CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54124 – f2fs: fix to drop all dirty pages during umount() if cp_error is set
https://notcve.org/view.php?id=CVE-2023-54124
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount() if cp_error is set xfstest generic/361 reports a bug as below: f2fs_bug_on(sbi, sbi->fsync_node_num); kernel BUG at fs/f2fs/super.c:1627! RIP: 0010:f2fs_put_super+0x3a8/0x3b0 Call Trace: generic_shutdown_super+0x8c/0x1b0 kill_block_super+0x2b/0x60 kill_f2fs_super+0x87/0x110 deactivate_locked_super+0x39/0x80 deactivate_super+0x46/0x50 cleanup_mnt+0x109/0x170 __cleanup_mnt+0x16/0x20 task_work_... • https://git.kernel.org/stable/c/92575f05a32dafb16348bfa5e62478118a9be069 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54123 – md/raid10: fix memleak for 'conf->bio_split'
https://notcve.org/view.php?id=CVE-2023-54123
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak for 'conf->bio_split' In the error path of raid10_run(), 'conf' need be freed, however, 'conf->bio_split' is missed and memory will be leaked. Since there are 3 places to free 'conf', factor out a helper to fix the problem. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak for 'conf->bio_split' In the error path of raid10_run(), 'conf' need be freed, however, 'conf->bio_split' ... • https://git.kernel.org/stable/c/fc9977dd069e4f82fcacb262652117c488647319 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54122 – drm/msm/dpu: Add check for cstate
https://notcve.org/view.php?id=CVE-2023-54122
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in __drm_atomic_helper_crtc_reset. Patchwork: https://patchwork.freedesktop.org/patch/514163/ In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in or... • https://git.kernel.org/stable/c/1cff7440a86e04a613665803b42034c467f035fa •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54121 – btrfs: fix incorrect splitting in btrfs_drop_extent_map_range
https://notcve.org/view.php?id=CVE-2023-54121
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect splitting in btrfs_drop_extent_map_range In production we were seeing a variety of WARN_ON()'s in the extent_map code, specifically in btrfs_drop_extent_map_range() when we have to call add_extent_mapping() for our second split. Consider the following extent map layout PINNED [0 16K) [32K, 48K) and then we call btrfs_drop_extent_map_range for [0, 36K), with skip_pinned == true. The initial loop will have start = 0 end =... • https://git.kernel.org/stable/c/55ef68990029fcd8d04d42fc184aa7fb18cf309e •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54120 – Bluetooth: Fix race condition in hidp_session_thread
https://notcve.org/view.php?id=CVE-2023-54120
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidp_session_thread There is a potential race condition in hidp_session_thread that may lead to use-after-free. For instance, the timer is active while hidp_del_timer is called in hidp_session_thread(). After hidp_session_put, then 'session' will be freed, causing kernel panic when hidp_idle_timeout is running. The solution is to use del_timer_sync instead of del_timer. Here is the call trace: ? • https://git.kernel.org/stable/c/152f47bd6b995e0e98c85672f6d19894bc287ef2 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54119 – inotify: Avoid reporting event with invalid wd
https://notcve.org/view.php?id=CVE-2023-54119
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: inotify: Avoid reporting event with invalid wd When inotify_freeing_mark() races with inotify_handle_inode_event() it can happen that inotify_handle_inode_event() sees that i_mark->wd got already reset to -1 and reports this value to userspace which can confuse the inotify listener. Avoid the problem by validating that wd is sensible (and pretend the mark got removed before the event got generated otherwise). In the Linux kernel, the follow... • https://git.kernel.org/stable/c/7e790dd5fc937bc8d2400c30a05e32a9e9eef276 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54118 – serial: sc16is7xx: setup GPIO controller later in probe
https://notcve.org/view.php?id=CVE-2023-54118
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the GPIO lines before the sc16is7xx device has finished initialising. This issue manifests itself as an Oops when the GPIO lines are configured: Unable to handle kernel read from unreadable memory at virtual address ... pc : sc16is7xx_gpio... • https://git.kernel.org/stable/c/17b96b5c19bec791b433890549e44ca523dc82aa •
CVSS: 5.6EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54115 – pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
https://notcve.org/view.php?id=CVE-2023-54115
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() When nonstatic_release_resource_db() frees all resources associated with an PCMCIA socket, it forgets to free socket_data too, causing a memory leak observable with kmemleak: unreferenced object 0xc28d1000 (size 64): comm "systemd-udevd", pid 297, jiffies 4294898478 (age 194.484s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 f0 85 0e c3 00 00 00 00 ............... • https://git.kernel.org/stable/c/bde0b6da7bd893c37afaee3555cc3ac3be582313 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54114 – net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
https://notcve.org/view.php?id=CVE-2023-54114
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() As the call trace shows, skb_panic was caused by wrong skb->mac_header in nsh_gso_segment(): invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 3 PID: 2737 Comm: syz Not tainted 6.3.0-next-20230505 #1 RIP: 0010:skb_panic+0xda/0xe0 call Trace: skb_push+0x91/0xa0 nsh_gso_segment+0x4f3/0x570 skb_mac_gso_segment+0x19e/0x270 __skb_gso_segment+0x1e8/0x3c0 validate_xmit_skb+... • https://git.kernel.org/stable/c/c411ed854584a71b0e86ac3019b60e4789d88086 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54112 – kcm: Fix memory leak in error path of kcm_sendmsg()
https://notcve.org/view.php?id=CVE-2023-54112
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcm_sendmsg() syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 (size 240): comm "syz-executor186", pid 5012, jiffies 4294943306 (age 13.680s) hex dump (first 32 bytes): 00 89 08 0b 81 88 ff ff 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [