Publish Advisories

GHSA-5c3p-rf64-5rph
GHSA-5fwg-rrmc-r9r3
GHSA-5vxv-jx6g-44wr
GHSA-frvj-f982-mfmx
GHSA-r9mx-4c25-vp64
GHSA-wh65-53hg-mxpv
GHSA-x952-wmpf-82wc

Author: advisory-database[bot]

advisories/unreviewed/2025/09/GHSA-5c3p-rf64-5rph/GHSA-5c3p-rf64-5rph.json

@@ -0,0 +1,49 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5c3p-rf64-5rph",
+  "modified": "2025-09-07T18:31:27Z",
+  "published": "2025-09-07T18:31:27Z",
+  "aliases": [
+    "CVE-2025-39731"
+  ],
+  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: vm_unmap_ram() may be called from an invalid context\n\nWhen testing F2FS with xfstests using UFS backed virtual disks the\nkernel complains sometimes that f2fs_release_decomp_mem() calls\nvm_unmap_ram() from an invalid context. Example trace from\nf2fs/007 test:\n\nf2fs/007 5s ...  [12:59:38][    8.902525] run fstests f2fs/007\n[   11.468026] BUG: sleeping function called from invalid context at mm/vmalloc.c:2978\n[   11.471849] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 68, name: irq/22-ufshcd\n[   11.475357] preempt_count: 1, expected: 0\n[   11.476970] RCU nest depth: 0, expected: 0\n[   11.478531] CPU: 0 UID: 0 PID: 68 Comm: irq/22-ufshcd Tainted: G        W           6.16.0-rc5-xfstests-ufs-g40f92e79b0aa #9 PREEMPT(none)\n[   11.478535] Tainted: [W]=WARN\n[   11.478536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[   11.478537] Call Trace:\n[   11.478543]  <TASK>\n[   11.478545]  dump_stack_lvl+0x4e/0x70\n[   11.478554]  __might_resched.cold+0xaf/0xbe\n[   11.478557]  vm_unmap_ram+0x21/0xb0\n[   11.478560]  f2fs_release_decomp_mem+0x59/0x80\n[   11.478563]  f2fs_free_dic+0x18/0x1a0\n[   11.478565]  f2fs_finish_read_bio+0xd7/0x290\n[   11.478570]  blk_update_request+0xec/0x3b0\n[   11.478574]  ? sbitmap_queue_clear+0x3b/0x60\n[   11.478576]  scsi_end_request+0x27/0x1a0\n[   11.478582]  scsi_io_completion+0x40/0x300\n[   11.478583]  ufshcd_mcq_poll_cqe_lock+0xa3/0xe0\n[   11.478588]  ufshcd_sl_intr+0x194/0x1f0\n[   11.478592]  ufshcd_threaded_intr+0x68/0xb0\n[   11.478594]  ? __pfx_irq_thread_fn+0x10/0x10\n[   11.478599]  irq_thread_fn+0x20/0x60\n[   11.478602]  ? __pfx_irq_thread_fn+0x10/0x10\n[   11.478603]  irq_thread+0xb9/0x180\n[   11.478605]  ? __pfx_irq_thread_dtor+0x10/0x10\n[   11.478607]  ? __pfx_irq_thread+0x10/0x10\n[   11.478609]  kthread+0x10a/0x230\n[   11.478614]  ? __pfx_kthread+0x10/0x10\n[   11.478615]  ret_from_fork+0x7e/0xd0\n[   11.478619]  ? __pfx_kthread+0x10/0x10\n[   11.478621]  ret_from_fork_asm+0x1a/0x30\n[   11.478623]  </TASK>\n\nThis patch modifies in_task() check inside f2fs_read_end_io() to also\ncheck if interrupts are disabled. This ensures that pages are unmapped\nasynchronously in an interrupt handler.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39731"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/08a7efc5b02a0620ae16aa9584060e980a69cb55"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/0fe7976b62546f1e95eebfe9879925e9aa22b7a8"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/1023836d1b9465593c8746f97d608da32958785f"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/18eea36f4f460ead3750ed4afe5496f7ce55f99e"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/411e00f44e2e1a7fdb526013b25a7f0ed22a0947"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/eb69e69a5ae6c8350957893b5f68bd55b1565fb2"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-07T16:15:48Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-5fwg-rrmc-r9r3/GHSA-5fwg-rrmc-r9r3.json

@@ -0,0 +1,33 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5fwg-rrmc-r9r3",
+  "modified": "2025-09-07T18:31:26Z",
+  "published": "2025-09-07T18:31:26Z",
+  "aliases": [
+    "CVE-2025-39729"
+  ],
+  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix dereferencing uninitialized error pointer\n\nFix below smatch warnings:\ndrivers/crypto/ccp/sev-dev.c:1312 __sev_platform_init_locked()\nerror: we previously assumed 'error' could be null",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39729"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/0fa766726c091ff0ec7d26874f6e4724d23ecb0e"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/841634e1fdc2bdf35ab851fc279fd3bedcdf5e93"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-07T16:15:48Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-5vxv-jx6g-44wr/GHSA-5vxv-jx6g-44wr.json

@@ -0,0 +1,41 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5vxv-jx6g-44wr",
+  "modified": "2025-09-07T18:31:27Z",
+  "published": "2025-09-07T18:31:27Z",
+  "aliases": [
+    "CVE-2025-39732"
+  ],
+  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask()\n\nath11k_mac_disable_peer_fixed_rate() is passed as the iterator to\nieee80211_iterate_stations_atomic(). Note in this case the iterator is\nrequired to be atomic, however ath11k_mac_disable_peer_fixed_rate() does\nnot follow it as it might sleep. Consequently below warning is seen:\n\nBUG: sleeping function called from invalid context at wmi.c:304\nCall Trace:\n <TASK>\n dump_stack_lvl\n __might_resched.cold\n ath11k_wmi_cmd_send\n ath11k_wmi_set_peer_param\n ath11k_mac_disable_peer_fixed_rate\n ieee80211_iterate_stations_atomic\n ath11k_mac_op_set_bitrate_mask.cold\n\nChange to ieee80211_iterate_stations_mtx() to fix this issue.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39732"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/65c12b104cb942d588a1a093acc4537fb3d3b129"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/6bdef22d540258ca06f079f7b6ae100669a19b47"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/7d4d0db0dc9424de2bdc0b45e919e4892603356f"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/9c0e3144924c7db701575a73af341d33184afeaf"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-07T16:15:48Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-frvj-f982-mfmx/GHSA-frvj-f982-mfmx.json

@@ -0,0 +1,61 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-frvj-f982-mfmx",
+  "modified": "2025-09-07T18:31:27Z",
+  "published": "2025-09-07T18:31:27Z",
+  "aliases": [
+    "CVE-2025-39730"
+  ],
+  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix filehandle bounds checking in nfs_fh_to_dentry()\n\nThe function needs to check the minimal filehandle length before it can\naccess the embedded filehandle.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39730"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/2ad40b7992aa26bc631afc1a995b0e3ddc30de3f"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/3570ef5c31314c13274c935a20b91768ab5bf412"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/763810bb883cb4de412a72f338d80947d97df67b"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/7dd36f7477d1e03a1fcf8d13531ca326c4fb599f"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/7f8eca87fef7519e9c41f3258f25ebc2752247ee"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/b7f7866932466332a2528fda099000b035303485"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/cb09afa0948d96b1e385d609ed044bb1aa043536"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/ef93a685e01a281b5e2a25ce4e3428cf9371a205"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-07T16:15:48Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-r9mx-4c25-vp64/GHSA-r9mx-4c25-vp64.json

@@ -0,0 +1,37 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-r9mx-4c25-vp64",
+  "modified": "2025-09-07T18:31:27Z",
+  "published": "2025-09-07T18:31:27Z",
+  "aliases": [
+    "CVE-2025-39733"
+  ],
+  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: replace team lock with rtnl lock\n\nsyszbot reports various ordering issues for lower instance locks and\nteam lock. Switch to using rtnl lock for protecting team device,\nsimilar to bonding. Based on the patch by Tetsuo Handa.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39733"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/53edc761c9911f597b6d701e846f6e84f15eaa6d"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/556a4337ba3e9a70e1e3a428e8465c3ea3c4aa41"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/bfb4fb77f9a8ce33ce357224569eae5564eec573"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-07T16:15:50Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-wh65-53hg-mxpv/GHSA-wh65-53hg-mxpv.json

@@ -0,0 +1,53 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-wh65-53hg-mxpv",
+  "modified": "2025-09-07T18:31:27Z",
+  "published": "2025-09-07T18:31:27Z",
+  "aliases": [
+    "CVE-2025-39734"
+  ],
+  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"fs/ntfs3: Replace inode_trylock with inode_lock\"\n\nThis reverts commit 69505fe98f198ee813898cbcaf6770949636430b.\n\nInitially, conditional lock acquisition was removed to fix an xfstest bug\nthat was observed during internal testing. The deadlock reported by syzbot\nis resolved by reintroducing conditional acquisition. The xfstest bug no\nlonger occurs on kernel version 6.16-rc1 during internal testing. I\nassume that changes in other modules may have contributed to this.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39734"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/1903a6c1f2818154f6bc87bceaaecafa92b6ac5c"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/7ce6f83ca9d52c9245b7a017466fc4baa1241b0b"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/a49f0abd8959048af18c6c690b065eb0d65b2d21"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/a936be9b5f51c4d23f66fb673e9068c6b08104a4"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/b356ee013a79e7e3147bfe065de376706c5d2ee9"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/bd20733746263acaaf2a21881665db27ee4303d5"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/bec8109f957a6e193e52d1728799994c8005ca83"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-07T16:15:50Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-x952-wmpf-82wc/GHSA-x952-wmpf-82wc.json

@@ -0,0 +1,41 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-x952-wmpf-82wc",
+  "modified": "2025-09-07T18:31:26Z",
+  "published": "2025-09-07T18:31:26Z",
+  "aliases": [
+    "CVE-2025-39727"
+  ],
+  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: swap: fix potential buffer overflow in setup_clusters()\n\nIn setup_swap_map(), we only ensure badpages are in range (0, last_page]. \nAs maxpages might be < last_page, setup_clusters() will encounter a buffer\noverflow when a badpage is >= maxpages.\n\nOnly call inc_cluster_info_page() for badpage which is < maxpages to fix\nthe issue.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39727"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/152c1339dc13ad46f1b136e8693de15980750835"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/815c528b13f2bb9b3130c13bedeabf2351a68129"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/91b370800b3f2b3dda244c0ab06719c4971190a5"
+    },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/9b01ada580ee84fb319e7ecb5fb5b1f54a9eb799"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-07T16:15:46Z"
+  }
+}