CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54251 – net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
https://notcve.org/view.php?id=CVE-2023-54251
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX. syzkaller found zero division error [0] in div_s64_rem() called from get_cycle_time_elapsed(), where sched->cycle_time is the divisor. We have tests in parse_taprio_schedule() so that cycle_time will never be 0, and actually cycle_time is not 0 in get_cycle_time_elapsed(). The problem is that the types of divisor are different; cycle_time is s64, but the argument of div_s... • https://git.kernel.org/stable/c/4cfd5779bd6efe8c76b4494aec63a063be0d2ff2 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54250 – ksmbd: avoid out of bounds access in decode_preauth_ctxt()
https://notcve.org/view.php?id=CVE-2023-54250
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decode_preauth_ctxt() Confirm that the accessed pneg_ctxt->HashAlgorithms address sits within the SMB request boundary; deassemble_neg_contexts() only checks that the eight byte smb2_neg_context header + (client controlled) DataLength are within the packet boundary, which is insufficient. Checking for sizeof(struct smb2_preauth_neg_context) is overkill given that the type currently assumes SMB311_SALT_SI... • https://git.kernel.org/stable/c/e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54248 – fs/ntfs3: Add check for kmemdup
https://notcve.org/view.php?id=CVE-2023-54248
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add check for kmemdup Since the kmemdup may return NULL pointer, it should be better to add check for the return value in order to avoid NULL pointer dereference. • https://git.kernel.org/stable/c/b46acd6a6a627d876898e1c84d3f84902264b445 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54247 – bpf: Silence a warning in btf_type_id_size()
https://notcve.org/view.php?id=CVE-2023-54247
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btf_type_id_size() syzbot reported a warning in [1] with the following stacktrace: WARNING: CPU: 0 PID: 5005 at kernel/bpf/btf.c:1988 btf_type_id_size+0x2d9/0x9d0 kernel/bpf/btf.c:1988 ... RIP: 0010:btf_type_id_size+0x2d9/0x9d0 kernel/bpf/btf.c:1988 ... Call Trace:
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54246 – rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle()
https://notcve.org/view.php?id=CVE-2023-54246
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle() The rcuscale.holdoff module parameter can be used to delay the start of rcu_scale_writer() kthread. However, the hung-task timeout will trigger when the timeout specified by rcuscale.holdoff is greater than hung_task_timeout_secs: runqemu kvm nographic slirp qemuparams="-smp 4 -m 2048M" bootparams="rcuscale.shutdown=0 rcuscale.holdoff=300" [ 247.071753] INFO: ta... • https://git.kernel.org/stable/c/df37e66bfdbb57e8cae7dbf39a0c66b1b8701338 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54245 – ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds
https://notcve.org/view.php?id=CVE-2023-54245
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller we get below Out of Bound. "KASAN: slab-out-of-bounds Read in regcache_flat_read" Below is the backtrace of the issue: dump_backtrace+0x0/0x4c8 show_stack+0x34/0x44 dump_stack_lvl+0xd8/0x118 print_address_description+0x30/0x2d8 kasan_report+0x158/0x198 __asan_report_load4_noabort+0x44/0x50 regcache_flat_read+0x10c/0x110 regcache_read+0xf4/0x180 _regmap_read+0xc4... • https://git.kernel.org/stable/c/d207bdea0ca9efde321ff142e9b9f2ef73f9cdf5 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54244 – ACPI: EC: Fix oops when removing custom query handlers
https://notcve.org/view.php?id=CVE-2023-54244
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was already unloaded. Fix this by flushing the EC query workqueue when removing custom query handlers. Tested on a Acer Travelmate 4002WLMi The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issu... • https://git.kernel.org/stable/c/a62e8f1978f49e52f87a711ff6711b323d4b12ff •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50872 – ARM: OMAP2+: Fix memory leak in realtime_counter_init()
https://notcve.org/view.php?id=CVE-2022-50872
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtime_counter_init() The "sys_clk" resource is malloced by clk_get(), it is not released when the function return. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/fa6d79d27614223d82418023b7f5300f1a1530d3 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50871 – wifi: ath11k: Fix qmi_msg_handler data structure initialization
https://notcve.org/view.php?id=CVE-2022-50871
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmi_msg_handler data structure initialization qmi_msg_handler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead to infinite loop while searching the handler and therefore out of bound access in qmi_invoke_handler(). Hence update the initialization in qmi_msg_handler data structure. Tested-on: IPQ8074 hw2.0 AHB WLAN.HK.2.5.... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50870 – powerpc/rtas: avoid device tree lookups in rtas_os_term()
https://notcve.org/view.php?id=CVE-2022-50870
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ state changes. If the kernel panics while devtree_lock is held, rtas_os_term() as currently written could hang. Instead of discovering the relevant characteristics at panic time, cache them in file-static vari... • https://git.kernel.org/stable/c/088186ded490ced80758200cf8f906ed741df306 •