , < 6af3b92b1c0b58ca281d0e1501bad2567f73c1a5 (git) Affected: 8593fbc68b0df1168995de76d1af38eb62fd6b62 , < 7772621041ee78823ccc5f1fe38f6faa22af7023 (git) Affected: 8593fbc68b0df1168995de76d1af38eb62fd6b62 , < 5479a6af3c96f73bec2d2819532b6d6814f52dd6 (git) Affected: 8593fbc68b0df1168995de76d1af38eb62fd6b62 , < 1c22356dfb041e5292835c9ff44d5f91bef8dd18 (git) Affected: 8593fbc68b0df1168995de76d1af38eb62fd6b62 , < 114d94f095aa405fa9a51484c4be34846d7bb386 (git) Affected: 8593fbc68b0df1168995de76d1af38eb62fd6b62 , < d027951dc85cb2e15924c980dc22a6754d100c7c (git) |
|
| Linux | Linux |
Affected:
2.6.18
Unaffected: 0 , < 2.6.18 (semver) Unaffected: 5.4.293 , ≤ 5.4.* (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.135 , ≤ 6.1.* (semver) Unaffected: 6.6.88 , ≤ 6.6.* (semver) Unaffected: 6.12.24 , ≤ 6.12.* (semver) Unaffected: 6.13.12 , ≤ 6.13.* (semver) Unaffected: 6.14.3 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:03.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/mtd/inftlcore.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b828d394308e8e00df0a6f57e7dabae609bb8b7b",
"status": "affected",
"version": "8593fbc68b0df1168995de76d1af38eb62fd6b62",
"versionType": "git"
},
{
"lessThan": "0300e751170cf80c05ca1a762a7b449e8ca6b693",
"status": "affected",
"version": "8593fbc68b0df1168995de76d1af38eb62fd6b62",
"versionType": "git"
},
{
"lessThan": "e7d6ceff95c55297f0ee8f9dbc4da5c558f30e9e",
"status": "affected",
"version": "8593fbc68b0df1168995de76d1af38eb62fd6b62",
"versionType": "git"
},
{
"lessThan": "6af3b92b1c0b58ca281d0e1501bad2567f73c1a5",
"status": "affected",
"version": "8593fbc68b0df1168995de76d1af38eb62fd6b62",
"versionType": "git"
},
{
"lessThan": "7772621041ee78823ccc5f1fe38f6faa22af7023",
"status": "affected",
"version": "8593fbc68b0df1168995de76d1af38eb62fd6b62",
"versionType": "git"
},
{
"lessThan": "5479a6af3c96f73bec2d2819532b6d6814f52dd6",
"status": "affected",
"version": "8593fbc68b0df1168995de76d1af38eb62fd6b62",
"versionType": "git"
},
{
"lessThan": "1c22356dfb041e5292835c9ff44d5f91bef8dd18",
"status": "affected",
"version": "8593fbc68b0df1168995de76d1af38eb62fd6b62",
"versionType": "git"
},
{
"lessThan": "114d94f095aa405fa9a51484c4be34846d7bb386",
"status": "affected",
"version": "8593fbc68b0df1168995de76d1af38eb62fd6b62",
"versionType": "git"
},
{
"lessThan": "d027951dc85cb2e15924c980dc22a6754d100c7c",
"status": "affected",
"version": "8593fbc68b0df1168995de76d1af38eb62fd6b62",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/mtd/inftlcore.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.18"
},
{
"lessThan": "2.6.18",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.293",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.237",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.135",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.88",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.24",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.293",
"versionStartIncluding": "2.6.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.237",
"versionStartIncluding": "2.6.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "2.6.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.135",
"versionStartIncluding": "2.6.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.88",
"versionStartIncluding": "2.6.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.24",
"versionStartIncluding": "2.6.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.12",
"versionStartIncluding": "2.6.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.3",
"versionStartIncluding": "2.6.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "2.6.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:08.832Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b828d394308e8e00df0a6f57e7dabae609bb8b7b"
},
{
"url": "https://git.kernel.org/stable/c/0300e751170cf80c05ca1a762a7b449e8ca6b693"
},
{
"url": "https://git.kernel.org/stable/c/e7d6ceff95c55297f0ee8f9dbc4da5c558f30e9e"
},
{
"url": "https://git.kernel.org/stable/c/6af3b92b1c0b58ca281d0e1501bad2567f73c1a5"
},
{
"url": "https://git.kernel.org/stable/c/7772621041ee78823ccc5f1fe38f6faa22af7023"
},
{
"url": "https://git.kernel.org/stable/c/5479a6af3c96f73bec2d2819532b6d6814f52dd6"
},
{
"url": "https://git.kernel.org/stable/c/1c22356dfb041e5292835c9ff44d5f91bef8dd18"
},
{
"url": "https://git.kernel.org/stable/c/114d94f095aa405fa9a51484c4be34846d7bb386"
},
{
"url": "https://git.kernel.org/stable/c/d027951dc85cb2e15924c980dc22a6754d100c7c"
}
],
"title": "mtd: inftlcore: Add error check for inftl_read_oob()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37892",
"datePublished": "2025-05-20T11:00:26.977Z",
"dateReserved": "2025-04-16T04:51:23.964Z",
"dateUpdated": "2026-05-11T21:17:08.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37905 (GCVE-0-2025-37905)
Vulnerability from cvelistv5 – Published: 2025-05-20 15:21 – Updated: 2026-05-11 21:17
VLAI
EPSS
Title
firmware: arm_scmi: Balance device refcount when destroying devices
Summary
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Balance device refcount when destroying devices
Using device_find_child() to lookup the proper SCMI device to destroy
causes an unbalance in device refcount, since device_find_child() calls an
implicit get_device(): this, in turns, inhibits the call of the provided
release methods upon devices destruction.
As a consequence, one of the structures that is not freed properly upon
destruction is the internal struct device_private dev->p populated by the
drivers subsystem core.
KMemleak detects this situation since loading/unloding some SCMI driver
causes related devices to be created/destroyed without calling any
device_release method.
unreferenced object 0xffff00000f583800 (size 512):
comm "insmod", pid 227, jiffies 4294912190
hex dump (first 32 bytes):
00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......
backtrace (crc 114e2eed):
kmemleak_alloc+0xbc/0xd8
__kmalloc_cache_noprof+0x2dc/0x398
device_add+0x954/0x12d0
device_register+0x28/0x40
__scmi_device_create.part.0+0x1bc/0x380
scmi_device_create+0x2d0/0x390
scmi_create_protocol_devices+0x74/0xf8
scmi_device_request_notifier+0x1f8/0x2a8
notifier_call_chain+0x110/0x3b0
blocking_notifier_call_chain+0x70/0xb0
scmi_driver_register+0x350/0x7f0
0xffff80000a3b3038
do_one_initcall+0x12c/0x730
do_init_module+0x1dc/0x640
load_module+0x4b20/0x5b70
init_module_from_file+0xec/0x158
$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0
device_add+0x954/0x12d0:
kmalloc_noprof at include/linux/slab.h:901
(inlined by) kzalloc_noprof at include/linux/slab.h:1037
(inlined by) device_private_init at drivers/base/core.c:3510
(inlined by) device_add at drivers/base/core.c:3561
Balance device refcount by issuing a put_device() on devices found via
device_find_child().
Severity
No CVSS data available.
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
d4f9dddd21f39395c62ea12d3d91239637d4805f , < 91ff1e9652fb9beb0174267d6bb38243dff211bb
(git)
Affected: d4f9dddd21f39395c62ea12d3d91239637d4805f , < ff4273d47da81b95ed9396110bcbd1b7b7470fe8 (git) Affected: d4f9dddd21f39395c62ea12d3d91239637d4805f , < 2fbf6c9695ad9f05e7e5c166bf43fac7cb3276b3 (git) Affected: d4f9dddd21f39395c62ea12d3d91239637d4805f , < 969d8beaa2e374387bf9aa5602ef84fc50bb48d8 (git) Affected: d4f9dddd21f39395c62ea12d3d91239637d4805f , < 8a8a3547d5c4960da053df49c75bf623827a25da (git) Affected: d4f9dddd21f39395c62ea12d3d91239637d4805f , < 9ca67840c0ddf3f39407339624cef824a4f27599 (git) |
|
| Linux | Linux |
Affected:
5.13
Unaffected: 0 , < 5.13 (semver) Unaffected: 5.15.182 , ≤ 5.15.* (semver) Unaffected: 6.1.138 , ≤ 6.1.* (semver) Unaffected: 6.6.90 , ≤ 6.6.* (semver) Unaffected: 6.12.28 , ≤ 6.12.* (semver) Unaffected: 6.14.6 , ≤ 6.14.* (semver) Unaffected: 6.15 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:57:09.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/firmware/arm_scmi/bus.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "91ff1e9652fb9beb0174267d6bb38243dff211bb",
"status": "affected",
"version": "d4f9dddd21f39395c62ea12d3d91239637d4805f",
"versionType": "git"
},
{
"lessThan": "ff4273d47da81b95ed9396110bcbd1b7b7470fe8",
"status": "affected",
"version": "d4f9dddd21f39395c62ea12d3d91239637d4805f",
"versionType": "git"
},
{
"lessThan": "2fbf6c9695ad9f05e7e5c166bf43fac7cb3276b3",
"status": "affected",
"version": "d4f9dddd21f39395c62ea12d3d91239637d4805f",
"versionType": "git"
},
{
"lessThan": "969d8beaa2e374387bf9aa5602ef84fc50bb48d8",
"status": "affected",
"version": "d4f9dddd21f39395c62ea12d3d91239637d4805f",
"versionType": "git"
},
{
"lessThan": "8a8a3547d5c4960da053df49c75bf623827a25da",
"status": "affected",
"version": "d4f9dddd21f39395c62ea12d3d91239637d4805f",
"versionType": "git"
},
{
"lessThan": "9ca67840c0ddf3f39407339624cef824a4f27599",
"status": "affected",
"version": "d4f9dddd21f39395c62ea12d3d91239637d4805f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/firmware/arm_scmi/bus.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.182",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.138",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.90",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.28",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.14.*",
"status": "unaffected",
"version": "6.14.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.15",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.182",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.138",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.90",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.28",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14.6",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15",
"versionStartIncluding": "5.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child()."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:17:22.704Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/91ff1e9652fb9beb0174267d6bb38243dff211bb"
},
{
"url": "https://git.kernel.org/stable/c/ff4273d47da81b95ed9396110bcbd1b7b7470fe8"
},
{
"url": "https://git.kernel.org/stable/c/2fbf6c9695ad9f05e7e5c166bf43fac7cb3276b3"
},
{
"url": "https://git.kernel.org/stable/c/969d8beaa2e374387bf9aa5602ef84fc50bb48d8"
},
{
"url": "https://git.kernel.org/stable/c/8a8a3547d5c4960da053df49c75bf623827a25da"
},
{
"url": "https://git.kernel.org/stable/c/9ca67840c0ddf3f39407339624cef824a4f27599"
}
],
"title": "firmware: arm_scmi: Balance device refcount when destroying devices",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-37905",
"datePublished": "2025-05-20T15:21:38.890Z",
"dateReserved": "2025-04-16T04:51:23.966Z",
"dateUpdated": "2026-05-11T21:17:22.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…