CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50296 – UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
https://notcve.org/view.php?id=CVE-2022-50296
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS is selected, cpu_max_bits_warn() generates a runtime warning similar as below while we show /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit) instead of NR_CPUS to iterate CPUs. [ 3.052463] ------------[ cut here ]------------ [ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x5f... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50294 – wifi: libertas: fix memory leak in lbs_init_adapter()
https://notcve.org/view.php?id=CVE-2022-50294
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix memory leak in lbs_init_adapter() When kfifo_alloc() failed in lbs_init_adapter(), cmd buffer is not released. Add free memory to processing error path. In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix memory leak in lbs_init_adapter() When kfifo_alloc() failed in lbs_init_adapter(), cmd buffer is not released. Add free memory to processing error path. This update provides the initi... • https://git.kernel.org/stable/c/7919b89c8276d657976d4d4d6b7cb58ea1aa08c3 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50293 – btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range
https://notcve.org/view.php?id=CVE-2022-50293
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range If we get -ENOMEM while dropping file extent items in a given range, at btrfs_drop_extents(), due to failure to allocate memory when attempting to increment the reference count for an extent or drop the reference count, we handle it with a BUG_ON(). This is excessive, instead we can simply abort the transaction and return the error to the caller. In fact most callers of... • https://git.kernel.org/stable/c/39279cc3d2704cfbf9c35dcb5bdd392159ae4625 •
CVSS: 6.3EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50291 – kcm: annotate data-races around kcm->rx_psock
https://notcve.org/view.php?id=CVE-2022-50291
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm->rx_psock kcm->rx_psock can be read locklessly in kcm_rfree(). Annotate the read and writes accordingly. We do the same for kcm->rx_wait in the following patch. syzbot reported: BUG: KCSAN: data-race in kcm_rfree / unreserve_rx_kcm write to 0xffff888123d827b8 of 8 bytes by task 2758 on cpu 1: unreserve_rx_kcm+0x72/0x1f0 net/kcm/kcmsock.c:313 kcm_rcv_strparser+0x2b5/0x3a0 net/kcm/kcmsock.c:373 __strp_recv+... • https://git.kernel.org/stable/c/ab7ac4eb9832e32a09f4e8042705484d2fb0aad3 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53241 – nfsd: call op_release, even when op_func returns an error
https://notcve.org/view.php?id=CVE-2023-53241
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: nfsd: call op_release, even when op_func returns an error For ops with "trivial" replies, nfsd4_encode_operation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is calling op_release. This could cause a memory leak in the layoutget codepath if there is an error at an inopportune time. Have the compound processing engine always call op_release, even when op_func sets an error in ... • https://git.kernel.org/stable/c/34b1744c91ccd44811005822106945fa80ecbff2 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53238 – phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
https://notcve.org/view.php?id=CVE-2023-53238
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() The size of array 'priv->ports[]' is INNO_PHY_PORT_NUM. In the for loop, 'i' is used as the index for array 'priv->ports[]' with a check (i > INNO_PHY_PORT_NUM) which indicates that INNO_PHY_PORT_NUM is allowed value for 'i' in the same loop. This > comparison needs to be changed to >=, otherwise it potentially leads to an out of bounds write on the next iteration through t... • https://git.kernel.org/stable/c/ba8b0ee81fbbc249e60f84bf097bd56e8047c742 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53234 – watchdog: Fix kmemleak in watchdog_cdev_register
https://notcve.org/view.php?id=CVE-2023-53234
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix kmemleak in watchdog_cdev_register kmemleak reports memory leaks in watchdog_dev_register, as follows: unreferenced object 0xffff888116233000 (size 2048): comm ""modprobe"", pid 28147, jiffies 4353426116 (age 61.741s) hex dump (first 32 bytes): 80 fa b9 05 81 88 ff ff 08 30 23 16 81 88 ff ff .........0#..... 08 30 23 16 81 88 ff ff 00 00 00 00 00 00 00 00 .0#............. backtrace: [<000000007f001ffd>] __kmem_cache_alloc_node... • https://git.kernel.org/stable/c/450caf1faa0d7bbbd1da93d3ee8c5edea7bc51a8 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53231 – erofs: Fix detection of atomic context
https://notcve.org/view.php?id=CVE-2023-53231
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: erofs: Fix detection of atomic context Current check for atomic context is not sufficient as z_erofs_decompressqueue_endio can be called under rcu lock from blk_mq_flush_plug_list(). See the stacktrace [1] In such case we should hand off the decompression work for async processing rather than trying to do sync decompression in current context. Patch fixes the detection by checking for rcu_read_lock_any_held() and while at it use more approp... • https://git.kernel.org/stable/c/aea1286dcbbb87cf33595c2ac8b153c29a4611cb •
CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53229 – wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta
https://notcve.org/view.php?id=CVE-2023-53229
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta Avoid potential data corruption issues caused by uninitialized driver private data structures. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta Avoid potential data corruption issues caused by uninitialized driver private data structures. This update provides the initi... • https://git.kernel.org/stable/c/6a9d1b91f34df1935bc0ad98114801a44db0f98c • CWE-908: Use of Uninitialized Resource •
CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53226 – wifi: mwifiex: Fix OOB and integer underflow when rx packets
https://notcve.org/view.php?id=CVE-2023-53226
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiex_process_mgmt_packet, mwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet, mwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet not out-of-bounds access the skb->data buffer. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiex_process_mgmt_packet, mwif... • https://git.kernel.org/stable/c/2dbaf751b1dec3a603130a475f94cc4d3f404362 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •