CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53448 – fbdev: imxfb: Removed unneeded release_mem_region
https://notcve.org/view.php?id=CVE-2023-53448
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded release_mem_region Remove unnecessary release_mem_region from the error path to prevent mem region from being released twice, which could avoid resource leak or other unexpected issues. In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded release_mem_region Remove unnecessary release_mem_region from the error path to prevent mem region from being released twice, wh... • https://git.kernel.org/stable/c/b083c22d51148f3d3028291343196471be5d9f36 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50444 – clk: tegra20: Fix refcount leak in tegra20_clock_init
https://notcve.org/view.php?id=CVE-2022-50444
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: tegra20: Fix refcount leak in tegra20_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: clk: tegra20: Fix refcount leak in tegra20_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use... • https://git.kernel.org/stable/c/37c26a906527b8a6a252614ca83d21ad318c4e84 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50443 – drm/rockchip: lvds: fix PM usage counter unbalance in poweron
https://notcve.org/view.php?id=CVE-2022-50443
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix it by replacing it with the newest pm_runtime_resume_and_get to keep usage counter balanced. In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pm_runtime_get_s... • https://git.kernel.org/stable/c/34cc0aa2545603560c79aaea3340d8ff3a71bd10 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50442 – fs/ntfs3: Validate buffer length while parsing index
https://notcve.org/view.php?id=CVE-2022-50442
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate buffer length while parsing index indx_read is called when we have some NTFS directory operations that need more information from the index buffers. This adds a sanity check to make sure the returned index buffer length is legit, or we may have some out-of-bound memory accesses. [ 560.897595] BUG: KASAN: slab-out-of-bounds in hdr_find_e.isra.0+0x10c/0x320 [ 560.898321] Read of size 2 at addr ffff888009497238 by task exp/2... • https://git.kernel.org/stable/c/4534a70b7056fd4b9a1c6db5a4ce3c98546b291e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50441 – net/mlx5: Lag, fix failure to cancel delayed bond work
https://notcve.org/view.php?id=CVE-2022-50441
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work Commit 0d4e8ed139d8 ("net/mlx5: Lag, avoid lockdep warnings") accidentally removed a call to cancel delayed bond work thus it may cause queued delay to expire and fall on an already destroyed work queue. Fix by restoring the call cancel_delayed_work_sync() before destroying the workqueue. This prevents call trace such as this: [ 329.230417] BUG: kernel NULL pointer dereference, address:... • https://git.kernel.org/stable/c/ff24a802204620214afa75a5e64280f40015e399 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50440 – drm/vmwgfx: Validate the box size for the snooped cursor
https://notcve.org/view.php?id=CVE-2022-50440
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimensions of the copybox have to be validated against the expected size of the snooped cursor. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace d... • https://git.kernel.org/stable/c/2ac863719e518ae1a8f328849e64ea26a222f079 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50439 – ASoC: mediatek: mt8173: Enable IRQ when pdata is ready
https://notcve.org/view.php?id=CVE-2022-50439
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8173: Enable IRQ when pdata is ready If the device does not come straight from reset, we might receive an IRQ before we are ready to handle it. [ 2.334737] Unable to handle kernel read from unreadable memory at virtual address 00000000000001e4 [ 2.522601] Call trace: [ 2.525040] regmap_read+0x1c/0x80 [ 2.528434] mt8173_afe_irq_handler+0x40/0xf0 ... [ 2.598921] start_kernel+0x338/0x42c In the Linux kernel, the following vul... • https://git.kernel.org/stable/c/ee0bcaff109f36d582df9851f204c9a5eb79c028 •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50438 – net: hinic: fix memory leak when reading function table
https://notcve.org/view.php?id=CVE-2022-50438
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: hinic: fix memory leak when reading function table When the input parameter idx meets the expected case option in hinic_dbg_get_func_table(), read_data is not released. Fix it. In the Linux kernel, the following vulnerability has been resolved: net: hinic: fix memory leak when reading function table When the input parameter idx meets the expected case option in hinic_dbg_get_func_table(), read_data is not released. Fix it. • https://git.kernel.org/stable/c/5215e16244ee5889cc6135381acdbf4cbcb7905a •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50437 – drm/msm/hdmi: fix memory corruption with too many bridges
https://notcve.org/view.php?id=CVE-2022-50437
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight bridges. Patchwork: https://patchwork.freedesktop.org/patch/502670/ In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: fix memory corruption with too many bridges Add the missing sanity check on the bridg... • https://git.kernel.org/stable/c/a3376e3ec81c5dd0622cbc187db76d2824d31c1c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50436 – ext4: don't set up encryption key during jbd2 transaction
https://notcve.org/view.php?id=CVE-2022-50436
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: don't set up encryption key during jbd2 transaction Commit a80f7fcf1867 ("ext4: fixup ext4_fc_track_* functions' signature") extended the scope of the transaction in ext4_unlink() too far, making it include the call to ext4_find_entry(). However, ext4_find_entry() can deadlock when called from within a transaction because it may need to set up the directory's encryption key. Fix this by restoring the transaction to its original scope.... • https://git.kernel.org/stable/c/a80f7fcf18672ae4971a6b713b58c0d389aa99fe • CWE-833: Deadlock •