CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50739 – fs/ntfs3: Add null pointer check for inode operations
https://notcve.org/view.php?id=CVE-2022-50739
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the i_op pointer of the inode which is returned after reading Root directory MFT record. We should check the i_op is valid before trying to create the root dentry, otherwise we may encounter a NPD while mounting a image with a funny Root directory MFT record. [ 114.484325] BUG: kernel NULL pointer dereference, address: 0000000000000008 [ 114.484811] #PF: supe... • https://git.kernel.org/stable/c/82cae269cfa953032fbb8980a7d554d60fb00b17 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50738 – vhost-vdpa: fix an iotlb memory leak
https://notcve.org/view.php?id=CVE-2022-50738
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix an iotlb memory leak Before commit 3d5698793897 ("vhost-vdpa: introduce asid based IOTLB") we called vhost_vdpa_iotlb_unmap(v, iotlb, 0ULL, 0ULL - 1) during release to free all the resources allocated when processing user IOTLB messages through vhost_vdpa_process_iotlb_update(). That commit changed the handling of IOTLB a bit, and we accidentally removed some code called during the release. We partially fixed this with commi... • https://git.kernel.org/stable/c/3d5698793897a2b9c0060d899881d1a0591630d5 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50737 – fs/ntfs3: Validate index root when initialize NTFS security
https://notcve.org/view.php?id=CVE-2022-50737
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate index root when initialize NTFS security This enhances the sanity check for $SDH and $SII while initializing NTFS security, guarantees these index root are legit. [ 162.459513] BUG: KASAN: use-after-free in hdr_find_e.isra.0+0x10c/0x320 [ 162.460176] Read of size 2 at addr ffff8880037bca99 by task mount/243 [ 162.460851] [ 162.461252] CPU: 0 PID: 243 Comm: mount Not tainted 6.0.0-rc7 #42 [ 162.461744] Hardware name: QEMU ... • https://git.kernel.org/stable/c/82cae269cfa953032fbb8980a7d554d60fb00b17 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54077 – fs/ntfs3: Fix memory leak if ntfs_read_mft failed
https://notcve.org/view.php?id=CVE-2023-54077
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfs_read_mft failed Label ATTR_ROOT in ntfs_read_mft() sets is_root = true and ni->ni_flags |= NI_FLAG_DIR, then next attr will goto label ATTR_ALLOC and alloc ni->dir.alloc_run. However two states are not always consistent and can make memory leak. 1) attr_name in ATTR_ROOT does not fit the condition it will set is_root = true but NI_FLAG_DIR is not set. 2) next attr_name in ATTR_ALLOC fits the condition and a... • https://git.kernel.org/stable/c/82cae269cfa953032fbb8980a7d554d60fb00b17 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54076 – smb: client: fix missed ses refcounting
https://notcve.org/view.php?id=CVE-2023-54076
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifs_smb_ses_inc_refcount() helper to get an active reference of @ses and @ses->dfs_root_ses (if set). This will prevent @ses->dfs_root_ses of being put in the next call to cifs_put_smb_ses() and thus potentially causing an use-after-free bug. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifs_smb_ses_inc_refcount() helper t... • https://git.kernel.org/stable/c/8e3554150d6c80a84b3cb046615d1a0e943811dc •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-54075 – ASoC: mediatek: common: Fix refcount leak in parse_dai_link_info
https://notcve.org/view.php?id=CVE-2023-54075
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parse_dai_link_info Add missing of_node_put()s before the returns to balance of_node_get()s and of_node_put()s, which may get unbalanced in case the for loop 'for_each_available_child_of_node' returns early. In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parse_dai_link_info Add missing of_node_put()s before the returns to balance o... • https://git.kernel.org/stable/c/4302187d955f166c03b4fa7c993b89ffbabfca4e •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54074 – net/mlx5e: Use correct encap attribute during invalidation
https://notcve.org/view.php?id=CVE-2023-54074
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use correct encap attribute during invalidation With introduction of post action infrastructure most of the users of encap attribute had been modified in order to obtain the correct attribute by calling mlx5e_tc_get_encap_attr() helper instead of assuming encap action is always on default attribute. However, the cited commit didn't modify mlx5e_invalidate_encap() which prevents it from destroying correct modify header action whic... • https://git.kernel.org/stable/c/8300f225268be9ee2c0daf5a3f23929fcdcbf213 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54073 – tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
https://notcve.org/view.php?id=CVE-2023-54073
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site The following crash was reported: [ 1950.279393] list_del corruption, ffff99560d485790->next is NULL [ 1950.279400] ------------[ cut here ]------------ [ 1950.279401] kernel BUG at lib/list_debug.c:49! [ 1950.279405] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 1950.279407] CPU: 11 PID: 5886 Comm: modprobe Tainted: G O 6.2.8_1 #1 [ 1950.279409] Hardware name: Gigabyt... • https://git.kernel.org/stable/c/b006c439d58db625318bf2207feabf847510a8a6 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54072 – ALSA: pcm: Fix potential data race at PCM memory allocation helpers
https://notcve.org/view.php?id=CVE-2023-54072
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper lock and the allocation isn't serialized; this allows user to allocate more memories than predefined max size. Practically seen, this isn't really a big problem, as it's more or less some "soft limit" as a sanity check, and it's not pos... • https://git.kernel.org/stable/c/7e1d1456c8db9949459c5a24e8845cfe92430b0f •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54071 – wifi: rtw88: use work to update rate to avoid RCU warning
https://notcve.org/view.php?id=CVE-2023-54071
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: use work to update rate to avoid RCU warning The ieee80211_ops::sta_rc_update must be atomic, because ieee80211_chan_bw_change() holds rcu_read lock while calling drv_sta_rc_update(), so create a work to do original things. Voluntary context switch within RCU read-side critical section! WARNING: CPU: 0 PID: 4621 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x571/0x5d0 CPU: 0 PID: 4621 Comm: kworker/u16:2 Tainted: G W... • https://git.kernel.org/stable/c/c1edc86472fc3a5aa3b5c5c53c4e20f6a24992a6 •