{"vulnerability": "cve-2025-2313", "sightings": [{"uuid": "4881b14c-f45c-4e06-a21e-b8eea6bb34d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23138", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114348624612186773", "content": "", "creation_timestamp": "2025-04-16T16:39:03.027679Z"}, {"uuid": "deb2fa3c-ebd0-47de-b91a-26224368b513", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23139", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lohweq5r2c2h", "content": "", "creation_timestamp": "2025-05-06T03:19:27.943034Z"}, {"uuid": "34a066f5-6d5a-4c53-bb98-0a8cac527949", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23138", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lnafpwdvic2b", "content": "", "creation_timestamp": "2025-04-20T10:07:40.518605Z"}, {"uuid": "9a04a774-41eb-449c-a07d-306274ef63eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-23132", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "024286a6-6cf7-4fda-afa6-bbff63f276fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-23131", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "23da16d4-42aa-4915-9a97-24fd2864bd9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23130", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "3e470ce0-8fac-4a10-8bda-e636cdd22a78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23130", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "a080a2bc-62ca-40d8-b34e-3f892967bc08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23131", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "8d0a7568-16e3-4e62-9160-17784ef6edbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23132", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "3d9a89f7-7877-481a-ad43-f2316c33bacf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23133", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "9ebc5e41-0a77-4990-8c0e-dc973d3fdbe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23133", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "42a06f75-f8cc-4be2-8ca4-3bdbe30b89ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23133", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "9737d7c6-c163-4544-9ee3-94d0234e343f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23133", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14801", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23133\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: update channel list in reg notifier instead reg worker\n\nCurrently when ath11k gets a new channel list, it will be processed\naccording to the following steps:\n1. update new channel list to cfg80211 and queue reg_work.\n2. cfg80211 handles new channel list during reg_work.\n3. update cfg80211's handled channel list to firmware by\nath11k_reg_update_chan_list().\n\nBut ath11k will immediately execute step 3 after reg_work is just\nqueued. Since step 2 is asynchronous, cfg80211 may not have completed\nhandling the new channel list, which may leading to an out-of-bounds\nwrite error:\nBUG: KASAN: slab-out-of-bounds in ath11k_reg_update_chan_list\nCall Trace:\n ath11k_reg_update_chan_list+0xbfe/0xfe0 [ath11k]\n kfree+0x109/0x3a0\n ath11k_regd_update+0x1cf/0x350 [ath11k]\n ath11k_regd_update_work+0x14/0x20 [ath11k]\n process_one_work+0xe35/0x14c0\n\nShould ensure step 2 is completely done before executing step 3. Thus\nWen raised patch[1]. When flag NL80211_REGDOM_SET_BY_DRIVER is set,\ncfg80211 will notify ath11k after step 2 is done.\n\nSo enable the flag NL80211_REGDOM_SET_BY_DRIVER then cfg80211 will\nnotify ath11k after step 2 is done. At this time, there will be no\nKASAN bug during the execution of the step 3.\n\n[1] https://patchwork.kernel.org/project/linux-wireless/patch/20230201065313.27203-1-quic_wgong@quicinc.com/\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3\n\ud83d\udccf Published: 2025-04-16T14:13:14.485Z\n\ud83d\udccf Modified: 2025-05-04T13:07:06.636Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/f952fb83c9c6f908d27500764c4aee1df04b9d3f\n2. https://git.kernel.org/stable/c/933ab187e679e6fbdeea1835ae39efcc59c022d2", "creation_timestamp": "2025-05-04T13:18:44.000000Z"}, {"uuid": "63f1ee07-48f3-40a7-ac53-d9f95d3507d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23130", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "d729fd1b-31c7-4c00-870b-6c42c66239db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23132", "type": "seen", "source": "https://t.me/cvedetector/23114", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23132 - F2FS Linux Kernel Quota Writeback Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-23132 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nf2fs: quota: fix to avoid warning in dquot_writeback_dquots() \n \nF2FS-fs (dm-59): checkpoint=enable has some unwritten data. \n \n------------[ cut here ]------------ \nWARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691 dquot_writeback_dquots+0x2fc/0x308 \npc : dquot_writeback_dquots+0x2fc/0x308 \nlr : f2fs_quota_sync+0xcc/0x1c4 \nCall trace: \ndquot_writeback_dquots+0x2fc/0x308 \nf2fs_quota_sync+0xcc/0x1c4 \nf2fs_write_checkpoint+0x3d4/0x9b0 \nf2fs_issue_checkpoint+0x1bc/0x2c0 \nf2fs_sync_fs+0x54/0x150 \nf2fs_do_sync_file+0x2f8/0x814 \n__f2fs_ioctl+0x1960/0x3244 \nf2fs_ioctl+0x54/0xe0 \n__arm64_sys_ioctl+0xa8/0xe4 \ninvoke_syscall+0x58/0x114 \n \ncheckpoint and f2fs_remount may race as below, resulting triggering warning \nin dquot_writeback_dquots(). \n \natomic write remount \n - do_remount \n - down_write(&sb->s_umount); \n - f2fs_remount \n- ioctl \n - f2fs_do_sync_file \n - f2fs_sync_fs \n - f2fs_write_checkpoint \n - block_operations \n - locked = down_read_trylock(&sbi->sb->s_umount) \n : fail to lock due to the write lock was held by remount \n - up_write(&sb->s_umount); \n - f2fs_quota_sync \n - dquot_writeback_dquots \n - WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount)) \n : trigger warning because s_umount lock was unlocked by remount \n \nIf checkpoint comes from mount/umount/remount/freeze/quotactl, caller of \ncheckpoint has already held s_umount lock, calling dquot_writeback_dquots() \nin the context should be safe. \n \nSo let's record task to sbi->umount_lock_holder, so that checkpoint can \nknow whether the lock has held in the context or not by checking current \nw/ it. \n \nIn addition, in order to not misrepresent caller of checkpoint, we should \nnot allow to trigger async checkpoint for those callers: mount/umount/remount/ \nfreeze/quotactl. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:36.000000Z"}, {"uuid": "94e97a61-e1be-4ad5-9cd8-09e6e422ab9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23138", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14800", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23138\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nwatch_queue: fix pipe accounting mismatch\n\nCurrently, watch_queue_set_size() modifies the pipe buffers charged to\nuser->pipe_bufs without updating the pipe->nr_accounted on the pipe\nitself, due to the if (!pipe_has_watch_queue()) test in\npipe_resize_ring(). This means that when the pipe is ultimately freed,\nwe decrement user->pipe_bufs by something other than what than we had\ncharged to it, potentially leading to an underflow. This in turn can\ncause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM.\n\nTo remedy this, explicitly account for the pipe usage in\nwatch_queue_set_size() to match the number set via account_pipe_buffers()\n\n(It's unclear why watch_queue_set_size() does not update nr_accounted;\nit may be due to intentional overprovisioning in watch_queue_set_size()?)\n\ud83d\udccf Published: 2025-04-16T14:13:17.866Z\n\ud83d\udccf Modified: 2025-05-04T13:07:07.800Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/8658c75343ed00e5e154ebbe24335f51ba8db547\n2. https://git.kernel.org/stable/c/471c89b7d4f58bd6082f7c1fe14d4ca15c7f1284\n3. https://git.kernel.org/stable/c/d40e3537265dea9e3c33021874437ff26dc18787\n4. https://git.kernel.org/stable/c/6dafa27764183738dc5368b669b71e3d0d154f12\n5. https://git.kernel.org/stable/c/56ec918e6c86c1536870e4373e91eddd0c44245f\n6. https://git.kernel.org/stable/c/2d680b988656bb556c863d8b46d9b9096842bf3d\n7. https://git.kernel.org/stable/c/205028ebba838938d3b264dda1d0708fa7fe1ade\n8. https://git.kernel.org/stable/c/f13abc1e8e1a3b7455511c4e122750127f6bc9b0", "creation_timestamp": "2025-05-04T13:18:44.000000Z"}, {"uuid": "251b1c1a-685c-4254-99d9-210a65c7e986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23137", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19688", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23137\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update\n\nCheck if policy is NULL before dereferencing it in amd_pstate_update.\n\ud83d\udccf Published: 2025-04-16T14:13:17.061Z\n\ud83d\udccf Modified: 2025-06-27T10:21:17.423Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/82b6dfff0d6000b14b271f74e43d672d81fb390e\n2. https://git.kernel.org/stable/c/b99c1c63d88c75a4dc5487c3696cda38697b8d35\n3. https://git.kernel.org/stable/c/426db24d4db2e4f0d6720aeb7795eafcb9e82640", "creation_timestamp": "2025-06-27T10:49:54.000000Z"}, {"uuid": "1ce9b02f-97e3-4013-b31a-13e9bf00fea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23137", "type": "seen", "source": "https://t.me/cvedetector/23110", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23137 - \"AMD cpufreq NULL Pointer Dereference Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2025-23137 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ncpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update \n \nCheck if policy is NULL before dereferencing it in amd_pstate_update. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:30.000000Z"}, {"uuid": "37958a91-a5cd-4adc-8c33-37efefd737c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23136", "type": "seen", "source": "https://t.me/cvedetector/23118", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23136 - Linux Kernel Thermal Driver NULL Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-23136 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nthermal: int340x: Add NULL check for adev \n \nNot all devices have an ACPI companion fwnode, so adev might be NULL. \nThis is similar to the commit cd2fd6eab480 \n(\"platform/x86: int3472: Check for adev == NULL\"). \n \nAdd a check for adev not being set and return -ENODEV in that case to \navoid a possible NULL pointer deref in int3402_thermal_probe(). \n \nNote, under the same directory, int3400_thermal_probe() has such a \ncheck. \n \n[ rjw: Subject edit, added Fixes: ] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:42.000000Z"}, {"uuid": "2b886105-f441-43ea-8742-503ee239c85e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23135", "type": "seen", "source": "https://t.me/cvedetector/23117", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23135 - RISC-V KVM AIA Exit Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-23135 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nRISC-V: KVM: Teardown riscv specific bits after kvm_exit \n \nDuring a module removal, kvm_exit invokes arch specific disable \ncall which disables AIA. However, we invoke aia_exit before kvm_exit \nresulting in the following warning. KVM kernel module can't be inserted \nafterwards due to inconsistent state of IRQ. \n \n[25469.031389] percpu IRQ 31 still enabled on CPU0! \n[25469.031732] WARNING: CPU: 3 PID: 943 at kernel/irq/manage.c:2476 __free_percpu_irq+0xa2/0x150 \n[25469.031804] Modules linked in: kvm(-) \n[25469.031848] CPU: 3 UID: 0 PID: 943 Comm: rmmod Not tainted 6.14.0-rc5-06947-g91c763118f47-dirty #2 \n[25469.031905] Hardware name: riscv-virtio,qemu (DT) \n[25469.031928] epc : __free_percpu_irq+0xa2/0x150 \n[25469.031976] ra : __free_percpu_irq+0xa2/0x150 \n[25469.032197] epc : ffffffff8007db1e ra : ffffffff8007db1e sp : ff2000000088bd50 \n[25469.032241] gp : ffffffff8131cef8 tp : ff60000080b96400 t0 : ff2000000088baf8 \n[25469.032285] t1 : fffffffffffffffc t2 : 5249207570637265 s0 : ff2000000088bd90 \n[25469.032329] s1 : ff60000098b21080 a0 : 037d527a15eb4f00 a1 : 037d527a15eb4f00 \n[25469.032372] a2 : 0000000000000023 a3 : 0000000000000001 a4 : ffffffff8122dbf8 \n[25469.032410] a5 : 0000000000000fff a6 : 0000000000000000 a7 : ffffffff8122dc10 \n[25469.032448] s2 : ff60000080c22eb0 s3 : 0000000200000022 s4 : 000000000000001f \n[25469.032488] s5 : ff60000080c22e00 s6 : ffffffff80c351c0 s7 : 0000000000000000 \n[25469.032582] s8 : 0000000000000003 s9 : 000055556b7fb490 s10: 00007ffff0e12fa0 \n[25469.032621] s11: 00007ffff0e13e9a t3 : ffffffff81354ac7 t4 : ffffffff81354ac7 \n[25469.032664] t5 : ffffffff81354ac8 t6 : ffffffff81354ac7 \n[25469.032698] status: 0000000200000100 badaddr: ffffffff8007db1e cause: 0000000000000003 \n[25469.032738] [] __free_percpu_irq+0xa2/0x150 \n[25469.032797] [] free_percpu_irq+0x30/0x5e \n[25469.032856] [] kvm_riscv_aia_exit+0x40/0x42 [kvm] \n[25469.033947] [] cleanup_module+0x10/0x32 [kvm] \n[25469.035300] [] __riscv_sys_delete_module+0x18e/0x1fc \n[25469.035374] [] syscall_handler+0x3a/0x46 \n[25469.035456] [] do_trap_ecall_u+0x72/0x134 \n[25469.035536] [] handle_exception+0x148/0x156 \n \nInvoke aia_exit and other arch specific cleanup functions after kvm_exit \nso that disable gets a chance to be called first before exit. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:41.000000Z"}, {"uuid": "ad6ff299-0148-4e4f-a6be-e2fba22dc0d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23134", "type": "seen", "source": "https://t.me/cvedetector/23116", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23134 - ALSA Timer Mutex Deadlock Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-23134 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nALSA: timer: Don't take register_mutex with copy_from/to_user() \n \nThe infamous mmap_lock taken in copy_from/to_user() can be often \nproblematic when it's called inside another mutex, as they might lead \nto deadlocks. \n \nIn the case of ALSA timer code, the bad pattern is with \nguard(mutex)(&register_mutex) that covers copy_from/to_user() -- which \nwas mistakenly introduced at converting to guard(), and it had been \ncarefully worked around in the past. \n \nThis patch fixes those pieces simply by moving copy_from/to_user() out \nof the register mutex lock again. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:37.000000Z"}, {"uuid": "50a377b6-bf6d-433b-9d6d-b8a3d2659ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23133", "type": "seen", "source": "https://t.me/cvedetector/23115", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23133 - Ath11k Linux Kernel Out-of-Bounds Write Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-23133 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nwifi: ath11k: update channel list in reg notifier instead reg worker \n \nCurrently when ath11k gets a new channel list, it will be processed \naccording to the following steps: \n1. update new channel list to cfg80211 and queue reg_work. \n2. cfg80211 handles new channel list during reg_work. \n3. update cfg80211's handled channel list to firmware by \nath11k_reg_update_chan_list(). \n \nBut ath11k will immediately execute step 3 after reg_work is just \nqueued. Since step 2 is asynchronous, cfg80211 may not have completed \nhandling the new channel list, which may leading to an out-of-bounds \nwrite error: \nBUG: KASAN: slab-out-of-bounds in ath11k_reg_update_chan_list \nCall Trace: \n ath11k_reg_update_chan_list+0xbfe/0xfe0 [ath11k] \n kfree+0x109/0x3a0 \n ath11k_regd_update+0x1cf/0x350 [ath11k] \n ath11k_regd_update_work+0x14/0x20 [ath11k] \n process_one_work+0xe35/0x14c0 \n \nShould ensure step 2 is completely done before executing step 3. Thus \nWen raised patch[1]. When flag NL80211_REGDOM_SET_BY_DRIVER is set, \ncfg80211 will notify ath11k after step 2 is done. \n \nSo enable the flag NL80211_REGDOM_SET_BY_DRIVER then cfg80211 will \nnotify ath11k after step 2 is done. At this time, there will be no \nKASAN bug during the execution of the step 3. \n \n[1] \n \nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:37.000000Z"}, {"uuid": "eb5ec208-186f-4289-b608-04a2ddf8f4af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23131", "type": "seen", "source": "https://t.me/cvedetector/23113", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23131 - \"IBM DLM null pointer dereference vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2025-23131 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndlm: prevent NPD when writing a positive value to event_done \n \ndo_uevent returns the value written to event_done. In case it is a \npositive value, new_lockspace would undo all the work, and lockspace \nwould not be set. __dlm_new_lockspace, however, would treat that \npositive value as a success due to commit 8511a2728ab8 (\"dlm: fix use \ncount with multiple joins\"). \n \nDown the line, device_create_lockspace would pass that NULL lockspace to \ndlm_find_lockspace_local, leading to a NULL pointer dereference. \n \nTreating such positive values as successes prevents the problem. Given \nthis has been broken for so long, this is unlikely to break userspace \nexpectations. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:35.000000Z"}, {"uuid": "51008ab7-d548-499f-82e3-680554984bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23130", "type": "seen", "source": "https://t.me/cvedetector/23112", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23130 - F2FS Linux Kernel Pinfile Allocation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-23130 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nf2fs: fix to avoid panic once fallocation fails for pinfile \n \nsyzbot reports a f2fs bug as below: \n \n------------[ cut here ]------------ \nkernel BUG at fs/f2fs/segment.c:2746! \nCPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 \nRIP: 0010:get_new_segment fs/f2fs/segment.c:2746 [inline] \nRIP: 0010:new_curseg+0x1f52/0x1f70 fs/f2fs/segment.c:2876 \nCall Trace: \n \n __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3210 \n f2fs_allocate_new_section fs/f2fs/segment.c:3224 [inline] \n f2fs_allocate_pinning_section+0xfa/0x4e0 fs/f2fs/segment.c:3238 \n f2fs_expand_inode_data+0x696/0xca0 fs/f2fs/file.c:1830 \n f2fs_fallocate+0x537/0xa10 fs/f2fs/file.c:1940 \n vfs_fallocate+0x569/0x6e0 fs/open.c:327 \n do_vfs_ioctl+0x258c/0x2e40 fs/ioctl.c:885 \n __do_sys_ioctl fs/ioctl.c:904 [inline] \n __se_sys_ioctl+0x80/0x170 fs/ioctl.c:892 \n do_syscall_x64 arch/x86/entry/common.c:52 [inline] \n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 \n entry_SYSCALL_64_after_hwframe+0x77/0x7f \n \nConcurrent pinfile allocation may run out of free section, result in \npanic in get_new_segment(), let's expand pin_sem lock coverage to \ninclude f2fs_gc(), so that we can make sure to reclaim enough free \nspace for following allocation. \n \nIn addition, do below changes to enhance error path handling: \n- call f2fs_bug_on() only in non-pinfile allocation path in \nget_new_segment(). \n- call reset_curseg_fields() to reset all fields of curseg in \nnew_curseg() \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:34.000000Z"}, {"uuid": "457dd838-c615-4ee9-ab72-fa0af897e863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23138", "type": "seen", "source": "https://t.me/cvedetector/23111", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23138 - Linux Kernel Pipe Buffer Underflow Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-23138 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nwatch_queue: fix pipe accounting mismatch \n \nCurrently, watch_queue_set_size() modifies the pipe buffers charged to \nuser->pipe_bufs without updating the pipe->nr_accounted on the pipe \nitself, due to the if (!pipe_has_watch_queue()) test in \npipe_resize_ring(). This means that when the pipe is ultimately freed, \nwe decrement user->pipe_bufs by something other than what than we had \ncharged to it, potentially leading to an underflow. This in turn can \ncause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM. \n \nTo remedy this, explicitly account for the pipe usage in \nwatch_queue_set_size() to match the number set via account_pipe_buffers() \n \n(It's unclear why watch_queue_set_size() does not update nr_accounted; \nit may be due to intentional overprovisioning in watch_queue_set_size()?) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:31.000000Z"}, {"uuid": "b9956f07-e78a-4a48-ac8e-f8f4f7371ade", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23133", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}, {"uuid": "72d24899-8790-4e6a-bb6a-aaf78dbb4189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-23130", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}]}