CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-40334 – drm/amdgpu: validate userq buffer virtual address and size
https://notcve.org/view.php?id=CVE-2025-40334
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq buffer virtual address and size It needs to validate the userq object virtual address to determine whether it is residented in a valid vm mapping. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq buffer virtual address and size It needs to validate the userq object virtual address to determine whether it is residented in a valid vm mapping. • https://git.kernel.org/stable/c/5a577de86c4a1c67ca405571d6ef84e65c6897d1 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-40333 – f2fs: fix infinite loop in __insert_extent_tree()
https://notcve.org/view.php?id=CVE-2025-40333
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in __insert_extent_tree() When we get wrong extent info data, and look up extent_node in rb tree, it will cause infinite loop (CONFIG_F2FS_CHECK_FS=n). Avoiding this by return NULL and print some kernel messages in that case. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in __insert_extent_tree() When we get wrong extent info data, and look up extent_node in rb tree, it w... • https://git.kernel.org/stable/c/765f8816d3959ef1f3f7f85e2af748594d091f40 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-40332 – drm/amdkfd: Fix mmap write lock not release
https://notcve.org/view.php?id=CVE-2025-40332
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svm_range_restore_pages calls mmap_read_unlock then returns. This causes deadlock and system hangs later because mmap read or write lock cannot be taken. Downgrade mmap write lock to read lock if draining retry fault fix this bug. In the Linux kernel, the following vulnerability has been resolved: drm/a... • https://git.kernel.org/stable/c/e2105ba1c262dcaa9573f11844b6e1e1ca762c3f •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53866 – ASoC: soc-compress: Reposition and add pcm_mutex
https://notcve.org/view.php?id=CVE-2023-53866
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: Reposition and add pcm_mutex If panic_on_warn is set and compress stream(DPCM) is started, then kernel panic occurred because card->pcm_mutex isn't held appropriately. In the following functions, warning were issued at this line "snd_soc_dpcm_mutex_assert_held". static int dpcm_be_connect(struct snd_soc_pcm_runtime *fe, struct snd_soc_pcm_runtime *be, int stream) { ... snd_soc_dpcm_mutex_assert_held(fe); ... } void dpcm_... • https://git.kernel.org/stable/c/9576b7ccc20365d27c26c494651c89360a85bbdc •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53863 – netlink: do not hard code device address lenth in fdb dumps
https://notcve.org/view.php?id=CVE-2023-53863
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address [1] Replace ETH_ALEN by dev->addr_len. [1] (Case of a device where dev->addr_len = 4) BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline] BUG: KMSAN: kernel-infoleak in copyout+0xb8/0x100 lib/iov_iter.c:169 instrument_copy_to_user include/linux/instrumented.h:114 [in... • https://git.kernel.org/stable/c/d83b060360485454fcd6870340ec01d6f96f2295 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53862 – hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
https://notcve.org/view.php?id=CVE-2023-53862
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfs_bnode_get() in __hfs_bnode_create Syzbot found a kernel BUG in hfs_bnode_put(): kernel BUG at fs/hfs/bnode.c:466! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 3634 Comm: kworker/u4:5 Not tainted 6.1.0-rc7-syzkaller-00190-g97ee9d1c1696 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Workqueue: writeback wb_workfn (flush-7:0) RIP: 0010:hfs_bnode_put+0x46f/0x480 fs/hf... • https://git.kernel.org/stable/c/062af3e9930762d1fd22946748d34e0d859e4a8e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53859 – s390/idle: mark arch_cpu_idle() noinstr
https://notcve.org/view.php?id=CVE-2023-53859
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/idle: mark arch_cpu_idle() noinstr linux-next commit ("cpuidle: tracing: Warn about !rcu_is_watching()") adds a new warning which hits on s390's arch_cpu_idle() function: RCU not on for: arch_cpu_idle+0x0/0x28 WARNING: CPU: 2 PID: 0 at include/linux/trace_recursion.h:162 arch_ftrace_ops_list_func+0x24c/0x258 Modules linked in: CPU: 2 PID: 0 Comm: swapper/2 Not tainted 6.2.0-rc6-next-20230202 #4 Hardware name: IBM 8561 T01 703 (z/VM 7.3... • https://git.kernel.org/stable/c/49aa49952116b8fd56bfb1e8c69bce179f49bece •
CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53858 – tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error
https://notcve.org/view.php?id=CVE-2023-53858
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed. In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed. • https://git.kernel.org/stable/c/5f5a7a5578c5885201cf9c85856f023fe8b81765 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53853 – netlink: annotate accesses to nlk->cb_running
https://notcve.org/view.php?id=CVE-2023-53853
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk->cb_running Both netlink_recvmsg() and netlink_native_seq_show() read nlk->cb_running locklessly. Use READ_ONCE() there. Add corresponding WRITE_ONCE() to netlink_dump() and __netlink_dump_start() syzbot reported: BUG: KCSAN: data-race in __netlink_dump_start / netlink_recvmsg write to 0xffff88813ea4db59 of 1 bytes by task 28219 on cpu 0: __netlink_dump_start+0x3af/0x4d0 net/netlink/af_netlink.c:2399 netlin... • https://git.kernel.org/stable/c/16b304f3404f8e0243d5ee2b70b68767b7b59b2b •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53849 – drm/msm: fix workqueue leak on bind errors
https://notcve.org/view.php?id=CVE-2023-53849
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix workqueue leak on bind errors Make sure to destroy the workqueue also in case of early errors during bind (e.g. a subcomponent failing to bind). Since commit c3b790ea07a1 ("drm: Manage drm_mode_config_init with drmm_") the mode config will be freed when the drm device is released also when using the legacy interface, but add an explicit cleanup for consistency and to facilitate backporting. Patchwork: https://patchwork.freedesk... • https://git.kernel.org/stable/c/060530f1ea6740eb767085008d183f89ccdd289c •