CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54240 – net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()
https://notcve.org/view.php?id=CVE-2023-54240
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all() rule_locs is allocated in ethtool_get_rxnfc and the size is determined by rule_cnt from user space. So rule_cnt needs to be check before using rule_locs to avoid NULL pointer dereference. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/7aab747e5563ecbc9f3cb64ddea13fe7b9fee2bd •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-54239 – iommufd: Check for uptr overflow
https://notcve.org/view.php?id=CVE-2023-54239
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: iommufd: Check for uptr overflow syzkaller found that setting up a map with a user VA that wraps past zero can trigger WARN_ONs, particularly from pin_user_pages weirdly returning 0 due to invalid arguments. Prevent creating a pages with a uptr and size that would math overflow. WARNING: CPU: 0 PID: 518 at drivers/iommu/iommufd/pages.c:793 pfn_reader_user_pin+0x2e6/0x390 Modules linked in: CPU: 0 PID: 518 Comm: repro Not tainted 6.3.0-rc2-e... • https://git.kernel.org/stable/c/8d160cd4d5066f864ec0f2c981470e55ac03ac27 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54238 – mlx5: fix skb leak while fifo resync and push
https://notcve.org/view.php?id=CVE-2023-54238
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napi_consume nor by dev_kfree_skb_any. Add call to napi_consume_skb to properly free SKBs. Another leak was happening because mlx5e_skb_fifo_has_room() had an error in the check. Comparing free running counters works well unless C promotes the types to something wider than the counter. In this case counters... • https://git.kernel.org/stable/c/58a518948f60153e8f6cb8361d2712aa3a1af94a •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54237 – net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()
https://notcve.org/view.php?id=CVE-2023-54237
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link() There is a certain chance to trigger the following panic: PID: 5900 TASK: ffff88c1c8af4100 CPU: 1 COMMAND: "kworker/1:48" #0 [ffff9456c1cc79a0] machine_kexec at ffffffff870665b7 #1 [ffff9456c1cc79f0] __crash_kexec at ffffffff871b4c7a #2 [ffff9456c1cc7ab0] crash_kexec at ffffffff871b5b60 #3 [ffff9456c1cc7ac0] oops_end at ffffffff87026ce7 #4 [ffff9456c1cc7ae0] page_fault_... • https://git.kernel.org/stable/c/2d2209f2018943d4152a21eff5b76f1952e0b435 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54236 – net/net_failover: fix txq exceeding warning
https://notcve.org/view.php?id=CVE-2023-54236
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/net_failover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned from the primary device if the primary device is UP and running. If the primary device txq is bigger than the default 16, it can lead to the following warning: eth0 selects TX queue 18, but real number of TX queues is 16 The warning bac... • https://git.kernel.org/stable/c/cfc80d9a11635404a40199a1c9471c96890f3f74 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54235 – PCI/DOE: Fix destroy_work_on_stack() race
https://notcve.org/view.php?id=CVE-2023-54235
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroy_work_on_stack() race The following debug object splat was observed in testing: ODEBUG: free active (active state 0) object: 0000000097d23782 object type: work_struct hint: doe_statemachine_work+0x0/0x510 WARNING: CPU: 1 PID: 71 at lib/debugobjects.c:514 debug_print_object+0x7d/0xb0 ... Workqueue: pci 0000:36:00.0 DOE [1 doe_statemachine_work RIP: 0010:debug_print_object+0x7d/0xb0 ... Call Trace: ? debug_print_object+0x7... • https://git.kernel.org/stable/c/2a0e0f4773fe8032fb17e56f897bee32ce3cdc2b •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54234 – scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization
https://notcve.org/view.php?id=CVE-2023-54234
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization Commit c1af985d27da ("scsi: mpi3mr: Add Event acknowledgment logic") introduced an array mrioc->evtack_cmds but initialization of the array elements was missed. They are just zero cleared. The function mpi3mr_complete_evt_ack() refers host_tag field of the elements. Due to the zero value of the host_tag field, the function calls clear_bit() for mrico->evtack_cmds_bitmap with wrong ... • https://git.kernel.org/stable/c/c1af985d27da2d530c22604644e9025810f57d7c •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-54233 – ASoC: SOF: avoid a NULL dereference with unsupported widgets
https://notcve.org/view.php?id=CVE-2023-54233
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .module_info field won't be set, then sof_ipc4_route_setup() will cause a kernel Oops trying to dereference it. Add a check for such cases. • https://git.kernel.org/stable/c/3acd527089463742a3dd95e274d53c2fdd834716 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54232 – m68k: Only force 030 bus error if PC not in exception table
https://notcve.org/view.php?id=CVE-2023-54232
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: m68k: Only force 030 bus error if PC not in exception table __get_kernel_nofault() does copy data in supervisor mode when forcing a task backtrace log through /proc/sysrq_trigger. This is expected cause a bus error exception on e.g. NULL pointer dereferencing when logging a kernel task has no workqueue associated. This bus error ought to be ignored. Our 030 bus error handler is ill equipped to deal with this: Whenever ssw indicates a kernel... • https://git.kernel.org/stable/c/f2325ecebc5b7988fd49968bd3a660fd1594dc84 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-54231 – net: libwx: fix memory leak in wx_setup_rx_resources
https://notcve.org/view.php?id=CVE-2023-54231
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix memory leak in wx_setup_rx_resources When wx_alloc_page_pool() failed in wx_setup_rx_resources(), it doesn't release DMA buffer. Add dma_free_coherent() in the error path to release the DMA buffer. • https://git.kernel.org/stable/c/850b971110b20cbcc2367516fefe78e84fec7d79 •