CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50327 – ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value
https://notcve.org/view.php?id=CVE-2022-50327
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subject and changelog edits, added empty line after if () ] In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could ... • https://git.kernel.org/stable/c/8e8b5f12ee4ab6f5d252c9ca062a4ada9554e6d9 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50324 – mtd: maps: pxa2xx-flash: fix memory leak in probe
https://notcve.org/view.php?id=CVE-2022-50324
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: maps: pxa2xx-flash: fix memory leak in probe Free 'info' upon remapping error to avoid a memory leak. [<miquel.raynal@bootlin.com>: Reword the commit log] • https://git.kernel.org/stable/c/e644f7d6289456657996df4192de76c5d0a9f9c7 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50320 – ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address
https://notcve.org/view.php?id=CVE-2022-50320
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address On a Packard Bell Dot SC (Intel Atom N2600 model) there is a FPDT table which contains invalid physical addresses, with high bits set which fall outside the range of the CPU-s supported physical address range. Calling acpi_os_map_memory() on such an invalid phys address leads to the below WARN_ON in ioremap triggering resulting in an oops/stacktrace. Add code to ver... • https://git.kernel.org/stable/c/30eca146c89d216dda95868ce00a2d35cf73d5a4 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53257 – wifi: mac80211: check S1G action frame size
https://notcve.org/view.php?id=CVE-2023-53257
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame. • https://git.kernel.org/stable/c/fedd9377dd9c71a950d432fbe1628eebfbed70a1 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53254 – cacheinfo: Fix shared_cpu_map to handle shared caches at different levels
https://notcve.org/view.php?id=CVE-2023-53254
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels The cacheinfo sets up the shared_cpu_map by checking whether the caches with the same index are shared between CPUs. However, this will trigger slab-out-of-bounds access if the CPUs do not have the same cache hierarchy. Another problem is the mismatched shared_cpu_map when the shared cache does not have the same index between CPUs. CPU0 I D L3 index 0 1 2 x ^ ^ ^ ^ in... • https://git.kernel.org/stable/c/2f588d0345d69a35e451077afed428fd057a5e34 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53247 – btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
https://notcve.org/view.php?id=CVE-2023-53247
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand While trying to get the subpage blocksize tests running, I hit the following panic on generic/476 assertion failed: PagePrivate(page) && page->private, in fs/btrfs/subpage.c:229 kernel BUG at fs/btrfs/subpage.c:229! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP CPU: 1 PID: 1453 Comm: fsstress Not tainted 6.4.0-rc7+ #12 Hardware name: QEMU KVM Virtual Machine, BIOS e... • https://git.kernel.org/stable/c/0a5e0bc8e8618e32a6ca64450867628eb0a627bf •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53246 – cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
https://notcve.org/view.php?id=CVE-2023-53246
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL When compiled with CONFIG_CIFS_DFS_UPCALL disabled, cifs_dfs_d_automount is NULL. cifs.ko logic for mapping CIFS_FATTR_DFS_REFERRAL attributes to S_AUTOMOUNT and corresponding dentry flags is retained regardless of CONFIG_CIFS_DFS_UPCALL, leading to a NULL pointer dereference in VFS follow_automount() when traversing a DFS referral link: BUG: kernel NULL pointer dereference, addres... • https://git.kernel.org/stable/c/8cd7dbc9c46d51e00a0a8372e07cc1cbb8d24a77 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53244 – media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish
https://notcve.org/view.php?id=CVE-2023-53244
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish When the driver calls tw68_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a empty buffer buf->cpu. Later when we free the buffer or access the buffer, null ptr deref is triggered. This bug is similar to the following one: https://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae911d71. We believe t... • https://git.kernel.org/stable/c/dcf632bca424e6ff8c8eb89c96694e7f05cd29b6 •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50315 – ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
https://notcve.org/view.php?id=CVE-2022-50315
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS UBSAN complains about array-index-out-of-bounds: [ 1.980703] kernel: UBSAN: array-index-out-of-bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41 [ 1.980709] kernel: index 15 is out of range for type 'ahci_em_priv [8]' [ 1.980713] kernel: CPU: 0 PID: 209 Comm: scsi_eh_8 Not tainted 5.15.0-25-generic #25-Ubuntu [ 1.980716] kernel: Hardware name: System manufacturer Sy... • https://git.kernel.org/stable/c/f70bd4339cb68bc7e206af4c922bc0d249244403 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50314 – nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
https://notcve.org/view.php?id=CVE-2022-50314
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: nbd: Fix hung when signal interrupts nbd_start_device_ioctl() syzbot reported hung task [1]. The following program is a simplified version of the reproducer: int main(void) { int sv[2], fd; if (socketpair(AF_UNIX, SOCK_STREAM, 0, sv) < 0) return 1; if ((fd = open("/dev/nbd0", 0)) < 0) return 1; if (ioctl(fd, NBD_SET_SIZE_BLOCKS, 0x81) < 0) return 1; if (ioctl(fd, NBD_SET_SOCK, sv[0]) < 0) return 1; if (ioctl(fd, NBD_DO_IT) < 0) return 1; re... • https://git.kernel.org/stable/c/3ba3846cb3e2fb3c6fbf79e998472821b298419e •