CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53534 – drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc
https://notcve.org/view.php?id=CVE-2023-53534
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference. In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference. • https://git.kernel.org/stable/c/31c5558dae0513bd2bae33ea37543f584c6c35a5 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53533 – Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe
https://notcve.org/view.php?id=CVE-2023-53533
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe rpi_firmware_get() take reference, we need to release it in error paths as well. Use devm_rpi_firmware_get() helper to handling the resources. Also remove the existing rpi_firmware_put(). In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe rpi_firmware_get() take reference, we need to release it in error paths ... • https://git.kernel.org/stable/c/0b9f28fed3f70ff9a0380fe308739dd72a30a6f6 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50486 – net: ethernet: ti: Fix return type of netcp_ndo_start_xmit()
https://notcve.org/view.php?id=CVE-2022-50486
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A proposed warning in clang aims to ... • https://git.kernel.org/stable/c/a447479ea2cf35603b5739ea947885024b901222 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.7EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50485 – ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
https://notcve.org/view.php?id=CVE-2022-50485
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, because the inode may not be initialized. This mechanism can be used to bypass some checks and cause panic. To solve this problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag we'd be returning bad... • https://git.kernel.org/stable/c/2142dfa1de61e25b83198af0308ec7689cca25d3 • CWE-654: Reliance on a Single Factor in a Security Decision •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50484 – ALSA: usb-audio: Fix potential memory leaks
https://notcve.org/view.php?id=CVE-2022-50484
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, when -ENOMEM hits at the middle of the sync EP URB allocation loop, the partially allocated URBs might be left without released, because ep->nurbs is still zero at that point. Fix it by setting ep->nurbs at first, so that the error handle... • https://git.kernel.org/stable/c/0604e5e5537af099ea2f6dfd892afe5c92db8a80 • CWE-911: Improper Update of Reference Count •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50483 – net: enetc: avoid buffer leaks on xdp_do_redirect() failure
https://notcve.org/view.php?id=CVE-2022-50483
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid buffer leaks on xdp_do_redirect() failure Before enetc_clean_rx_ring_xdp() calls xdp_do_redirect(), each software BD in the RX ring between index orig_i and i can have one of 2 refcount values on its page. We are the owner of the current buffer that is being processed, so the refcount will be at least 1. If the current owner of the buffer at the diametrically opposed index in the RX ring (i.o.w, the other half of this page... • https://git.kernel.org/stable/c/9d2b68cc108db2fdb35022ed2d88cfb305c441a6 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50482 – iommu/vt-d: Clean up si_domain in the init_dmars() error path
https://notcve.org/view.php?id=CVE-2022-50482
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there was a failure in init_dmars(), because the iommu_domain cache still had objects. While the mempool code is now gone, there still is a leak of the si_domain memory if init_dmars() fails. So clean up si_domain in the init_dmars() error p... • https://git.kernel.org/stable/c/86080ccc223aabf8d0b85a504f4f06aa88e82fb3 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50481 – cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
https://notcve.org/view.php?id=CVE-2022-50481
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter() If device_register() fails in cxl_register_afu|adapter(), the device is not added, device_unregister() can not be called in the error path, otherwise it will cause a null-ptr-deref because of removing not added device. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So split device_unregister() into device_del() and ... • https://git.kernel.org/stable/c/14baf4d9c739e6e69150512d2eb23c71fffcc192 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50480 – memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
https://notcve.org/view.php?id=CVE-2022-50480
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() The break of for_each_available_child_of_node() needs a corresponding of_node_put() when the reference 'child' is not used anymore. Here we do not need to call of_node_put() in fail path as '!match' means no break. While the of_platform_device_create() will created a new reference by 'child' but it has considered the refcounting. In the Linux kernel, the following vulnerability h... • https://git.kernel.org/stable/c/fee10bd2267868f2a3e7ba008ef7665aac5e4412 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50479 – drm/amd: fix potential memory leak
https://notcve.org/view.php?id=CVE-2022-50479
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd: fix potential memory leak This patch fix potential memory leak (clk_src) when function run into last return NULL. s/free/kfree/ - Alex In the Linux kernel, the following vulnerability has been resolved: drm/amd: fix potential memory leak This patch fix potential memory leak (clk_src) when function run into last return NULL. s/free/kfree/ - Alex • https://git.kernel.org/stable/c/3a83e4e64bb1522ddac67ffc787d1c38291e1a65 • CWE-772: Missing Release of Resource after Effective Lifetime •