CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2025-39812 – sctp: initialize more fields in sctp_v6_from_sk()
https://notcve.org/view.php?id=CVE-2025-39812
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctp_v6_from_sk() syzbot found that sin6_scope_id was not properly initialized, leading to undefined behavior. Clear sin6_scope_id and sin6_flowinfo. BUG: KMSAN: uninit-value in __sctp_v6_cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649 __sctp_v6_cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649 sctp_inet6_cmp_addr+0x4f2/0x510 net/sctp/ipv6.c:983 sctp_bind_addr_conflict+0x22a/0x3b0 net/sctp/bind_addr.c:390 sctp_get_port_local... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2025-39808 – HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()
https://notcve.org/view.php?id=CVE-2025-39808
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() in ntrig_report_version(), hdev parameter passed from hid_probe(). sending descriptor to /dev/uhid can make hdev->dev.parent->parent to null if hdev->dev.parent->parent is null, usb_dev has invalid address(0xffffffffffffff58) that hid_to_usb_dev(hdev) returned when usb_rcvctrlpipe() use usb_dev,it trigger page fault error for address(0xffffffffffffff58) add null check... • https://git.kernel.org/stable/c/0277873c05158c5efc97c23d52e6aec6250bde0f •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53302 – wifi: iwl4965: Add missing check for create_singlethread_workqueue()
https://notcve.org/view.php?id=CVE-2023-53302
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for create_singlethread_workqueue() Add the check for the return value of the create_singlethread_workqueue() in order to avoid NULL pointer dereference. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/b481de9ca074528fe8c429604e2777db8b89806a •
CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53299 – md/raid10: fix leak of 'r10bio->remaining' for recovery
https://notcve.org/view.php?id=CVE-2023-53299
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio->remaining' for recovery raid10_sync_request() will add 'r10bio->remaining' for both rdev and replacement rdev. However, if the read io fails, recovery_request_write() returns without issuing the write io, in this case, end_sync_request() is only called once and 'remaining' is leaked, cause an io hang. Fix the problem by decreasing 'remaining' according to if 'bio' and 'repl_bio' is valid. This update provides... • https://git.kernel.org/stable/c/24afd80d99f80a79d8824d2805114b8b067e9823 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53298 – nfc: fix memory leak of se_io context in nfc_genl_se_io
https://notcve.org/view.php?id=CVE-2023-53298
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of se_io context in nfc_genl_se_io The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfc_genl_se_io and supposed to be eventually freed in se_io_cb callback function. However, there are several error paths where the bwi_timer is not charged to call se_io_cb later, and the cb_context is leaked. The patch proposes to free the cb_context explicitly on those error paths... • https://git.kernel.org/stable/c/5ce3f32b5264b337bfd13a780452a17705307725 •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53297 – Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
https://notcve.org/view.php?id=CVE-2023-53297
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' is triggered. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/5f352a56f0e607e6ff539cbf12156bfd8af232be • CWE-832: Unlock of a Resource that is not Locked •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53295 – udf: Do not update file length for failed writes to inline files
https://notcve.org/view.php?id=CVE-2023-53295
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline data to happen only if the write succeeds. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/5621f7a8139053d0c3c47fb68ee9f602139eb40a •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53292 – blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none
https://notcve.org/view.php?id=CVE-2023-53292
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none After grabbing q->sysfs_lock, q->elevator may become NULL because of elevator switch. Fix the NULL dereference on q->elevator by checking it with lock. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/3e977386521b71471e66ec2ba82efdfcc456adf2 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53288 – drm/client: Fix memory leak in drm_client_modeset_probe
https://notcve.org/view.php?id=CVE-2023-53288
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm] drm_client_modeset_probe+0x944/0xf50 [drm] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper] drm_client_register+0x169/0x240 [drm] ast_pci_probe+0x142/0x190 [as... • https://git.kernel.org/stable/c/5d580017bdb9b3e930b6009e467e5e1589f8ca8a • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53286 – RDMA/mlx5: Return the firmware result upon destroying QP/RQ
https://notcve.org/view.php?id=CVE-2023-53286
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. Which in turn could lead to various problems since when upper layer isn't aware of the failure it continues its operation thinking that the related QP/RQ was successfully destroyed while it actually wasn't, which could lead to the belo... • https://git.kernel.org/stable/c/73311dd831858d797cf8ebe140654ed519b41c36 •