CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-53250 – firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle
https://notcve.org/view.php?id=CVE-2023-53250
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 1373 Comm: modprobe Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:dmi_sysfs_entry_release ... Call Trace:
CVSS: 6.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53248 – drm/amdgpu: install stub fence into potential unused fence pointers
https://notcve.org/view.php?id=CVE-2023-53248
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: install stub fence into potential unused fence pointers When using cpu to update page tables, vm update fences are unused. Install stub fence into these fence pointers instead of NULL to avoid NULL dereference when calling dma_fence_wait() on them. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: install stub fence into potential unused fence pointers When using cpu to update page tables, vm update... • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53245 – scsi: storvsc: Fix handling of virtual Fibre Channel timeouts
https://notcve.org/view.php?id=CVE-2023-53245
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them in a guest VM as a SCSI device. I/O to the vFC device is handled by the storvsc driver. The storvsc driver includes a partial integration with the FC transport implemented in the generic portion of the Linux SCSI subsystem so that FC attributes can be displayed in /sys. However, the par... • https://git.kernel.org/stable/c/3930d7309807ba0bfa460dfa9ed68d5560347dd2 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53244 – media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish
https://notcve.org/view.php?id=CVE-2023-53244
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish When the driver calls tw68_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a empty buffer buf->cpu. Later when we free the buffer or access the buffer, null ptr deref is triggered. This bug is similar to the following one: https://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae911d71. We believe t... • https://git.kernel.org/stable/c/e15d1c12c5878b3a80d6573af1721e17264e0286 • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50315 – ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
https://notcve.org/view.php?id=CVE-2022-50315
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS UBSAN complains about array-index-out-of-bounds: [ 1.980703] kernel: UBSAN: array-index-out-of-bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41 [ 1.980709] kernel: index 15 is out of range for type 'ahci_em_priv [8]' [ 1.980713] kernel: CPU: 0 PID: 209 Comm: scsi_eh_8 Not tainted 5.15.0-25-generic #25-Ubuntu [ 1.980716] kernel: Hardware name: System manufacturer Sy... • https://git.kernel.org/stable/c/18f7ba4c2f4be6b37d925931f04d6cc28d88d1ee •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50314 – nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
https://notcve.org/view.php?id=CVE-2022-50314
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: nbd: Fix hung when signal interrupts nbd_start_device_ioctl() syzbot reported hung task [1]. The following program is a simplified version of the reproducer: int main(void) { int sv[2], fd; if (socketpair(AF_UNIX, SOCK_STREAM, 0, sv) < 0) return 1; if ((fd = open("/dev/nbd0", 0)) < 0) return 1; if (ioctl(fd, NBD_SET_SIZE_BLOCKS, 0x81) < 0) return 1; if (ioctl(fd, NBD_SET_SOCK, sv[0]) < 0) return 1; if (ioctl(fd, NBD_DO_IT) < 0) return 1; re... • https://git.kernel.org/stable/c/5ea8d10802ec4c153a6e21eebaf412e2abd29736 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50312 – drivers: serial: jsm: fix some leaks in probe
https://notcve.org/view.php?id=CVE-2022-50312
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/03a8482c17dd0ae3251451d54cbbc03f930f21d5 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50311 – cxl: Fix refcount leak in cxl_calc_capp_routing
https://notcve.org/view.php?id=CVE-2022-50311
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: cxl: Fix refcount leak in cxl_calc_capp_routing of_get_next_parent() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. This function only calls of_node_put() in normal path, missing it in the error path. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: cxl: Fix refcount leak in cxl_calc_capp_routing of_get_next_paren... • https://git.kernel.org/stable/c/f24be42aab37c6d07c05126673138e06223a6399 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50309 – media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
https://notcve.org/view.php?id=CVE-2022-50309
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented,... • https://git.kernel.org/stable/c/df3305156f989339529b3d6744b898d498fb1f7b •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50304 – mtd: core: fix possible resource leak in init_mtd()
https://notcve.org/view.php?id=CVE-2022-50304
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: core: fix possible resource leak in init_mtd() I got the error report while inject fault in init_mtd(): sysfs: cannot create duplicate filename '/devices/virtual/bdi/mtd-0' Call Trace: