CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54312 – samples/bpf: Fix buffer overflow in tcp_basertt
https://notcve.org/view.php?id=CVE-2023-54312
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix buffer overflow in tcp_basertt Using sizeof(nv) or strlen(nv)+1 is correct. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/c890063e440456e75c2e70f6bcec3797f1771eb6 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54311 – ext4: fix deadlock when converting an inline directory in nojournal mode
https://notcve.org/view.php?id=CVE-2023-54311
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock when converting an inline directory in nojournal mode In no journal mode, ext4_finish_convert_inline_dir() can self-deadlock by calling ext4_handle_dirty_dirblock() when it already has taken the directory lock. There is a similar self-deadlock in ext4_incvert_inline_data_nolock() for data files which we'll fix at the same time. A simple reproducer demonstrating the problem: mke2fs -Fq -t ext2 -O inline_data -b 4k /dev/vdc... • https://git.kernel.org/stable/c/3c47d54170b6a678875566b1b8d6dcf57904e49b •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54310 – scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition
https://notcve.org/view.php?id=CVE-2023-54310
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition mptlan_probe() calls mpt_register_lan_device() which initializes the &priv->post_buckets_task workqueue. A call to mpt_lan_wake_post_buckets_task() will subsequently start the work. During driver unload in mptlan_remove() the following race may occur: CPU0 CPU1 |mpt_lan_post_receive_buckets_work() mptlan_remove() | free_netdev() | kfree(dev); | | | dev->m... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54309 – tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
https://notcve.org/view.php?id=CVE-2023-54309
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by initializing 'workqueue' as the very first step of the driver initialization. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/6f99612e250041a2402d3b1694bccb149cd424a4 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54305 – ext4: refuse to create ea block when umounted
https://notcve.org/view.php?id=CVE-2023-54305
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access s_root while it is already set as NULL when umount is triggered. Refuse this request to avoid panic. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/e50e5129f384ae282adebfb561189cdb19b81cee •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54300 – wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
https://notcve.org/view.php?id=CVE-2023-54300
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx For the reasons also described in commit b383e8abed41 ("wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()"), ath9k_htc_rx_msg() should validate pkt_len before accessing the SKB. For example, the obtained SKB may have been badly constructed with pkt_len = 8. In this case, the SKB can only contain a valid htc_frame_hdr but after being processed in ath9k_htc_rx_msg() a... • https://git.kernel.org/stable/c/fb9987d0f748c983bb795a86f47522313f701a08 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54299 – usb: typec: bus: verify partner exists in typec_altmode_attention
https://notcve.org/view.php?id=CVE-2023-54299
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs will negotiate DisplayPort Alt mode with the device but will then negotiate a data role swap after entering the alt mode. The data role swap causes the device to unregister all alt modes, however the usb hub will still send Attention messages even after failing to reregister the Alt Mode. type_altmode_attention currently does not verify whether or not a device's... • https://git.kernel.org/stable/c/8a37d87d72f0c69f837229c04d2fcd7117ea57e7 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54298 – thermal: intel: quark_dts: fix error pointer dereference
https://notcve.org/view.php?id=CVE-2023-54298
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quark_dts: fix error pointer dereference If alloc_soc_dts() fails, then we can just return. Trying to free "soc_dts" will lead to an Oops. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/8c1876939663191b5044807230fa295f35462215 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54295 – mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
https://notcve.org/view.php?id=CVE-2023-54295
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type spi_nor_set_erase_type() was used either to set or to mask out an erase type. When we used it to mask out an erase type a shift-out-of-bounds was hit: UBSAN: shift-out-of-bounds in drivers/mtd/spi-nor/core.c:2237:24 shift exponent 4294967295 is too large for 32-bit type 'int' The setting of the size_{shift, mask} and of the opcode are unnecessary when the erase size is zero, as... • https://git.kernel.org/stable/c/5390a8df769ec9ba9c995191bb0867430f602ebb •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54294 – md/raid10: fix memleak of md thread
https://notcve.org/view.php?id=CVE-2023-54294
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10_run(), if setup_conf() succeed and raid10_run() failed before setting 'mddev->thread', then in the error path 'conf->thread' is not freed. Fix the problem by setting 'mddev->thread' right after setup_conf(). The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/43a521238aca0e24d50add1db125a61bda2a3527 •