CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54045 – audit: fix possible soft lockup in __audit_inode_child()
https://notcve.org/view.php?id=CVE-2023-54045
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: audit: fix possible soft lockup in __audit_inode_child() Tracefs or debugfs maybe cause hundreds to thousands of PATH records, too many PATH records maybe cause soft lockup. For example: 1. CONFIG_KASAN=y && CONFIG_PREEMPTION=n 2. auditctl -a exit,always -S open -k key 3. sysctl -w kernel.watchdog_thresh=5 4. mkdir /sys/kernel/debug/tracing/instances/test There may be a soft lockup as follows: watchdog: BUG: soft lockup - CPU#45 stuck for 7... • https://git.kernel.org/stable/c/5195d8e217a78697152d64fc09a16e063a022465 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54044 – spmi: Add a check for remove callback when removing a SPMI driver
https://notcve.org/view.php?id=CVE-2023-54044
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: spmi: Add a check for remove callback when removing a SPMI driver When removing a SPMI driver, there can be a crash due to NULL pointer dereference if it does not have a remove callback defined. This is one such call trace observed when removing the QCOM SPMI PMIC driver: dump_backtrace.cfi_jt+0x0/0x8 dump_stack_lvl+0xd8/0x16c panic+0x188/0x498 __cfi_slowpath+0x0/0x214 __cfi_slowpath+0x1dc/0x214 spmi_drv_remove+0x16c/0x1e0 device_release_dr... • https://git.kernel.org/stable/c/5a86bf343976b9c8ab2f240bc866451fa67e5573 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50733 – usb: idmouse: fix an uninit-value in idmouse_open
https://notcve.org/view.php?id=CVE-2022-50733
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitialized. And the check for valid image incurs an uninitialized dereference. Fix this by moving the check before reset label since this check only be valid if the data after bulk_in_buffer[HEADER] has concrete data. Note that this is found... • https://git.kernel.org/stable/c/4244f72436ab77c3c29a6447af81734ab3925d85 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50732 – staging: rtl8192u: Fix use after free in ieee80211_rx()
https://notcve.org/view.php?id=CVE-2022-50732
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free. In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free. The SUSE Linux Enterprise 15 SP5 RT kernel w... • https://git.kernel.org/stable/c/8fc8598e61f6f384f3eaf1d9b09500c12af47b37 •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50728 – s390/lcs: Fix return type of lcs_start_xmit()
https://notcve.org/view.php?id=CVE-2022-50728
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A proposed warning in clang aims to catch these at ... • https://git.kernel.org/stable/c/dc1f8bf68b311b1537cb65893430b6796118498a •
CVSS: 5.6EPSS: 0%CPEs: 11EXPL: 0CVE-2022-50724 – regulator: core: fix resource leak in regulator_register()
https://notcve.org/view.php?id=CVE-2022-50724
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulator_register() I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /i2c/pmic@64/regulators/buck1 unreferenced object 0xffff88810deea000 (size 512): comm "490-i2c-rt5190a", pid 253, jiffies 4294859840 (age 5061.046s) hex dump (first 32 bytes): 0... • https://git.kernel.org/stable/c/0120ec32a7774b5061ced1a9a7ff833edd8b4cb6 •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50720 – x86/apic: Don't disable x2APIC if locked
https://notcve.org/view.php?id=CVE-2022-50720
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC (or x2APIC). X2APIC mode is mostly compatible with legacy APIC, but it disables the memory-mapped APIC interface in favor of one that uses MSRs. The APIC mode is controlled by the EXT bit in the APIC MSR. The MMIO/xAPIC interface has some problems, most notably the APIC LEAK [1]. This bug allows an attacker to use the APIC MMIO in... • https://git.kernel.org/stable/c/fb209bd891645bb87b9618b724f0b4928e0df3de •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50719 – ALSA: line6: fix stack overflow in line6_midi_transmit
https://notcve.org/view.php?id=CVE-2022-50719
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6_midi_transmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PODxt device. In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6_midi_transmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer ove... • https://git.kernel.org/stable/c/f2459201c72e8f8553644505eed19954d4c3a023 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50716 – wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
https://notcve.org/view.php?id=CVE-2022-50716
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out syzkaller reported use-after-free with the stack trace like below [1]: [ 38.960489][ C3] ================================================================== [ 38.963216][ C3] BUG: KASAN: use-after-free in ar5523_cmd_tx_cb+0x220/0x240 [ 38.964950][ C3] Read of size 8 at addr ffff888048e03450 by task swapper/3/0 [ 38.966363][ C3] [ 38.967053][ C3] CPU: 3 PID: 0 Comm: swapper/3 Not tain... • https://git.kernel.org/stable/c/b7d572e1871df06a96a1c9591c71c5494ff6b624 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2022-50715 – md/raid1: stop mdx_raid1 thread when raid1 array run failed
https://notcve.org/view.php?id=CVE-2022-50715
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdx_raid1 thread were not stop, Even if the associated resources have been released. it will caused a NULL dereference when we do poweroff. This causes the following Oops: [ 287.587787] BUG: kernel NULL pointer dereference, address: 0000000000000070 [ 287.594762] #PF: supervisor read access in kernel m... • https://git.kernel.org/stable/c/5bad5054ecd83c866502f0370edfc9aa55dc9aa7 •