CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50849 – pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
https://notcve.org/view.php?id=CVE-2022-50849
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP An oops can be induced by running 'cat /proc/kcore > /dev/null' on devices using pstore with the ram backend because kmap_atomic() assumes lowmem pages are accessible with __va(). Unable to handle kernel paging request at virtual address ffffff807ff2b000 Mem abort info: ESR = 0x96000006 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x06: level 2 tran... • https://git.kernel.org/stable/c/404a6043385de17273624b076599669db5ad891f •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50848 – drivers: dio: fix possible memory leak in dio_init()
https://notcve.org/view.php?id=CVE-2022-50848
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: dio: fix possible memory leak in dio_init() If device_register() returns error, the 'dev' and name needs be freed. Add a release function, and then call put_device() in the error path, so the name is freed in kobject_cleanup() and to the 'dev' is freed in release function. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/2e4c77bea3d8b17d94f8ee382411f359b708560f •
CVSS: -EPSS: 0%CPEs: 10EXPL: 0CVE-2023-54243 – netfilter: ebtables: fix table blob use-after-free
https://notcve.org/view.php?id=CVE-2023-54243
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix table blob use-after-free We are not allowed to return an error at this point. Looking at the code it looks like ret is always 0 at this point, but its not. t = find_table_lock(net, repl->name, &ret, &ebt_mutex); ... this can return a valid table, with ret != 0. This bug causes update of table->private with the new blob, but then frees the blob right away in the caller. Syzbot report: BUG: KASAN: vmalloc-out-of-boun... • https://git.kernel.org/stable/c/c58dd2dd443c26d856a168db108a0cd11c285bf3 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54240 – net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()
https://notcve.org/view.php?id=CVE-2023-54240
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all() rule_locs is allocated in ethtool_get_rxnfc and the size is determined by rule_cnt from user space. So rule_cnt needs to be check before using rule_locs to avoid NULL pointer dereference. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54236 – net/net_failover: fix txq exceeding warning
https://notcve.org/view.php?id=CVE-2023-54236
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/net_failover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned from the primary device if the primary device is UP and running. If the primary device txq is bigger than the default 16, it can lead to the following warning: eth0 selects TX queue 18, but real number of TX queues is 16 The warning bac... • https://git.kernel.org/stable/c/cfc80d9a11635404a40199a1c9471c96890f3f74 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54232 – m68k: Only force 030 bus error if PC not in exception table
https://notcve.org/view.php?id=CVE-2023-54232
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: m68k: Only force 030 bus error if PC not in exception table __get_kernel_nofault() does copy data in supervisor mode when forcing a task backtrace log through /proc/sysrq_trigger. This is expected cause a bus error exception on e.g. NULL pointer dereferencing when logging a kernel task has no workqueue associated. This bus error ought to be ignored. Our 030 bus error handler is ill equipped to deal with this: Whenever ssw indicates a kernel... • https://git.kernel.org/stable/c/f2325ecebc5b7988fd49968bd3a660fd1594dc84 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54230 – amba: bus: fix refcount leak
https://notcve.org/view.php?id=CVE-2023-54230
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_node, but not releases it in amba_device_release, so there is refcount leak. By using of_node_put to avoid refcount leak. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/5de1540b7bc4c23470f86add1e517be41e7fefe2 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54226 – af_unix: Fix data races around sk->sk_shutdown.
https://notcve.org/view.php?id=CVE-2023-54226
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown. KCSAN found a data race around sk->sk_shutdown where unix_release_sock() and unix_shutdown() update it under unix_state_lock(), OTOH unix_poll() and unix_dgram_poll() read it locklessly. We need to annotate the writes and reads with WRITE_ONCE() and READ_ONCE(). BUG: KCSAN: data-race in unix_poll / unix_release_sock write to 0xffff88800d0f8aec of 1 bytes by task 264 on cpu 0: unix_release_sock... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54220 – serial: 8250: Fix oops for port->pm on uart_change_pm()
https://notcve.org/view.php?id=CVE-2023-54220
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port->pm on uart_change_pm() Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten seconds after unloading the driver. This happens on uart_hangup() calling uart_change_pm(). Turns out commit 04e82793f068 ("serial: 8250: Reinit port->pm on port specific driver unbind") was only a partial fix. If the hardware specific driver has initialized... • https://git.kernel.org/stable/c/490bf37eaabb0a857ed1ae8e75d8854e41662f1c •
CVSS: -EPSS: 0%CPEs: 10EXPL: 0CVE-2023-54219 – Revert "IB/isert: Fix incorrect release of isert connection"
https://notcve.org/view.php?id=CVE-2023-54219
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert connection") is causing problems on OPA when DEVICE_REMOVAL is happening. ------------[ cut here ]------------ WARNING: CPU: 52 PID: 2117247 at drivers/infiniband/core/cq.c:359 ib_cq_pool_cleanup+0xac/0xb0 [ib_core] Modules linked in: nfsd nfs_acl target_core_user uio tcm_fc libfc scsi_transport_fc tcm_loop target_cor... • https://git.kernel.org/stable/c/ccf5a1b28e2b73952e8d23126fa1abc6ff99de55 •