CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53744 – soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe
https://notcve.org/view.php?id=CVE-2023-53744
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe wkup_m3_ipc_get() takes refcount, which should be freed by wkup_m3_ipc_put(). Add missing refcount release in the error paths. In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe wkup_m3_ipc_get() takes refcount, which should be freed by wkup_m3_ipc_put(). Add missing refcount release in the error paths. • https://git.kernel.org/stable/c/5a99ae0092fe24fd581fdb6b9c2b48f94f92cf32 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53742 – kcsan: Avoid READ_ONCE() in read_instrumented_memory()
https://notcve.org/view.php?id=CVE-2023-53742
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: kcsan: Avoid READ_ONCE() in read_instrumented_memory() Haibo Li reported: | Unable to handle kernel paging request at virtual address | ffffff802a0d8d7171 | Mem abort info:o: | ESR = 0x9600002121 | EC = 0x25: DABT (current EL), IL = 32 bitsts | SET = 0, FnV = 0 0 | EA = 0, S1PTW = 0 0 | FSC = 0x21: alignment fault | Data abort info:o: | ISV = 0, ISS = 0x0000002121 | CM = 0, WnR = 0 0 | swapper pgtable: 4k pages, 39-bit VAs, pgdp=00000000283... • https://git.kernel.org/stable/c/706ae665747b629bcf87a2d7e6438602f904b8d5 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50630 – mm: hugetlb: fix UAF in hugetlb_handle_userfault
https://notcve.org/view.php?id=CVE-2022-50630
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlb_handle_userfault The vma_lock and hugetlb_fault_mutex are dropped before handling userfault and reacquire them again after handle_userfault(), but reacquire the vma_lock could lead to UAF[1,2] due to the following race, hugetlb_fault hugetlb_no_page /*unlock vma_lock */ hugetlb_handle_userfault handle_userfault /* unlock mm->mmap_lock*/ vm_mmap_pgoff do_mmap mmap_region munmap_vma_range /* clean old vma */ /*... • https://git.kernel.org/stable/c/1a1aad8a9b7bd34f60cdf98cd7915f00ae892c45 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50629 – wifi: rsi: Fix memory leak in rsi_coex_attach()
https://notcve.org/view.php?id=CVE-2022-50629
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsi_coex_attach() The coex_cb needs to be freed when rsi_create_kthread() failed in rsi_coex_attach(). In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsi_coex_attach() The coex_cb needs to be freed when rsi_create_kthread() failed in rsi_coex_attach(). • https://git.kernel.org/stable/c/2108df3c4b1856588ca2e7f641900c2bbf38467e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50627 – wifi: ath11k: fix monitor mode bringup crash
https://notcve.org/view.php?id=CVE-2022-50627
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix monitor mode bringup crash When the interface is brought up in monitor mode, it leads to NULL pointer dereference crash. This crash happens when the packet type is extracted for a SKB. This extraction which is present in the received msdu delivery path,is not needed for the monitor ring packets since they are all RAW packets. Hence appending the flags with "RX_FLAG_ONLY_MONITOR" to skip that extraction. Observed calltrace:... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d •
CVSS: 6.6EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50626 – media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
https://notcve.org/view.php?id=CVE-2022-50626
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is due to not accounting for and freeing current iteration's adapter->priv in case of an error. Currently if an error occurs, it will exit before incrementing "num_adapters_initalized", which is used as a reference counter to free all adap->priv in "dvb_usb_adapter_exit()". There are multiple error paths that can exit... • https://git.kernel.org/stable/c/4d43e13f723e12734257277cc38497fab1efc605 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50625 – serial: amba-pl011: avoid SBSA UART accessing DMACR register
https://notcve.org/view.php?id=CVE-2022-50625
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1] documentation describes a generic UART interface. Such generic UART does not support DMA. In current code, sbsa_uart_pops and amba_pl011_pops share the same stop_rx operation, which will invoke pl011_dma_rx_stop, leading to an access of the DMACR register. This commit adds a using_rx_dma check in pl011_dma_rx_st... • https://git.kernel.org/stable/c/0dd1e247fd39aed20fd2baacc62ca44d82534798 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50624 – net: netsec: fix error handling in netsec_register_mdio()
https://notcve.org/view.php?id=CVE-2022-50624
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsec_register_mdio() If phy_device_register() fails, phy_device_free() need be called to put refcount, so memory of phy device and device name can be freed in callback function. If get_phy_device() fails, mdiobus_unregister() need be called, or it will cause warning in mdiobus_free() and kobject is leaked. In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling... • https://git.kernel.org/stable/c/533dd11a12f698c571a12271b20f235792d3e148 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50623 – fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
https://notcve.org/view.php?id=CVE-2022-50623
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() The "hdr.count * sizeof(s32)" multiplication can overflow on 32 bit systems leading to memory corruption. Use array_size() to fix that. In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() The "hdr.count * sizeof(s32)" multiplication can overflow on 32 bit systems leading to memory corruption. Use array_... • https://git.kernel.org/stable/c/322b598be4d9b9090cda560c4caab78704615ab4 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50622 – ext4: fix potential memory leak in ext4_fc_record_modified_inode()
https://notcve.org/view.php?id=CVE-2022-50622
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in this case 'state->fc_modified_inodes' may not be freed by krealloc, but 'state->fc_modified_inodes' already set NULL. Then will lead to 'state->fc_modified_inodes' memory leak. In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in t... • https://git.kernel.org/stable/c/8016e29f4362e285f0f7e38fadc61a5b7bdfdfa2 •