| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2025-37087 | A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an att... | | |
| CVE-2025-37088 | A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS). Dependin... | | |
| CVE-2025-37089 | A command injection remote code execution vulnerability exists in HPE StoreOnce Software.... | | |
| CVE-2025-37090 | A server-side request forgery vulnerability exists in HPE StoreOnce Software.... | | |
| CVE-2025-37091 | A command injection remote code execution vulnerability exists in HPE StoreOnce Software.... | | |
| CVE-2025-37092 | A command injection remote code execution vulnerability exists in HPE StoreOnce Software.... | | |
| CVE-2025-37093 | An authentication bypass vulnerability exists in HPE StoreOnce Software.... | | |
| CVE-2025-37094 | A directory traversal arbitrary file deletion vulnerability exists in HPE StoreOnce Software.... | | |
| CVE-2025-37095 | A directory traversal information disclosure vulnerability exists in HPE StoreOnce Software.... | | |
| CVE-2025-37096 | A command injection remote code execution vulnerability exists in HPE StoreOnce Software.... | | |
| CVE-2025-37097 | A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticate... | E | |
| CVE-2025-37098 | A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.... | | |
| CVE-2025-37099 | A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.64... | | |
| CVE-2025-37100 | Exposure of Sensitive Information to an Unauthorized User in HPE Aruba Networking Private 5G Core | | |
| CVE-2025-37101 | HPE OneView for VMware vCenter (OV4VC), Local Elevation of Privilege | | |
| CVE-2025-37102 | Authenticated Command Injection Vulnerability In Instant On Command Line Interface | | |
| CVE-2025-37103 | Hardcoded Credential Exposure Allows Unauthorized Access in Web Interface | | |
| CVE-2025-37730 | Logstash Improper Certificate Validation in TCP output | | |
| CVE-2025-37738 | ext4: ignore xattrs past end | | |
| CVE-2025-37739 | f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() | | |
| CVE-2025-37740 | jfs: add sanity check for agwidth in dbMount | | |
| CVE-2025-37741 | jfs: Prevent copying of nlink with value 0 from disk inode | | |
| CVE-2025-37742 | jfs: Fix uninit-value access of imap allocated in the diMount() function | | |
| CVE-2025-37743 | wifi: ath12k: Avoid memory leak while enabling statistics | | |
| CVE-2025-37744 | wifi: ath12k: fix memory leak in ath12k_pci_remove() | | |
| CVE-2025-37745 | PM: hibernate: Avoid deadlock in hibernate_compressor_param_set() | | |
| CVE-2025-37746 | perf/dwc_pcie: fix duplicate pci_dev devices | | |
| CVE-2025-37747 | perf: Fix hang while freeing sigtrap event | | |
| CVE-2025-37748 | iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group | | |
| CVE-2025-37749 | net: ppp: Add bound checking for skb data on ppp_sync_txmung | | |
| CVE-2025-37750 | smb: client: fix UAF in decryption with multichannel | | |
| CVE-2025-37751 | x86/cpu: Avoid running off the end of an AMD erratum table | | |
| CVE-2025-37752 | net_sched: sch_sfq: move the limit validation | | |
| CVE-2025-37753 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2025-37754 | drm/i915/huc: Fix fence not released on early probe errors | | |
| CVE-2025-37755 | net: libwx: handle page_pool_dev_alloc_pages error | | |
| CVE-2025-37756 | net: tls: explicitly disallow disconnect | | |
| CVE-2025-37757 | tipc: fix memory leak in tipc_link_xmit | | |
| CVE-2025-37758 | ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() | | |
| CVE-2025-37759 | ublk: fix handling recovery & reissue in ublk_abort_queue() | | |
| CVE-2025-37760 | mm/vma: add give_up_on_oom option on modify/merge, use in uffd release | | |
| CVE-2025-37761 | drm/xe: Fix an out-of-bounds shift when invalidating TLB | | |
| CVE-2025-37762 | drm/virtio: Fix missed dmabuf unpinning in error path of prepare_fb() | | |
| CVE-2025-37763 | drm/imagination: take paired job reference | | |
| CVE-2025-37764 | drm/imagination: fix firmware memory leaks | | |
| CVE-2025-37765 | drm/nouveau: prime: fix ttm_bo_delayed_delete oops | | |
| CVE-2025-37766 | drm/amd/pm: Prevent division by zero | | |
| CVE-2025-37767 | drm/amd/pm: Prevent division by zero | | |
| CVE-2025-37768 | drm/amd/pm: Prevent division by zero | | |
| CVE-2025-37769 | drm/amd/pm/smu11: Prevent division by zero | | |
| CVE-2025-37770 | drm/amd/pm: Prevent division by zero | | |
| CVE-2025-37771 | drm/amd/pm: Prevent division by zero | | |
| CVE-2025-37772 | RDMA/cma: Fix workqueue crash in cma_netevent_work_handler | | |
| CVE-2025-37773 | virtiofs: add filesystem context source name check | | |
| CVE-2025-37774 | slab: ensure slab->obj_exts is clear in a newly allocated slab page | | |
| CVE-2025-37775 | ksmbd: fix the warning from __kernel_write_iter | | |
| CVE-2025-37776 | ksmbd: fix use-after-free in smb_break_all_levII_oplock() | | |
| CVE-2025-37777 | ksmbd: fix use-after-free in __smb2_lease_break_noti() | | |
| CVE-2025-37778 | ksmbd: Fix dangling pointer in krb_authenticate | | |
| CVE-2025-37779 | lib/iov_iter: fix to increase non slab folio refcount | | |
| CVE-2025-37780 | isofs: Prevent the use of too small fid | | |
| CVE-2025-37781 | i2c: cros-ec-tunnel: defer probe if parent EC is not present | | |
| CVE-2025-37782 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2025-37783 | drm/msm/dpu: Fix error pointers in dpu_plane_virtual_atomic_check | | |
| CVE-2025-37784 | net: ti: icss-iep: Fix possible NULL pointer dereference for perout request | | |
| CVE-2025-37785 | ext4: fix OOB read when checking dotdot dir | S | |
| CVE-2025-37786 | net: dsa: free routing table on probe failure | | |
| CVE-2025-37787 | net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered | | |
| CVE-2025-37788 | cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path | | |
| CVE-2025-37789 | net: openvswitch: fix nested key length validation in the set() action | | |
| CVE-2025-37790 | net: mctp: Set SOCK_RCU_FREE | | |
| CVE-2025-37791 | ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() | | |
| CVE-2025-37792 | Bluetooth: btrtl: Prevent potential NULL dereference | | |
| CVE-2025-37793 | ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() | | |
| CVE-2025-37794 | wifi: mac80211: Purge vif txq in ieee80211_do_stop() | | |
| CVE-2025-37795 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2025-37796 | wifi: at76c50x: fix use after free access in at76_disconnect | | |
| CVE-2025-37797 | net_sched: hfsc: Fix a UAF vulnerability in class handling | | |
| CVE-2025-37798 | codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() | | |
| CVE-2025-37799 | vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp | | |
| CVE-2025-37800 | driver core: fix potential NULL pointer dereference in dev_uevent() | S | |
| CVE-2025-37801 | spi: spi-imx: Add check for spi_imx_setupxfer() | S | |
| CVE-2025-37802 | ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING" | S | |
| CVE-2025-37803 | udmabuf: fix a buf size overflow issue during udmabuf creation | S | |
| CVE-2025-37804 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2025-37805 | sound/virtio: Fix cancel_sync warnings on uninitialized work_structs | S | |
| CVE-2025-37806 | fs/ntfs3: Keep write operations atomic | | |
| CVE-2025-37807 | bpf: Fix kmemleak warning for percpu hashmap | | |
| CVE-2025-37808 | crypto: null - Use spin lock instead of mutex | | |
| CVE-2025-37809 | usb: typec: class: Fix NULL pointer access | | |
| CVE-2025-37810 | usb: dwc3: gadget: check that event count does not exceed event buffer length | | |
| CVE-2025-37811 | usb: chipidea: ci_hdrc_imx: fix usbmisc handling | | |
| CVE-2025-37812 | usb: cdns3: Fix deadlock when using NCM gadget | | |
| CVE-2025-37813 | usb: xhci: Fix invalid pointer dereference in Etron workaround | | |
| CVE-2025-37814 | tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT | | |
| CVE-2025-37815 | misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration | | |
| CVE-2025-37816 | mei: vsc: Fix fortify-panic caused by invalid counted_by() use | | |
| CVE-2025-37817 | mcb: fix a double free bug in chameleon_parse_gdd() | | |
| CVE-2025-37818 | LoongArch: Return NULL from huge_pte_offset() for invalid PMD | | |
| CVE-2025-37819 | irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() | | |
| CVE-2025-37820 | xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() | | |
| CVE-2025-37821 | sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash | | |
| CVE-2025-37822 | riscv: uprobes: Add missing fence.i after building the XOL buffer | | |
| CVE-2025-37823 | net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too | | |
| CVE-2025-37824 | tipc: fix NULL pointer dereference in tipc_mon_reinit_self() | | |
| CVE-2025-37825 | nvmet: fix out-of-bounds access in nvmet_enable_port | | |
| CVE-2025-37826 | scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer() | | |
| CVE-2025-37827 | btrfs: zoned: return EIO on RAID1 block group write pointer mismatch | | |
| CVE-2025-37828 | scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort() | | |
| CVE-2025-37829 | cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() | | |
| CVE-2025-37830 | cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() | | |
| CVE-2025-37831 | cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() | | |
| CVE-2025-37832 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2025-37833 | net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads | | |
| CVE-2025-37834 | mm/vmscan: don't try to reclaim hwpoison folio | | |
| CVE-2025-37835 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2025-37836 | PCI: Fix reference leak in pci_register_host_bridge() | | |
| CVE-2025-37837 | iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() | | |
| CVE-2025-37838 | HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition | S | |
| CVE-2025-37839 | jbd2: remove wrong sb->s_sequence check | | |
| CVE-2025-37840 | mtd: rawnand: brcmnand: fix PM resume warning | | |
| CVE-2025-37841 | pm: cpupower: bench: Prevent NULL dereference on malloc failure | | |
| CVE-2025-37842 | spi: fsl-qspi: use devm function instead of driver remove | | |
| CVE-2025-37843 | PCI: pciehp: Avoid unnecessary device replacement check | | |
| CVE-2025-37844 | cifs: avoid NULL pointer dereference in dbg call | | |
| CVE-2025-37845 | tracing: fprobe events: Fix possible UAF on modules | | |
| CVE-2025-37846 | arm64: mops: Do not dereference src reg for a set operation | | |
| CVE-2025-37847 | accel/ivpu: Fix deadlock in ivpu_ms_cleanup() | | |
| CVE-2025-37848 | accel/ivpu: Fix PM related deadlocks in MS IOCTLs | | |
| CVE-2025-37849 | KVM: arm64: Tear down vGIC on failed vCPU creation | | |
| CVE-2025-37850 | pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() | | |
| CVE-2025-37851 | fbdev: omapfb: Add 'plane' value check | | |
| CVE-2025-37852 | drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() | | |
| CVE-2025-37853 | drm/amdkfd: debugfs hang_hws skip GPU with MES | | |
| CVE-2025-37854 | drm/amdkfd: Fix mode1 reset crash issue | | |
| CVE-2025-37855 | drm/amd/display: Guard Possible Null Pointer Dereference | | |
| CVE-2025-37856 | btrfs: harden block_group::bg_list against list_del() races | | |
| CVE-2025-37857 | scsi: st: Fix array overflow in st_setup() | | |
| CVE-2025-37858 | fs/jfs: Prevent integer overflow in AG size calculation | | |
| CVE-2025-37859 | page_pool: avoid infinite loop to schedule delayed worker | | |
| CVE-2025-37860 | sfc: fix NULL dereferences in ef100_process_design_param() | S | |
| CVE-2025-37861 | scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue | | |
| CVE-2025-37862 | HID: pidff: Fix null pointer dereference in pidff_find_fields | | |
| CVE-2025-37863 | ovl: don't allow datadir only | | |
| CVE-2025-37864 | net: dsa: clean up FDB, MDB, VLAN entries on unbind | | |
| CVE-2025-37865 | net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported | | |
| CVE-2025-37866 | mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show() | | |
| CVE-2025-37867 | RDMA/core: Silence oversized kvmalloc() warning | | |
| CVE-2025-37868 | drm/xe/userptr: fix notifier vs folio deadlock | | |
| CVE-2025-37869 | drm/xe: Use local fence in error path of xe_migrate_clear | | |
| CVE-2025-37870 | drm/amd/display: prevent hang on link training fail | | |
| CVE-2025-37871 | nfsd: decrease sc_count directly if fail to queue dl_recall | | |
| CVE-2025-37872 | net: txgbe: fix memory leak in txgbe_probe() error path | | |
| CVE-2025-37873 | eth: bnxt: fix missing ring index trim on error path | | |
| CVE-2025-37874 | net: ngbe: fix memory leak in ngbe_probe() error path | | |
| CVE-2025-37875 | igc: fix PTM cycle trigger logic | | |
| CVE-2025-37876 | netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS | | |
| CVE-2025-37877 | iommu: Clear iommu-dma ops on cleanup | | |
| CVE-2025-37878 | perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init | | |
| CVE-2025-37879 | 9p/net: fix improper handling of bogus negative read/write replies | | |
| CVE-2025-37880 | um: work around sched_yield not yielding in time-travel mode | | |
| CVE-2025-37881 | usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() | | |
| CVE-2025-37882 | usb: xhci: Fix isochronous Ring Underrun/Overrun event handling | | |
| CVE-2025-37883 | s390/sclp: Add check for get_zeroed_page() | | |
| CVE-2025-37884 | bpf: Fix deadlock between rcu_tasks_trace and event_mutex. | | |
| CVE-2025-37885 | KVM: x86: Reset IRTE to host control if *new* route isn't postable | | |
| CVE-2025-37886 | pds_core: make wait_context part of q_info | | |
| CVE-2025-37887 | pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result | | |
| CVE-2025-37888 | net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() | | |
| CVE-2025-37889 | ASoC: ops: Consistently treat platform_max as control value | | |
| CVE-2025-37890 | net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc | | |
| CVE-2025-37891 | ALSA: ump: Fix buffer overflow at UMP SysEx message conversion | | |
| CVE-2025-37892 | mtd: inftlcore: Add error check for inftl_read_oob() | | |
| CVE-2025-37893 | LoongArch: BPF: Fix off-by-one error in build_prologue() | S | |
| CVE-2025-37894 | net: use sock_gen_put() when sk_state is TCP_TIME_WAIT | | |
| CVE-2025-37895 | bnxt_en: Fix error handling path in bnxt_init_chip() | | |
| CVE-2025-37896 | spi: spi-mem: Add fix to avoid divide error | | |
| CVE-2025-37897 | wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release | | |
| CVE-2025-37898 | powerpc64/ftrace: fix module loading without patchable function entries | | |
| CVE-2025-37899 | ksmbd: fix use-after-free in session logoff | | |
| CVE-2025-37900 | iommu: Fix two issues in iommu_copy_struct_from_user() | | |
| CVE-2025-37901 | irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs | | |
| CVE-2025-37902 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2025-37903 | drm/amd/display: Fix slab-use-after-free in hdcp | | |
| CVE-2025-37904 | btrfs: fix the inode leak in btrfs_iget() | | |
| CVE-2025-37905 | firmware: arm_scmi: Balance device refcount when destroying devices | | |
| CVE-2025-37906 | ublk: fix race between io_uring_cmd_complete_in_task and ublk_cancel_cmd | | |
| CVE-2025-37907 | accel/ivpu: Fix locking order in ivpu_job_submit | | |
| CVE-2025-37908 | mm, slab: clean up slab->obj_exts always | | |
| CVE-2025-37909 | net: lan743x: Fix memleak issue when GSO enabled | | |
| CVE-2025-37910 | ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations | | |
| CVE-2025-37911 | bnxt_en: Fix out-of-bound memcpy() during ethtool -w | | |
| CVE-2025-37912 | ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() | | |
| CVE-2025-37913 | net_sched: qfq: Fix double list add in class with netem as child qdisc | | |
| CVE-2025-37914 | net_sched: ets: Fix double list add in class with netem as child qdisc | | |
| CVE-2025-37915 | net_sched: drr: Fix double list add in class with netem as child qdisc | | |
| CVE-2025-37916 | pds_core: remove write-after-free of client_id | | |
| CVE-2025-37917 | net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll | | |
| CVE-2025-37918 | Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() | | |
| CVE-2025-37919 | ASoC: amd: acp: Fix NULL pointer deref in acp_i2s_set_tdm_slot | | |
| CVE-2025-37920 | xsk: Fix race condition in AF_XDP generic RX path | | |
| CVE-2025-37921 | vxlan: vnifilter: Fix unlocked deletion of default FDB entry | | |
| CVE-2025-37922 | book3s64/radix : Align section vmemmap start address to PAGE_SIZE | | |
| CVE-2025-37923 | tracing: Fix oob write in trace_seq_to_buffer() | | |
| CVE-2025-37924 | ksmbd: fix use-after-free in kerberos authentication | | |
| CVE-2025-37925 | jfs: reject on-disk inodes of an unsupported type | S | |
| CVE-2025-37926 | ksmbd: fix use-after-free in ksmbd_session_rpc_open | | |
| CVE-2025-37927 | iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid | | |
| CVE-2025-37928 | dm-bufio: don't schedule in atomic context | | |
| CVE-2025-37929 | arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays | | |
| CVE-2025-37930 | drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() | | |
| CVE-2025-37931 | btrfs: adjust subpage bit start based on sectorsize | | |
| CVE-2025-37932 | sch_htb: make htb_qlen_notify() idempotent | | |
| CVE-2025-37933 | octeon_ep: Fix host hang issue during device reboot | | |
| CVE-2025-37934 | ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction | | |
| CVE-2025-37935 | net: ethernet: mtk_eth_soc: fix SER panic with 4GB+ RAM | | |
| CVE-2025-37936 | perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value. | | |
| CVE-2025-37937 | objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() | | |
| CVE-2025-37938 | tracing: Verify event formats that have "%*p.." | | |
| CVE-2025-37939 | libbpf: Fix accessing BTF.ext core_relo header | | |
| CVE-2025-37940 | ftrace: Add cond_resched() to ftrace_graph_set_hash() | | |
| CVE-2025-37941 | ASoC: codecs: wcd937x: fix a potential memory leak in wcd937x_soc_codec_probe() | | |
| CVE-2025-37942 | HID: pidff: Make sure to fetch pool before checking SIMULTANEOUS_MAX | | |
| CVE-2025-37943 | wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi | | |
| CVE-2025-37944 | wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process | | |
| CVE-2025-37945 | net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY | | |
| CVE-2025-37946 | s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs | | |
| CVE-2025-37947 | ksmbd: prevent out-of-bounds stream writes by validating *pos | | |
| CVE-2025-37948 | arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs | | |
| CVE-2025-37949 | xenbus: Use kref to track req lifetime | | |
| CVE-2025-37950 | ocfs2: fix panic in failed foilio allocation | | |
| CVE-2025-37951 | drm/v3d: Add job to pending list if the reset was skipped | | |
| CVE-2025-37952 | ksmbd: Fix UAF in __close_file_table_ids | | |
| CVE-2025-37953 | sch_htb: make htb_deactivate() idempotent | | |
| CVE-2025-37954 | smb: client: Avoid race in open_cached_dir with lease breaks | | |
| CVE-2025-37955 | virtio-net: free xsk_buffs on error in virtnet_xsk_pool_enable() | | |
| CVE-2025-37956 | ksmbd: prevent rename with empty string | | |
| CVE-2025-37957 | KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception | | |
| CVE-2025-37958 | mm/huge_memory: fix dereferencing invalid pmd migration entry | | |
| CVE-2025-37959 | bpf: Scrub packet on bpf_redirect_peer | | |
| CVE-2025-37960 | memblock: Accept allocated memory before use in memblock_double_array() | | |
| CVE-2025-37961 | ipvs: fix uninit-value for saddr in do_output_route4 | | |
| CVE-2025-37962 | ksmbd: fix memory leak in parse_lease_state() | | |
| CVE-2025-37963 | arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users | | |
| CVE-2025-37964 | x86/mm: Eliminate window where TLB flushes may be inadvertently skipped | | |
| CVE-2025-37965 | drm/amd/display: Fix invalid context error in dml helper | | |
| CVE-2025-37966 | riscv: Fix kernel crash due to PR_SET_TAGGED_ADDR_CTRL | | |
| CVE-2025-37967 | usb: typec: ucsi: displayport: Fix deadlock | | |
| CVE-2025-37968 | iio: light: opt3001: fix deadlock due to concurrent flag access | | |
| CVE-2025-37969 | iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo | | |
| CVE-2025-37970 | iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo | | |
| CVE-2025-37971 | staging: bcm2835-camera: Initialise dev in v4l2_dev | | |
| CVE-2025-37972 | Input: mtk-pmic-keys - fix possible null pointer dereference | | |
| CVE-2025-37973 | wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation | | |
| CVE-2025-37974 | s390/pci: Fix missing check for zpci_create_device() error return | | |
| CVE-2025-37975 | riscv: module: Fix out-of-bounds relocation access | | |
| CVE-2025-37976 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2025-37977 | scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set | | |
| CVE-2025-37978 | block: integrity: Do not call set_page_dirty_lock() | | |
| CVE-2025-37979 | ASoC: qcom: Fix sc7280 lpass potential buffer overflow | | |
| CVE-2025-37980 | block: fix resource leak in blk_register_queue() error path | | |
| CVE-2025-37981 | scsi: smartpqi: Use is_kdump_kernel() to check for kdump | | |
| CVE-2025-37982 | wifi: wl1251: fix memory leak in wl1251_tx_work | | |
| CVE-2025-37983 | qibfs: fix _another_ leak | | |
| CVE-2025-37984 | crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() | | |
| CVE-2025-37985 | USB: wdm: close race between wdm_open and wdm_wwan_port_stop | | |
| CVE-2025-37986 | usb: typec: class: Invalidate USB device pointers on partner unregistration | | |
| CVE-2025-37987 | pds_core: Prevent possible adminq overflow/stuck condition | | |
| CVE-2025-37988 | fix a couple of races in MNT_TREE_BENEATH handling by do_move_mount() | | |
| CVE-2025-37989 | net: phy: leds: fix memory leak | | |
| CVE-2025-37990 | wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() | | |
| CVE-2025-37991 | parisc: Fix double SIGFPE crash | | |
| CVE-2025-37992 | net_sched: Flush gso_skb list too during ->change() | | |
| CVE-2025-37993 | can: m_can: m_can_class_allocate_dev(): initialize spin lock on device probe | | |
| CVE-2025-37994 | usb: typec: ucsi: displayport: Fix NULL pointer access | | |
| CVE-2025-37995 | module: ensure that kobject_put() is safe for module type kobjects | | |
| CVE-2025-37996 | KVM: arm64: Fix uninitialized memcache pointer in user_mem_abort() | | |
| CVE-2025-37997 | netfilter: ipset: fix region locking in hash types | | |
| CVE-2025-37998 | openvswitch: Fix unsafe attribute parsing in output_userspace() | | |
| CVE-2025-37999 | fs/erofs/fileio: call erofs_onlinefolio_split() after bio_add_folio() | |