CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54210 – Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor()
https://notcve.org/view.php?id=CVE-2023-54210
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor() KASAN reports that there's a use-after-free in hci_remove_adv_monitor(). Trawling through the disassembly, you can see that the complaint is from the access in bt_dev_dbg() under the HCI_ADV_MONITOR_EXT_MSFT case. The problem case happens because msft_remove_monitor() can end up freeing the monitor structure. Specifically: hci_remove_adv_monitor() -> msft_remove_m... • https://git.kernel.org/stable/c/7cf5c2978f23fdbb2dd7b4e8b07e362ae2d8211c •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54209 – block: fix blktrace debugfs entries leakage
https://notcve.org/view.php?id=CVE-2023-54209
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: block: fix blktrace debugfs entries leakage Commit 99d055b4fd4b ("block: remove per-disk debugfs files in blk_unregister_queue") moves blk_trace_shutdown() from blk_release_queue() to blk_unregister_queue(), this is safe if blktrace is created through sysfs, however, there is a regression in corner case. blktrace can still be enabled after del_gendisk() through ioctl if the disk is opened before del_gendisk(), and if blktrace is not shutdow... • https://git.kernel.org/stable/c/99d055b4fd4bbb309c6cdb51a0d420669f777944 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54208 – media: ov5675: Fix memleak in ov5675_init_controls()
https://notcve.org/view.php?id=CVE-2023-54208
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675_init_controls() There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device: AssertionError: unreferenced object 0xffff888107362160 (size 16): comm "python3", pid 277, jiffies 4294832798 (age 20.722s) hex dump (first 16 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000abe7d67c>] __kmalloc_node+0x44/0x1b0 [<000000008a725aac>] kvmalloc_node+0x34... • https://git.kernel.org/stable/c/bf27502b1f3bf8095bf81736e506d354a2ce9ec4 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54207 – HID: uclogic: Correct devm device reference for hidinput input_dev name
https://notcve.org/view.php?id=CVE-2023-54207
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the logi... • https://git.kernel.org/stable/c/cce2dbdf258e6b27b2b100f511531edabb77f427 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54205 – pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
https://notcve.org/view.php?id=CVE-2023-54205
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_node_put() to avoid refcount leak. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/d86f4d71e42a9fa1866f030074e54d7571d16ec1 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50847 – drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe
https://notcve.org/view.php?id=CVE-2022-50847
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries to access AUX channel and causes NULL pointer dereference. Initializing the AUX channel earlier to prevent such error. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/b5c84a9edcd418cd055becad6a22439e7c5e3bf8 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50846 – mmc: via-sdmmc: fix return value check of mmc_add_host()
https://notcve.org/view.php?id=CVE-2022-50846
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. In the remove() path, mmc_remove_host() will be called to delete device, but it's not added yet, it will lead a kernel crash because of null-ptr-deref in device_del(). Fix this by checking the return value and goto error path which wil... • https://git.kernel.org/stable/c/f0bf7f61b8405224bc52fc9a3ccd167a68126e00 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50845 – ext4: fix inode leak in ext4_xattr_inode_create() on an error path
https://notcve.org/view.php?id=CVE-2022-50845
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: [localhost]# fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 (12-Sep-2022) Pass 1: Checking inodes, blocks, and sizes Pass 2: Checking directory structure Pass 3: Checking directory connectivity Pass 4: Checking reference counts Unattached zero-length inode 15. Clear? no Unattached inode 15 Connect to /lost+found? no Pas... • https://git.kernel.org/stable/c/bd3b963b273e247e13979f98812a6e4979b5c1e4 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50844 – drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback
https://notcve.org/view.php?id=CVE-2022-50844
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A proposed warning in c... • https://git.kernel.org/stable/c/8f4828d0a104d961d5eb850d0aef1530fc24e370 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50843 – dm clone: Fix UAF in clone_dtr()
https://notcve.org/view.php?id=CVE-2022-50843
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clone_dtr() Dm_clone also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in clone_dtr(). The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/7431b7835f554f8608b415a02cf3c3f086309e02 •