CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54246 – rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle()
https://notcve.org/view.php?id=CVE-2023-54246
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle() The rcuscale.holdoff module parameter can be used to delay the start of rcu_scale_writer() kthread. However, the hung-task timeout will trigger when the timeout specified by rcuscale.holdoff is greater than hung_task_timeout_secs: runqemu kvm nographic slirp qemuparams="-smp 4 -m 2048M" bootparams="rcuscale.shutdown=0 rcuscale.holdoff=300" [ 247.071753] INFO: ta... • https://git.kernel.org/stable/c/df37e66bfdbb57e8cae7dbf39a0c66b1b8701338 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54244 – ACPI: EC: Fix oops when removing custom query handlers
https://notcve.org/view.php?id=CVE-2023-54244
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was already unloaded. Fix this by flushing the EC query workqueue when removing custom query handlers. Tested on a Acer Travelmate 4002WLMi • https://git.kernel.org/stable/c/a62e8f1978f49e52f87a711ff6711b323d4b12ff •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50872 – ARM: OMAP2+: Fix memory leak in realtime_counter_init()
https://notcve.org/view.php?id=CVE-2022-50872
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtime_counter_init() The "sys_clk" resource is malloced by clk_get(), it is not released when the function return. • https://git.kernel.org/stable/c/fa6d79d27614223d82418023b7f5300f1a1530d3 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50871 – wifi: ath11k: Fix qmi_msg_handler data structure initialization
https://notcve.org/view.php?id=CVE-2022-50871
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmi_msg_handler data structure initialization qmi_msg_handler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead to infinite loop while searching the handler and therefore out of bound access in qmi_invoke_handler(). Hence update the initialization in qmi_msg_handler data structure. Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50870 – powerpc/rtas: avoid device tree lookups in rtas_os_term()
https://notcve.org/view.php?id=CVE-2022-50870
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ state changes. If the kernel panics while devtree_lock is held, rtas_os_term() as currently written could hang. Instead of discovering the relevant characteristics at panic time, cache them in file-static vari... • https://git.kernel.org/stable/c/088186ded490ced80758200cf8f906ed741df306 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50868 – hwrng: amd - Fix PCI device refcount leak
https://notcve.org/view.php?id=CVE-2022-50868
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also decrease the reference count for the input pci_dev @from if it is not NULL. If we break for_each_pci_dev() loop with pdev not NULL, we need to call pci_dev_put() to decrease the reference count. Add the missing pci_dev_put() for the n... • https://git.kernel.org/stable/c/96d63c0297ccfd6d9059c614b3f5555d9441a2b3 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50866 – ASoC: pxa: fix null-pointer dereference in filter()
https://notcve.org/view.php?id=CVE-2022-50866
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter() kasprintf() would return NULL pointer when kmalloc() fail to allocate. Need to check the return pointer before calling strcmp(). • https://git.kernel.org/stable/c/7a824e214e25a49442fe868dac0af8a904b24f58 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50865 – tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
https://notcve.org/view.php?id=CVE-2022-50865
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() The type of sk_rcvbuf and sk_sndbuf in struct sock is int, and in tcp_add_backlog(), the variable limit is caculated by adding sk_rcvbuf, sk_sndbuf and 64 * 1024, it may exceed the max value of int and overflow. This patch reduces the limit budget by halving the sndbuf to solve this issue since ACK packets are much smaller than the payload. • https://git.kernel.org/stable/c/c9c3321257e1b95be9b375f811fb250162af8d39 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50864 – nilfs2: fix shift-out-of-bounds due to too large exponent of block size
https://notcve.org/view.php?id=CVE-2022-50864
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds due to too large exponent of block size If field s_log_block_size of superblock data is corrupted and too large, init_nilfs() and load_nilfs() still can trigger a shift-out-of-bounds warning followed by a kernel panic (if panic_on_warn is set): shift exponent 38973 is too large for 32-bit type 'int' Call Trace:
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50860 – apparmor: Fix memleak in alloc_ns()
https://notcve.org/view.php?id=CVE-2022-50860
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in alloc_ns() After changes in commit a1bd627b46d1 ("apparmor: share profile name on replacement"), the hname member of struct aa_policy is not valid slab object, but a subset of that, it can not be freed by kfree_sensitive(), use aa_policy_destroy() to fix it. • https://git.kernel.org/stable/c/a1bd627b46d169268a0ee5960899fb5be960a317 •