CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54207 – HID: uclogic: Correct devm device reference for hidinput input_dev name
https://notcve.org/view.php?id=CVE-2023-54207
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the logi... • https://git.kernel.org/stable/c/cce2dbdf258e6b27b2b100f511531edabb77f427 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50846 – mmc: via-sdmmc: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50846
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. In the remove() path, mmc_remove_host() will be called to delete device, but it's not added yet, it will lead a kernel crash because of null-ptr-deref in device_del(). Fix this by checking the return value and goto error path which wil... • https://git.kernel.org/stable/c/f0bf7f61b8405224bc52fc9a3ccd167a68126e00 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50840 – scsi: snic: Fix possible UAF in snic_tgt_create()
https://notcve.org/view.php?id=CVE-2022-50840
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snic_tgt_create() Smatch reports a warning as follows: drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn: '&tgt->list' not removed from list If device_add() fails in snic_tgt_create(), tgt will be freed, but tgt->list will not be removed from snic->disc.tgt_list, then list traversal may cause UAF. Remove from snic->disc.tgt_list before free(). The SUSE Linux Enterprise 15 SP5 RT kernel was updated to f... • https://git.kernel.org/stable/c/c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50834 – nfc: Fix potential resource leaks
https://notcve.org/view.php?id=CVE-2022-50834
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfc_get_device() take reference for the device, add missing nfc_put_device() to release it when not need anymore. Also fix the style warnning by use error EOPNOTSUPP instead of ENOTSUPP. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/5ce3f32b5264b337bfd13a780452a17705307725 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50832 – wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
https://notcve.org/view.php?id=CVE-2022-50832
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() The wilc_mac_xmit() returns NETDEV_TX_OK without freeing skb, add dev_kfree_skb() to fix it. Compile tested only. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/c5c77ba18ea66aa05441c71e38473efb787705a4 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50829 – wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
https://notcve.org/view.php?id=CVE-2022-50829
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), then usb_submit_urb() fails and we try to free skb again. It causes use-after-free bug. Moreover, if alloc_skb() fails, urb->context becomes NULL but rx_buf is not freed and there can be a memory leak. The patch removes unnecessary nskb and makes skb processing more clear: it is supposed that ath9k_htc_rx_msg() eithe... • https://git.kernel.org/stable/c/3deff76095c4ac4252e27c537db3041f619c23a2 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54198 – tty: fix out-of-bounds access in tty_driver_lookup_tty()
https://notcve.org/view.php?id=CVE-2023-54198
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: fix out-of-bounds access in tty_driver_lookup_tty() When specifying an invalid console= device like console=tty3270, tty_driver_lookup_tty() returns the tty struct without checking whether index is a valid number. To reproduce: qemu-system-x86_64 -enable-kvm -nographic -serial mon:stdio \ -kernel ../linux-build-x86/arch/x86/boot/bzImage \ -append "console=ttyS0 console=tty3270" This crashes with: [ 0.770599] BUG: kernel NULL pointer de... • https://git.kernel.org/stable/c/99f1fe189daf8e99a847e420567e49dd7ee2aae7 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54187 – f2fs: fix potential corruption when moving a directory
https://notcve.org/view.php?id=CVE-2023-54187
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4_rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b ("ext4: Fix possible corruption when moving a directory") • https://git.kernel.org/stable/c/622f28ae9ba4fa89b4ff0f4a6cf75d153ea838ce •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54185 – btrfs: remove BUG_ON()'s in add_new_free_space()
https://notcve.org/view.php?id=CVE-2023-54185
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG_ON()'s in add_new_free_space() At add_new_free_space() we have these BUG_ON()'s that are there to deal with any failure to add free space to the in memory free space cache. Such failures are mostly -ENOMEM that should be very rare. However there's no need to have these BUG_ON()'s, we can just return any error to the caller and all callers and their upper call chain are already dealing with errors. So just make add_new_free... • https://git.kernel.org/stable/c/0f9dd46cda36b8de3b9f48bc42bd09d20b9c3b52 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54184 – scsi: target: iscsit: Free cmds before session free
https://notcve.org/view.php?id=CVE-2023-54184
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That leads to use-after-free at command free or NPE with such call trace: Time2Retain timer expired for SID: 1, cleaning up iSCSI session. BUG: kernel NULL pointer dereference, address: 0000000000000140 RIP: 0010:sbitmap_queue_clear+0x3a/0xa0 Call Trace: target_release_cmd_kref+0xd1/0x1f0 [target_core_mod] transport_ge... • https://git.kernel.org/stable/c/988e3a85463d9b6dabc681df3f8f131b23c19953 •