CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53491 – start_kernel: Add __no_stack_protector function attribute
https://notcve.org/view.php?id=CVE-2023-53491
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: start_kernel: Add __no_stack_protector function attribute Back during the discussion of commit a9a3ed1eff36 ("x86: Fix early boot crash on gcc-10, third try") we discussed the need for a function attribute to control the omission of stack protectors on a per-function basis; at the time Clang had support for no_stack_protector but GCC did not. This was fixed in gcc-11. Now that the function attribute is available, let's start using it. Calle... • https://git.kernel.org/stable/c/420594296838fdc9a674470d710cda7d1487f9f4 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53489 – tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
https://notcve.org/view.php?id=CVE-2023-53489
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported [0] memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socket(AF_INET, SOCK_DGRAM, 0) sk.setsockopt(SOL_SOCKET, SO_TIMESTAMPING, SOF_TIMESTAMPING_TX_SOFTWARE) sk.setsockopt(SOL_SOCKET, SO_ZEROCOPY, 1) sk.sendto(b'', MSG_ZEROCOPY, ('127.0.0.1', 53)) sk.close() sendmsg() calls msg_zerocopy_alloc(), which al... • https://git.kernel.org/stable/c/f214f915e7db99091f1312c48b30928c1e0c90b7 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53488 – IB/hfi1: Fix possible panic during hotplug remove
https://notcve.org/view.php?id=CVE-2023-53488
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the update counters work might be pending, and may run after memory has been freed. Cancel the update counters work before freeing memory. In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the update counters work might be pending, and may ru... • https://git.kernel.org/stable/c/7724105686e718ac476a6ad3304fea2fbcfcffde •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50469 – staging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw()
https://notcve.org/view.php?id=CVE-2022-50469
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw() In rtw_init_drv_sw(), there are various init functions are called to populate the padapter structure and some checks for their return value. However, except for the first one error path, the other five error paths do not properly release the previous allocated resources, which leads to various memory leaks. This patch fixes them and keeps the success and error separate. Note... • https://git.kernel.org/stable/c/554c0a3abf216c991c5ebddcdb2c08689ecd290b •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50468 – platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init()
https://notcve.org/view.php?id=CVE-2022-50468
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() The following WARNING message was given when rmmod cros_usbpd_notify: Unexpected driver unregister! WARNING: CPU: 0 PID: 253 at drivers/base/driver.c:270 driver_unregister+0x8a/0xb0 Modules linked in: cros_usbpd_notify(-) CPU: 0 PID: 253 Comm: rmmod Not tainted 6.1.0-rc3 #24 ... Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50466 – fs/binfmt_elf: Fix memory leak in load_elf_binary()
https://notcve.org/view.php?id=CVE-2022-50466
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/binfmt_elf: Fix memory leak in load_elf_binary() There is a memory leak reported by kmemleak: unreferenced object 0xffff88817104ef80 (size 224): comm "xfs_admin", pid 47165, jiffies 4298708825 (age 1333.476s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 60 a8 b3 00 81 88 ff ff a8 10 5a 00 81 88 ff ff `.........Z..... backtrace: [
CVSS: 7.7EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50465 – ext4: fix leaking uninitialized memory in fast-commit journal
https://notcve.org/view.php?id=CVE-2022-50465
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix leaking uninitialized memory in fast-commit journal When space at the end of fast-commit journal blocks is unused, make sure to zero it out so that uninitialized memory is not leaked to disk. In the Linux kernel, the following vulnerability has been resolved: ext4: fix leaking uninitialized memory in fast-commit journal When space at the end of fast-commit journal blocks is unused, make sure to zero it out so that uninitialized me... • https://git.kernel.org/stable/c/aa75f4d3daaeb1389b9cce9d6b84401eaf228d4e •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50463 – powerpc/52xx: Fix a resource leak in an error handling path
https://notcve.org/view.php?id=CVE-2022-50463
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/52xx: Fix a resource leak in an error handling path The error handling path of mpc52xx_lpbfifo_probe() has a request_irq() that is not balanced by a corresponding free_irq(). Add the missing call, as already done in the remove function. In the Linux kernel, the following vulnerability has been resolved: powerpc/52xx: Fix a resource leak in an error handling path The error handling path of mpc52xx_lpbfifo_probe() has a request_irq() ... • https://git.kernel.org/stable/c/3c9059d79f5eea6b8b75ddac97693127c3c41db4 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50462 – MIPS: vpe-mt: fix possible memory leak while module exiting
https://notcve.org/view.php?id=CVE-2022-50462
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fix possible memory leak while module exiting Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, it need be freed when module exiting, call put_device() to give up reference, so that it can be freed in kobject_cleanup() when the refcount hit to 0. The vpe_device is static, so remove kfree() from vpe_device_release(). In the Linux kernel, the fo... • https://git.kernel.org/stable/c/1fa5ae857bb14f6046205171d98506d8112dd74e •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50461 – net: ethernet: ti: am65-cpsw: Fix PM runtime leakage in am65_cpsw_nuss_ndo_slave_open()
https://notcve.org/view.php?id=CVE-2022-50461
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix PM runtime leakage in am65_cpsw_nuss_ndo_slave_open() Ensure pm_runtime_put() is issued in error path. • https://git.kernel.org/stable/c/93a76530316a3d8cc2d82c3deca48424fee92100 •