CVSS: 6.4EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50501 – media: coda: Add check for dcoda_iram_alloc
https://notcve.org/view.php?id=CVE-2022-50501
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcoda_iram_alloc As the coda_iram_alloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others. In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcoda_iram_alloc As the coda_iram_alloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter der... • https://git.kernel.org/stable/c/b313bcc9a46795c0233a765411cef9a15caaa7fb •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-50499 – media: dvb-core: Fix double free in dvb_register_device()
https://notcve.org/view.php?id=CVE-2022-50499
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: Fix double free in dvb_register_device() In function dvb_register_device() -> dvb_register_media_device() -> dvb_create_media_entity(), dvb->entity is allocated and initialized. If the initialization fails, it frees the dvb->entity, and return an error code. The caller takes the error code and handles the error by calling dvb_media_device_free(), which unregisters the entity and frees the field again if it is not NULL. As d... • https://git.kernel.org/stable/c/9db28659aa893c68f162b11fd63bb7f6a713e52f •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50497 – binfmt_misc: fix shift-out-of-bounds in check_special_flags
https://notcve.org/view.php?id=CVE-2022-50497
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: fix shift-out-of-bounds in check_special_flags UBSAN reported a shift-out-of-bounds warning: left shift of 1 by 31 places cannot be represented in type 'int' Call Trace:
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50496 – dm cache: Fix UAF in destroy()
https://notcve.org/view.php?id=CVE-2022-50496
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy(). In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy(). The SUSE Linux Enterprise 15 SP5 RT kern... • https://git.kernel.org/stable/c/c6b4fcbad044e6fffcc75bba160e720eb8d67d17 • CWE-825: Expired Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50493 – scsi: qla2xxx: Fix crash when I/O abort times out
https://notcve.org/view.php?id=CVE-2022-50493
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_start_nvme_mq+0x3a2/0x4b0 [qla2xxx] qla_nvme_post_cmd+0x166/0x240 [qla2xxx] nvme_fc_start_fcp_op.part.0+0x119/0x2e0 [nvme_fc] blk_mq_dispatch_rq_list+0x17b/0x610 __blk_mq_sched_dispatch_requests+0xb0/0x140 blk_mq_sched_dispatch_requests+0x30/0x60 _... • https://git.kernel.org/stable/c/71c80b75ce8f08c0978ce9a9816b81b5c3ce5e12 •
CVSS: 6.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50488 – block, bfq: fix possible uaf for 'bfqq->bic'
https://notcve.org/view.php?id=CVE-2022-50488
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ================================================================== BUG: KASAN: use-after-free in bfq_select_queue+0x378/0xa30 CPU: 6 PID: 2318352 Comm: fsstress Kdump: loaded Not tainted 5.10.0-60.18.0.50.h602.kasan.eulerosv2r11.x86_64 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58-20220320_160524-szxrtosci10000 ... • https://git.kernel.org/stable/c/4dfc12f8c94c8052e975060f595938f75e8b7165 • CWE-826: Premature Release of Resource During Expected Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53579 – gpio: mvebu: fix irq domain leak
https://notcve.org/view.php?id=CVE-2023-53579
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action. In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action. The ... • https://git.kernel.org/stable/c/812d47889a8e418d7bea9bec383581a34c19183e •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53578 – net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()
https://notcve.org/view.php?id=CVE-2023-53578
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtr_tx_resume+0x185/0x1f0 net/qrtr/af_qrtr.c:230 qrtr_tx_resume+0x185/0x1f0 net/qrtr/af_qrtr.c:230 qrtr_endpoint_post+0xf85/0x11b0 net/qrtr/af_qrtr.c:519 qrtr_tun_write_iter+0x270/0x400 net/qrtr/tun.c:108 call_write_iter include/linux/fs.h:2189 [inline] aio_wr... • https://git.kernel.org/stable/c/5fdeb0d372ab33b4175043a2a4a1730239a217f1 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53577 – bpf, cpumap: Make sure kthread is running before map update returns
https://notcve.org/view.php?id=CVE-2023-53577
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdp_redirect_cpu with some RT threads: ------------[ cut here ]------------ WARNING: CPU: 4 PID: 65 at kernel/bpf/cpumap.c:135 CPU: 4 PID: 65 Comm: kworker/4:1 Not tainted 6.5.0-rc2+ #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Workqueue: events cpu_map_kthread_stop RIP: 0010:put_cpu_map_entry+0... • https://git.kernel.org/stable/c/6710e1126934d8b4372b4d2f9ae1646cd3f151bf • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53576 – null_blk: Always check queue mode setting from configfs
https://notcve.org/view.php?id=CVE-2023-53576
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: null_blk: Always check queue mode setting from configfs Make sure to check device queue mode in the null_validate_conf() and return error for NULL_Q_RQ as we don't allow legacy I/O path, without this patch we get OOPs when queue mode is set to 1 from configfs, following are repro steps :- modprobe null_blk nr_devices=0 mkdir config/nullb/nullb0 echo 1 > config/nullb/nullb0/memory_backed echo 4096 > config/nullb/nullb0/blocksize echo 20480 >... • https://git.kernel.org/stable/c/e50b1e327aeb4b224364aa6f85c1713ff8b3654b • CWE-1288: Improper Validation of Consistency within Input •