CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-54142 – gtp: Fix use-after-free in __gtp_encap_destroy().
https://notcve.org/view.php?id=CVE-2023-54142
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in __gtp_encap_destroy(). syzkaller reported use-after-free in __gtp_encap_destroy(). [0] It shows the same process freed sk and touched it illegally. Commit e198987e7dd7 ("gtp: fix suspicious RCU usage") added lock_sock() and release_sock() in __gtp_encap_destroy() to protect sk->sk_user_data, but release_sock() is called after sock_put() releases the last refcnt. [0]: BUG: KASAN: slab-use-after-free in instrument_a... • https://git.kernel.org/stable/c/01f3c64e405ab3d25887d080a103ad76f30661d2 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54140 – nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
https://notcve.org/view.php?id=CVE-2023-54140
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that mark_buffer_dirty() called from __nilfs_mark_inode_dirty() or nilfs_palloc_commit_alloc_entry() may output a kernel warning, and can panic if the kernel is booted with panic_on_warn. This is because nilfs2 keeps buffer pointers in local structures for some metadata and reuses them, but such buffers may be fo... • https://git.kernel.org/stable/c/8c26c4e2694a163d525976e804d81cd955bbb40c •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54136 – serial: sprd: Fix DMA buffer leak issue
https://notcve.org/view.php?id=CVE-2023-54136
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fix DMA buffer leak issue Release DMA buffer when _probe() returns failure to avoid memory leak. • https://git.kernel.org/stable/c/f4487db58eb780a52d768f3b36aaaa8fd5839215 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54134 – autofs: fix memory leak of waitqueues in autofs_catatonic_mode
https://notcve.org/view.php?id=CVE-2023-54134
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofs_catatonic_mode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 (size 96): comm "syz-executor399", pid 3631, jiffies 4294964921 (age 23.870s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 08 9e 27 0b 81 88 ff ff ..........'..... 08 9e 27 0b 81 88 ff ff 00 00 00 00 00 00 00 00 ..'............. backtrace: [
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54132 – erofs: stop parsing non-compact HEAD index if clusterofs is invalid
https://notcve.org/view.php?id=CVE-2023-54132
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image [1] with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 ~ lclustersize-1, which causes the following unexpected behavior as below: BUG: unable to handle page fault for address: fffff52101a3fff9 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 23ffed067 P4D 23ffed067 PUD 0... • https://git.kernel.org/stable/c/02827e1796b33f1794966f5c3101f8da2dfa9c1d •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54130 – hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling
https://notcve.org/view.php?id=CVE-2023-54130
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling Commit 55d1cbbbb29e ("hfs/hfsplus: use WARN_ON for sanity check") fixed a build warning by turning a comment into a WARN_ON(), but it turns out that syzbot then complains because it can trigger said warning with a corrupted hfs image. The warning actually does warn about a bad situation, but we are much better off just handling it as the error it is. So rather than war... • https://git.kernel.org/stable/c/55d1cbbbb29e6656c662ee8f73ba1fc4777532eb •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54129 – octeontx2-af: Add validation for lmac type
https://notcve.org/view.php?id=CVE-2023-54129
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation for lmac type Upon physical link change, firmware reports to the kernel about the change along with the details like speed, lmac_type_id, etc. Kernel derives lmac_type based on lmac_type_id received from firmware. In a few scenarios, firmware returns an invalid lmac_type_id, which is resulting in below kernel panic. This patch adds the missing validation of the lmac_type_id field. Internal error: Oops: 96000005 ... • https://git.kernel.org/stable/c/61071a871ea6eb2125ece91c1a0dbb124a318c8a •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54127 – fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount()
https://notcve.org/view.php?id=CVE-2023-54127
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() Syzkaller reported the following issue: ================================================================== BUG: KASAN: double-free in slab_free mm/slub.c:3787 [inline] BUG: KASAN: double-free in __kmem_cache_free+0x71/0x110 mm/slub.c:3800 Free of addr ffff888086408000 by task syz-executor.4/12750 [...] Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54126 – crypto: safexcel - Cleanup ring IRQ workqueues on load failure
https://notcve.org/view.php?id=CVE-2023-54126
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on load failure A failure loading the safexcel driver results in the following warning on boot, because the IRQ affinity has not been correctly cleaned up. Ensure we clean up the affinity and workqueues on a failure to load the driver. crypto-safexcel: probe of f2800000.crypto failed with error -2 ------------[ cut here ]------------ WARNING: CPU: 1 PID: 232 at kernel/irq/manage.c:1913 free_irq... • https://git.kernel.org/stable/c/1b44c5a60c137e5fd0c2c8b86e58fdbc9cd181ce •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-54125 – fs/ntfs3: Return error for inconsistent extended attributes
https://notcve.org/view.php?id=CVE-2023-54125
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Return error for inconsistent extended attributes ntfs_read_ea is called when we want to read extended attributes. There are some sanity checks for the validity of the EAs. However, it fails to return a proper error code for the inconsistent attributes, which might lead to unpredicted memory accesses after return. [ 138.916927] BUG: KASAN: use-after-free in ntfs_set_ea+0x453/0xbf0 [ 138.923876] Write of size 4 at addr ffff88800205... • https://git.kernel.org/stable/c/1474098b590a426d90f27bb992f17c326e0b60c1 •