CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54229 – wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range
https://notcve.org/view.php?id=CVE-2023-54229
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register: WARNING: CPU: 2 PID: 106 at net/wireless/core.c:907 wiphy_register+0x914/0x954 Modules linked in: ath11k_pci sbsa_gwdt CPU: 2 PID: 106 Comm: kworker/u8:5 Not tainted 6.3.0-rc7-next-20230418-00549-g1e096a17625a-dirty #9 Hardware name: Fre... • https://git.kernel.org/stable/c/22eeadcdeab63e88983401f699f61a0121c03a0d •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54226 – af_unix: Fix data races around sk->sk_shutdown.
https://notcve.org/view.php?id=CVE-2023-54226
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown. KCSAN found a data race around sk->sk_shutdown where unix_release_sock() and unix_shutdown() update it under unix_state_lock(), OTOH unix_poll() and unix_dgram_poll() read it locklessly. We need to annotate the writes and reads with WRITE_ONCE() and READ_ONCE(). BUG: KCSAN: data-race in unix_poll / unix_release_sock write to 0xffff88800d0f8aec of 1 bytes by task 264 on cpu 0: unix_release_sock... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54224 – btrfs: fix lockdep splat and potential deadlock after failure running delayed items
https://notcve.org/view.php?id=CVE-2023-54224
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix lockdep splat and potential deadlock after failure running delayed items When running delayed items we are holding a delayed node's mutex and then we will attempt to modify a subvolume btree to insert/update/delete the delayed items. However if have an error during the insertions for example, btrfs_insert_delayed_items() may return with a path that has locked extent buffers (a leaf at the very least), and then we attempt to relea... • https://git.kernel.org/stable/c/506650dcb3a716ad98681f7091ba2f8e748c04b8 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54220 – serial: 8250: Fix oops for port->pm on uart_change_pm()
https://notcve.org/view.php?id=CVE-2023-54220
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port->pm on uart_change_pm() Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten seconds after unloading the driver. This happens on uart_hangup() calling uart_change_pm(). Turns out commit 04e82793f068 ("serial: 8250: Reinit port->pm on port specific driver unbind") was only a partial fix. If the hardware specific driver has initialized... • https://git.kernel.org/stable/c/490bf37eaabb0a857ed1ae8e75d8854e41662f1c •
CVSS: -EPSS: 0%CPEs: 10EXPL: 0CVE-2023-54219 – Revert "IB/isert: Fix incorrect release of isert connection"
https://notcve.org/view.php?id=CVE-2023-54219
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert connection") is causing problems on OPA when DEVICE_REMOVAL is happening. ------------[ cut here ]------------ WARNING: CPU: 52 PID: 2117247 at drivers/infiniband/core/cq.c:359 ib_cq_pool_cleanup+0xac/0xb0 [ib_core] Modules linked in: nfsd nfs_acl target_core_user uio tcm_fc libfc scsi_transport_fc tcm_loop target_cor... • https://git.kernel.org/stable/c/ccf5a1b28e2b73952e8d23126fa1abc6ff99de55 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54218 – net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
https://notcve.org/view.php?id=CVE-2023-54218
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs(). KCSAN found a data race in sock_recv_cmsgs() where the read access to sk->sk_stamp needs READ_ONCE(). BUG: KCSAN: data-race in packet_recvmsg / packet_recvmsg write (marked) to 0xffff88803c81f258 of 8 bytes by task 19171 on cpu 0: sock_write_timestamp include/net/sock.h:2670 [inline] sock_recv_cmsgs include/net/sock.h:2722 [inline] packet_recvmsg+0xb97/0xd00 net/packet/af_packet.c:... • https://git.kernel.org/stable/c/6c7c98bad4883a4a8710c96b2b44de482865eb6e •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54214 – Bluetooth: L2CAP: Fix potential user-after-free
https://notcve.org/view.php?id=CVE-2023-54214
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling alloc_skb which may release the chan lock and reacquire later which makes it possible that the chan is disconnected in the meantime. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/a6a5568c03c4805d4d250f6bd9d468eeeb4ea059 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54213 – USB: sisusbvga: Add endpoint checks
https://notcve.org/view.php?id=CVE-2023-54213
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the sisusbvga driver: ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 1 PID: 26 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504 Modules linked in: CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 6.2.0-rc5-syzkaller-00199-g5af6ce704936 #0 Hardware name: Google Google Compute E... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54211 – tracing: Fix warning in trace_buffered_event_disable()
https://notcve.org/view.php?id=CVE-2023-54211
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix warning in trace_buffered_event_disable() Warning happened in trace_buffered_event_disable() at WARN_ON_ONCE(!trace_buffered_event_ref) Call Trace: ? __warn+0xa5/0x1b0 ? trace_buffered_event_disable+0x189/0x1b0 __ftrace_event_enable_disable+0x19e/0x3e0 free_probe_data+0x3b/0xa0 unregister_ftrace_function_probe_func+0x6b8/0x800 event_enable_func+0x2f0/0x3d0 ftrace_process_regex.isra.0+0x12d/0x1b0 ftrace_filter_write+0xe6/0x140 v... • https://git.kernel.org/stable/c/0fc1b09ff1ff404ddf753f5ffa5cd0adc8fdcdc9 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54208 – media: ov5675: Fix memleak in ov5675_init_controls()
https://notcve.org/view.php?id=CVE-2023-54208
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675_init_controls() There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device: AssertionError: unreferenced object 0xffff888107362160 (size 16): comm "python3", pid 277, jiffies 4294832798 (age 20.722s) hex dump (first 16 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000abe7d67c>] __kmalloc_node+0x44/0x1b0 [<000000008a725aac>] kvmalloc_node+0x34... • https://git.kernel.org/stable/c/bf27502b1f3bf8095bf81736e506d354a2ce9ec4 •