CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54152 – can: j1939: prevent deadlock by moving j1939_sk_errqueue()
https://notcve.org/view.php?id=CVE-2023-54152
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939_sk_errqueue() This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a net down event. The deadlock involves locks in the following order: 3 j1939_session_list_lock -> active_session_list_lock j1939_session_activate ... j1939_sk_queue_activate_next -> sk_session_queue_lock ... j19... • https://git.kernel.org/stable/c/5b9272e93f2efe3f6cda60cc2c26817b2ce49386 •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54151 – f2fs: Fix system crash due to lack of free space in LFS
https://notcve.org/view.php?id=CVE-2023-54151
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix system crash due to lack of free space in LFS When f2fs tries to checkpoint during foreground gc in LFS mode, system crash occurs due to lack of free space if the amount of dirty node and dentry pages generated by data migration exceeds free space. The reproduction sequence is as follows. - 20GiB capacity block device (null_blk) - format and mount with LFS mode - create a file and write 20,000MiB - 4k random write on full range of... • https://git.kernel.org/stable/c/f4631d295ae3fff9e240ab78dc17f4b83d14f7bc •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54150 – drm/amd: Fix an out of bounds error in BIOS parser
https://notcve.org/view.php?id=CVE-2023-54150
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix an out of bounds error in BIOS parser The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error. commit 4fc1ba4aa589 ("drm/amd/display: fix array index out of bound error in bios parser") fixed some of this, but there are two other cases not covered by it. Fix those as well. In the Linux kernel, the following vulnerability has been res... • https://git.kernel.org/stable/c/b8e7589f50b709b647b642531599e70707faf70c •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54149 – net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses
https://notcve.org/view.php?id=CVE-2023-54149
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver (the only one which supports UC filtering and MC filtering) as a DSA master for a random other DSA switch, one can see the following stack trace when the downstream switch ports join a VLAN-aware bridge: ============================= WARNING: suspicious RCU usage ----------------------------- net/8021q/vlan_core.c:238 suspicious rcu_derefere... • https://git.kernel.org/stable/c/64fdc5f341db01200e33105265d4b8450122a82e •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54148 – net/mlx5e: Move representor neigh cleanup to profile cleanup_tx
https://notcve.org/view.php?id=CVE-2023-54148
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel encapsulation in ECMP (Equal-Cost Multipath) mode, as the flow is duplicated to the peer eswitch, the related neighbour information on the peer uplink representor is created as well. In the cited commit, eswitch devcom unpair is moved to uplink unload API, specifically the profile->cleanup_tx. If there is a encap rule offloaded in ECMP mode, when one eswitch does ... • https://git.kernel.org/stable/c/b17294e7aa8c39dbb9c3e28e2d1983c88b94b387 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54147 – media: platform: mtk-mdp3: Add missing check and free for ida_alloc
https://notcve.org/view.php?id=CVE-2023-54147
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for ida_alloc Add the check for the return value of the ida_alloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx->id" if mdp_m2m_open fails later in order to avoid memory leak. In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for ida_alloc Add the check for the return value of the ida_allo... • https://git.kernel.org/stable/c/61890ccaefaff89f5babd2c8412fd222c3f5fe38 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54146 – x86/kexec: Fix double-free of elf header buffer
https://notcve.org/view.php?id=CVE-2023-54146
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 ("x86/kexec: fix memory leak of elf header buffer"), freeing image->elf_headers in the error path of crash_load_segments() is not needed because kimage_file_post_load_cleanup() will take care of that later. And not clearing it could result in a double-free. Drop the superfluous vfree() call at the error path of crash_load_segments(). In the Linux kernel, the following vulner... • https://git.kernel.org/stable/c/8765a423a87d74ef24ea02b43b2728fe4039f248 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54145 – bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log
https://notcve.org/view.php?id=CVE-2023-54145
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" warning, as verifier has a fixed-sized buffer of 1024 bytes (as of now), and there are at least two pieces of user-provided information that can be output through this buffer, and both can be arbitrarily sized by user: - BTF names; - BTF.ext source code lines strings. Verifier log buffer should be properly sized f... • https://git.kernel.org/stable/c/40c88c429a598006f91ad7a2b89856cd50b3a008 •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54144 – drm/amdkfd: Fix kernel warning during topology setup
https://notcve.org/view.php?id=CVE-2023-54144
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kernel warning during topology setup This patch fixes the following kernel warning seen during driver load by correctly initializing the p2plink attr before creating the sysfs file: [ +0.002865] ------------[ cut here ]------------ [ +0.002327] kobject: '(null)' (0000000056260cfb): is not initialized, yet kobject_put() is being called. [ +0.004780] WARNING: CPU: 32 PID: 1006 at lib/kobject.c:718 kobject_put+0xaa/0x1c0 [ +0.0... • https://git.kernel.org/stable/c/0f28cca87e9afc22280c44d378d2a6e249933977 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54143 – media: mediatek: vcodec: fix resource leaks in vdec_msg_queue_init()
https://notcve.org/view.php?id=CVE-2023-54143
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix resource leaks in vdec_msg_queue_init() If we encounter any error in the vdec_msg_queue_init() then we need to set "msg_queue->wdma_addr.size = 0;". Normally, this is done inside the vdec_msg_queue_deinit() function. However, if the first call to allocate &msg_queue->wdma_addr fails, then the vdec_msg_queue_deinit() function is a no-op. For that situation, just set the size to zero explicitly and return. There w... • https://git.kernel.org/stable/c/b199fe46f35c57a415acd4d5295b0f4e35048c11 •