CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54140 – nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
https://notcve.org/view.php?id=CVE-2023-54140
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that mark_buffer_dirty() called from __nilfs_mark_inode_dirty() or nilfs_palloc_commit_alloc_entry() may output a kernel warning, and can panic if the kernel is booted with panic_on_warn. This is because nilfs2 keeps buffer pointers in local structures for some metadata and reuses them, but such buffers may be fo... • https://git.kernel.org/stable/c/8c26c4e2694a163d525976e804d81cd955bbb40c •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54139 – tracing/user_events: Ensure write index cannot be negative
https://notcve.org/view.php?id=CVE-2023-54139
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing/user_events: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write() calls as the first 4 bytes. Ensure that it cannot be negative by returning -EINVAL to prevent out of bounds accesses. Update ftrace self-test to ensure this occurs properly. In the Linux kernel, the following vulnerability has been resolved: traci... • https://git.kernel.org/stable/c/7f5a08c79df35e68f1a43033450c5050f12bc155 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54138 – drm/msm: fix NULL-deref on irq uninstall
https://notcve.org/view.php?id=CVE-2023-54138
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on irq uninstall In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork: https://patchwork.freedesktop.org/patch/525104/ In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on irq uninstall In case of early initialisation errors and on platforms that do not us... • https://git.kernel.org/stable/c/f026e431cf861197dc03217d1920b38b80b31dd9 •
CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54137 – vfio/type1: fix cap_migration information leak
https://notcve.org/view.php?id=CVE-2023-54137
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix cap_migration information leak Fix an information leak where an uninitialized hole in struct vfio_iommu_type1_info_cap_migration on the stack is exposed to userspace. The definition of struct vfio_iommu_type1_info_cap_migration contains a hole as shown in this pahole(1) output: struct vfio_iommu_type1_info_cap_migration { struct vfio_info_cap_header header; /* 0 8 */ __u32 flags; /* 8 4 */ /* XXX 4 bytes hole, try to pack */... • https://git.kernel.org/stable/c/ad721705d09c62f0d108a6b4f59867ebfd592c90 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54136 – serial: sprd: Fix DMA buffer leak issue
https://notcve.org/view.php?id=CVE-2023-54136
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fix DMA buffer leak issue Release DMA buffer when _probe() returns failure to avoid memory leak. • https://git.kernel.org/stable/c/f4487db58eb780a52d768f3b36aaaa8fd5839215 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54135 – maple_tree: fix potential out-of-bounds access in mas_wr_end_piv()
https://notcve.org/view.php?id=CVE-2023-54135
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extends to the last slot in the node, in which case the node maximum should be used as the end pivot. akpm: this doesn't affect any current callers, but new users of mapletree may encounter this problem if backporte... • https://git.kernel.org/stable/c/54a611b605901c7d5d05b6b8f5d04a6ceb0962aa •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54134 – autofs: fix memory leak of waitqueues in autofs_catatonic_mode
https://notcve.org/view.php?id=CVE-2023-54134
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofs_catatonic_mode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 (size 96): comm "syz-executor399", pid 3631, jiffies 4294964921 (age 23.870s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 08 9e 27 0b 81 88 ff ff ..........'..... 08 9e 27 0b 81 88 ff ff 00 00 00 00 00 00 00 00 ..'............. backtrace: [
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54132 – erofs: stop parsing non-compact HEAD index if clusterofs is invalid
https://notcve.org/view.php?id=CVE-2023-54132
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image [1] with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 ~ lclustersize-1, which causes the following unexpected behavior as below: BUG: unable to handle page fault for address: fffff52101a3fff9 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 23ffed067 P4D 23ffed067 PUD 0... • https://git.kernel.org/stable/c/02827e1796b33f1794966f5c3101f8da2dfa9c1d •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54131 – wifi: rt2x00: Fix memory leak when handling surveys
https://notcve.org/view.php?id=CVE-2023-54131
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: Fix memory leak when handling surveys When removing a rt2x00 device, its associated channel surveys are not freed, causing a memory leak observable with kmemleak: unreferenced object 0xffff9620f0881a00 (size 512): comm "systemd-udevd", pid 2290, jiffies 4294906974 (age 33.768s) hex dump (first 32 bytes): 70 44 12 00 00 00 00 00 92 8a 00 00 00 00 00 00 pD.............. 00 00 00 00 00 00 00 00 ab 87 01 00 00 00 00 00 .............. • https://git.kernel.org/stable/c/5447626910f5b8d964761ed4fa4feaf1a3ac47d0 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54130 – hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling
https://notcve.org/view.php?id=CVE-2023-54130
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling Commit 55d1cbbbb29e ("hfs/hfsplus: use WARN_ON for sanity check") fixed a build warning by turning a comment into a WARN_ON(), but it turns out that syzbot then complains because it can trigger said warning with a corrupted hfs image. The warning actually does warn about a bad situation, but we are much better off just handling it as the error it is. So rather than war... • https://git.kernel.org/stable/c/55d1cbbbb29e6656c662ee8f73ba1fc4777532eb •