CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54197 – Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
https://notcve.org/view.php?id=CVE-2023-54197
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" This reverts commit 1e9ac114c4428fdb7ff4635b45d4f46017e8916f. This patch introduces a possible null-ptr-def problem. Revert it. And the fixed bug by this patch have resolved by commit 73f7b171b7c0 ("Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition"). The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various ... • https://git.kernel.org/stable/c/95eacef5692545f199fae4e52abfbfa273acb351 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54187 – f2fs: fix potential corruption when moving a directory
https://notcve.org/view.php?id=CVE-2023-54187
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4_rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b ("ext4: Fix possible corruption when moving a directory") • https://git.kernel.org/stable/c/622f28ae9ba4fa89b4ff0f4a6cf75d153ea838ce •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54186 – usb: typec: altmodes/displayport: fix pin_assignment_show
https://notcve.org/view.php?id=CVE-2023-54186
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show when get_current_pin_assignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN: use-after-free in pin_assignment_show+0x26c/0x33c ... Call trace: dump_backtrace+0x110/0x204 dump_stack_lvl+0x84/0xbc print_report+0x358/0x974 kasan_report+0x9c/0xfc __do_kernel_fault+0xd4/0x2d4 do_bad_area+0x48/0x... • https://git.kernel.org/stable/c/0e3bb7d6894d9b6e67d6382bb03a46a1dc989588 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54185 – btrfs: remove BUG_ON()'s in add_new_free_space()
https://notcve.org/view.php?id=CVE-2023-54185
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG_ON()'s in add_new_free_space() At add_new_free_space() we have these BUG_ON()'s that are there to deal with any failure to add free space to the in memory free space cache. Such failures are mostly -ENOMEM that should be very rare. However there's no need to have these BUG_ON()'s, we can just return any error to the caller and all callers and their upper call chain are already dealing with errors. So just make add_new_free... • https://git.kernel.org/stable/c/0f9dd46cda36b8de3b9f48bc42bd09d20b9c3b52 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54184 – scsi: target: iscsit: Free cmds before session free
https://notcve.org/view.php?id=CVE-2023-54184
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That leads to use-after-free at command free or NPE with such call trace: Time2Retain timer expired for SID: 1, cleaning up iSCSI session. BUG: kernel NULL pointer dereference, address: 0000000000000140 RIP: 0010:sbitmap_queue_clear+0x3a/0xa0 Call Trace: target_release_cmd_kref+0xd1/0x1f0 [target_core_mod] transport_ge... • https://git.kernel.org/stable/c/988e3a85463d9b6dabc681df3f8f131b23c19953 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54183 – media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()
https://notcve.org/view.php?id=CVE-2023-54183
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() If fwnode_graph_get_remote_endpoint() fails, 'fwnode' is known to be NULL, so fwnode_handle_put() is a no-op. Release the reference taken from a previous fwnode_graph_get_port_parent() call instead. Also handle fwnode_graph_get_port_parent() failures. In order to fix these issues, add an error handling path to the function and the needed gotos. The SUSE Linux Enterp... • https://git.kernel.org/stable/c/ca50c197bd9610ea984cfc0dc6855f183cbb46f8 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54180 – btrfs: handle case when repair happens with dev-replace
https://notcve.org/view.php?id=CVE-2023-54180
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace [BUG] There is a bug report that a BUG_ON() in btrfs_repair_io_failure() (originally repair_io_failure() in v6.0 kernel) got triggered when replacing a unreliable disk: BTRFS warning (device sda1): csum failed root 257 ino 2397453 off 39624704 csum 0xb0d18c75 expected csum 0x4dae9c5e mirror 3 kernel BUG at fs/btrfs/extent_io.c:2380! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 9 PI... • https://git.kernel.org/stable/c/ad6d620e2a5704f6bf3a39c92a75aad962c51cb3 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54179 – scsi: qla2xxx: Array index may go out of bound
https://notcve.org/view.php?id=CVE-2023-54179
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. Use snprintf() instead of sprintf(). The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54178 – of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name()
https://notcve.org/view.php?id=CVE-2023-54178
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name() when kmalloc() fail to allocate memory in kasprintf(), name or full_name will be NULL, strcmp() will cause null pointer dereference. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/0d638a07d3a1e98a7598eb2812a6236324e4c55f •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54177 – quota: fix warning in dqgrab()
https://notcve.org/view.php?id=CVE-2023-54177
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab() There's issue as follows when do fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquot_disable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm: fsconfig Not tainted 6.3.0-next-20230505-00006-g5107a9c821af-dirty #541 RIP: 0010:dquot_disable+0x13b7/0x18c0 RSP: 0018:ffffc9000acc79e0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88825e41b980 RDX: 000000000... • https://git.kernel.org/stable/c/9f985cb6c45bc3f8b7e161c9658d409d051d576f •