CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54069 – ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow
https://notcve.org/view.php?id=CVE-2023-54069
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end position of ext4_free_extent, this position may be exactly where ext4_lblk_t (i.e. uint) overflows. For example, if ac_g_ex.fe_logical is 4294965248 and ac_orig_goal_len is 2048, then the computed end is 0x100000000, which is 0. If ac->ac_o_ex.fe_logical is not the first case of adjusting the best extent, that is, new_bex_end > 0, the following BUG_ON will be ... • https://git.kernel.org/stable/c/8659c5f4ffaacbe932849b98462c3d635b4eacea •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54067 – btrfs: fix race when deleting free space root from the dirty cow roots list
https://notcve.org/view.php?id=CVE-2023-54067
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting free space root from the dirty cow roots list When deleting the free space tree we are deleting the free space root from the list fs_info->dirty_cowonly_roots without taking the lock that protects it, which is struct btrfs_fs_info::trans_lock. This unsynchronized list manipulation may cause chaos if there's another concurrent manipulation of this list, such as when adding a root to it with ctree.c:add_root_to_d... • https://git.kernel.org/stable/c/a5ed91828518ab076209266c2bc510adabd078df •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54064 – ipmi:ssif: Fix a memory leak when scanning for an adapter
https://notcve.org/view.php?id=CVE-2023-54064
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function can be called more than once, and it will leak the adapter name if it had already been set. So check for NULL before setting it. In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanni... • https://git.kernel.org/stable/c/c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54062 – ext4: fix invalid free tracking in ext4_xattr_move_to_block()
https://notcve.org/view.php?id=CVE-2023-54062
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4_xattr_move_to_block() In ext4_xattr_move_to_block(), the value of the extended attribute which we need to move to an external block may be allocated by kvmalloc() if the value is stored in an external inode. So at the end of the function the code tried to check if this was the case by testing entry->e_value_inum. However, at this point, the pointer to the xattr entry is no longer valid, because it was... • https://git.kernel.org/stable/c/c7851208abffe5ae4deb01cf48763911dc14fc67 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54057 – iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter
https://notcve.org/view.php?id=CVE-2023-54057
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter The 'acpiid' buffer in the parse_ivrs_acpihid function may overflow, because the string specifier in the format string sscanf() has no width limitation. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE. In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrs_acpihid ... • https://git.kernel.org/stable/c/ca3bf5d47cec8b7614bcb2e9132c40081d6d81db •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54056 – kheaders: Use array declaration instead of char
https://notcve.org/view.php?id=CVE-2023-54056
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIG_FORTIFY_SOURCE, memcpy() will check the size of destination and source buffers. Defining kernel_headers_data as "char" would trip this check. Since these addresses are treated as byte arrays, define them as arrays (as done everywhere else). This was seen with: $ cat /sys/kernel/kheaders.tar.xz >> /dev/null detected buffer overflow in memcpy kernel BUG at lib/string_helpers.c:1027!... • https://git.kernel.org/stable/c/43d8ce9d65a54846d378545770991e65838981e0 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54053 – wifi: iwlwifi: pcie: fix possible NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-54053
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix possible NULL pointer dereference It is possible that iwl_pci_probe() will fail and free the trans, then afterwards iwl_pci_remove() will be called and crash by trying to access trans which is already freed, fix it. iwlwifi 0000:01:00.0: Detected crf-id 0xa5a5a5a2, cnv-id 0xa5a5a5a2 wfpm id 0xa5a5a5a2 iwlwifi 0000:01:00.0: Can't find a correct rfid for crf id 0x5a2 ... BUG: kernel NULL pointer dereference, address: ... • https://git.kernel.org/stable/c/809805a820c6445f7a701ded24fdc6bbc841d1e4 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54051 – net: do not allow gso_size to be set to GSO_BY_FRAGS
https://notcve.org/view.php?id=CVE-2023-54051
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: do not allow gso_size to be set to GSO_BY_FRAGS One missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again [1] Do not allow gso_size to be set to GSO_BY_FRAGS (0xffff), because this magic value is used by the kernel. [1] general protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077] CPU: 0 PID: 50... • https://git.kernel.org/stable/c/3953c46c3ac7eef31a9935427371c6f54a22f1ba •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54050 – ubifs: Fix memleak when insert_old_idx() failed
https://notcve.org/view.php?id=CVE-2023-54050
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memleak when insert_old_idx() failed Following process will cause a memleak for copied up znode: dirty_cow_znode zn = copy_znode(c, znode); err = insert_old_idx(c, zbr->lnum, zbr->offs); if (unlikely(err)) return ERR_PTR(err); // No one refers to zn. Fetch a reproducer in [Link]. Function copy_znode() is split into 2 parts: resource allocation and znode replacement, insert_old_idx() is split in similar way, so resource cleanup co... • https://git.kernel.org/stable/c/1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54049 – rpmsg: glink: Add check for kstrdup
https://notcve.org/view.php?id=CVE-2023-54049
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix ... • https://git.kernel.org/stable/c/b4f8e52b89f69f5563ac4cb9ffdacc4418917af1 •