CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54306 – net: tls: avoid hanging tasks on the tx_lock
https://notcve.org/view.php?id=CVE-2023-54306
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the tx_lock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took tx_lock and went to sleep may not release tx_lock for hours. Use interruptible sleep where possible and reschedule the work if it can't take the lock. Testing: existing selftest passes • https://git.kernel.org/stable/c/79ffe6087e9145d2377385cac48d0d6a6b4225a5 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54305 – ext4: refuse to create ea block when umounted
https://notcve.org/view.php?id=CVE-2023-54305
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access s_root while it is already set as NULL when umount is triggered. Refuse this request to avoid panic. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/e50e5129f384ae282adebfb561189cdb19b81cee •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54304 – firmware: meson_sm: fix to avoid potential NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-54304
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: meson_sm: fix to avoid potential NULL pointer dereference of_match_device() may fail and returns a NULL pointer. Fix this by checking the return value of of_match_device. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/8cde3c2153e8f57be884c0e73f18bc4de150e870 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54303 – bpf: Disable preemption in bpf_perf_event_output
https://notcve.org/view.php?id=CVE-2023-54303
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_perf_event_output The nesting protection in bpf_perf_event_output relies on disabled preemption, which is guaranteed for kprobes and tracepoints. However bpf_perf_event_output can be also called from uprobes context through bpf_prog_run_array_sleepable function which disables migration, but keeps preemption enabled. This can cause task to be preempted by another one inside the nesting protection and lead event... • https://git.kernel.org/stable/c/8c7dcb84e3b744b2b70baa7a44a9b1881c33a9c9 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54302 – RDMA/irdma: Fix data race on CQP completion stats
https://notcve.org/view.php?id=CVE-2023-54302
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdma_wait_event and irdma_check_cqp_progress while it can be updated in the completion thread irdma_sc_ccq_get_cqe_info on another CPU as KCSAN reports. Make completion statistics an atomic variable to reflect coherent updates to it. This will also avoid load/store tearing logic bug potentially possible by compiler optimizations. [77346.170861] ... • https://git.kernel.org/stable/c/915cc7ac0f8e2a23675ee896e87f17c7d3c47089 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54301 – serial: 8250_bcm7271: fix leak in `brcmuart_probe`
https://notcve.org/view.php?id=CVE-2023-54301
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: 8250_bcm7271: fix leak in `brcmuart_probe` Smatch reports: drivers/tty/serial/8250/8250_bcm7271.c:1120 brcmuart_probe() warn: 'baud_mux_clk' from clk_prepare_enable() not released on lines: 1032. The issue is fixed by using a managed clock. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/41a469482de257ea8db43cf74b6311bd055de030 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54300 – wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
https://notcve.org/view.php?id=CVE-2023-54300
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx For the reasons also described in commit b383e8abed41 ("wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()"), ath9k_htc_rx_msg() should validate pkt_len before accessing the SKB. For example, the obtained SKB may have been badly constructed with pkt_len = 8. In this case, the SKB can only contain a valid htc_frame_hdr but after being processed in ath9k_htc_rx_msg() a... • https://git.kernel.org/stable/c/fb9987d0f748c983bb795a86f47522313f701a08 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54299 – usb: typec: bus: verify partner exists in typec_altmode_attention
https://notcve.org/view.php?id=CVE-2023-54299
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs will negotiate DisplayPort Alt mode with the device but will then negotiate a data role swap after entering the alt mode. The data role swap causes the device to unregister all alt modes, however the usb hub will still send Attention messages even after failing to reregister the Alt Mode. type_altmode_attention currently does not verify whether or not a device's... • https://git.kernel.org/stable/c/8a37d87d72f0c69f837229c04d2fcd7117ea57e7 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54298 – thermal: intel: quark_dts: fix error pointer dereference
https://notcve.org/view.php?id=CVE-2023-54298
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quark_dts: fix error pointer dereference If alloc_soc_dts() fails, then we can just return. Trying to free "soc_dts" will lead to an Oops. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/8c1876939663191b5044807230fa295f35462215 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54297 – btrfs: zoned: fix memory leak after finding block group with super blocks
https://notcve.org/view.php?id=CVE-2023-54297
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix memory leak after finding block group with super blocks At exclude_super_stripes(), if we happen to find a block group that has super blocks mapped to it and we are on a zoned filesystem, we error out as this is not supposed to happen, indicating either a bug or maybe some memory corruption for example. However we are exiting the function without freeing the memory allocated for the logical address of the super blocks. Fix... • https://git.kernel.org/stable/c/12659251ca5df05a484eb122c2c34c18d84e797c •