CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54230 – amba: bus: fix refcount leak
https://notcve.org/view.php?id=CVE-2023-54230
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_node, but not releases it in amba_device_release, so there is refcount leak. By using of_node_put to avoid refcount leak. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/5de1540b7bc4c23470f86add1e517be41e7fefe2 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54229 – wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range
https://notcve.org/view.php?id=CVE-2023-54229
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register: WARNING: CPU: 2 PID: 106 at net/wireless/core.c:907 wiphy_register+0x914/0x954 Modules linked in: ath11k_pci sbsa_gwdt CPU: 2 PID: 106 Comm: kworker/u8:5 Not tainted 6.3.0-rc7-next-20230418-00549-g1e096a17625a-dirty #9 Hardware name: Fre... • https://git.kernel.org/stable/c/22eeadcdeab63e88983401f699f61a0121c03a0d •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-54227 – blk-mq: fix tags leak when shrink nr_hw_queues
https://notcve.org/view.php?id=CVE-2023-54227
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nr_hw_queues Although we don't need to realloc set->tags[] when shrink nr_hw_queues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe null_blk nr_devices=0 submit_queues=8 3. mkdir /mnt/nullb/nullb0 4. echo 1 > /mnt/nullb/nullb0/power 5. echo 4 > /mnt/nullb/nullb0/submit_queues 6. rmdir /mnt/nullb/nullb0 In step 4, will alloc 9 tags (8 subm... • https://git.kernel.org/stable/c/a846a8e6c9a5949582c5a6a8bbc83a7d27fd891e •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54226 – af_unix: Fix data races around sk->sk_shutdown.
https://notcve.org/view.php?id=CVE-2023-54226
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown. KCSAN found a data race around sk->sk_shutdown where unix_release_sock() and unix_shutdown() update it under unix_state_lock(), OTOH unix_poll() and unix_dgram_poll() read it locklessly. We need to annotate the writes and reads with WRITE_ONCE() and READ_ONCE(). BUG: KCSAN: data-race in unix_poll / unix_release_sock write to 0xffff88800d0f8aec of 1 bytes by task 264 on cpu 0: unix_release_sock... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54225 – net: ipa: only reset hashed tables when supported
https://notcve.org/view.php?id=CVE-2023-54225
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently, Google reported seeing transaction reference count underflows occasionally during shutdown. Doug Anderson found a way to reproduce the issue reliably, and bisected the issue to the commit that eliminated the linked l... • https://git.kernel.org/stable/c/d338ae28d8a866c57fcac38f3d77bcc1d1702d19 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54224 – btrfs: fix lockdep splat and potential deadlock after failure running delayed items
https://notcve.org/view.php?id=CVE-2023-54224
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix lockdep splat and potential deadlock after failure running delayed items When running delayed items we are holding a delayed node's mutex and then we will attempt to modify a subvolume btree to insert/update/delete the delayed items. However if have an error during the insertions for example, btrfs_insert_delayed_items() may return with a path that has locked extent buffers (a leaf at the very least), and then we attempt to relea... • https://git.kernel.org/stable/c/506650dcb3a716ad98681f7091ba2f8e748c04b8 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54222 – hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id()
https://notcve.org/view.php?id=CVE-2023-54222
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id() The "map_sz" is the number of elements in the "m" array so the > comparison needs to be changed to >= to prevent an out of bounds read. • https://git.kernel.org/stable/c/09574cca6ad649f84ba804caf63a5aefe0202834 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54221 – clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe
https://notcve.org/view.php?id=CVE-2023-54221
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe In function probe(), it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregister_hws;' on line 295 and line 310. Use devm_kzalloc() instead of kzalloc() to automatically free the memory using devm_kfree() when error occurs. Replace of_iomap() with devm_of_iomap() to automatically handle the unused ioremap region and delete 'ioun... • https://git.kernel.org/stable/c/24defbe194b650218680fcd9dec8cd103537b531 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54220 – serial: 8250: Fix oops for port->pm on uart_change_pm()
https://notcve.org/view.php?id=CVE-2023-54220
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port->pm on uart_change_pm() Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten seconds after unloading the driver. This happens on uart_hangup() calling uart_change_pm(). Turns out commit 04e82793f068 ("serial: 8250: Reinit port->pm on port specific driver unbind") was only a partial fix. If the hardware specific driver has initialized... • https://git.kernel.org/stable/c/490bf37eaabb0a857ed1ae8e75d8854e41662f1c •
CVSS: -EPSS: 0%CPEs: 10EXPL: 0CVE-2023-54219 – Revert "IB/isert: Fix incorrect release of isert connection"
https://notcve.org/view.php?id=CVE-2023-54219
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert connection") is causing problems on OPA when DEVICE_REMOVAL is happening. ------------[ cut here ]------------ WARNING: CPU: 52 PID: 2117247 at drivers/infiniband/core/cq.c:359 ib_cq_pool_cleanup+0xac/0xb0 [ib_core] Modules linked in: nfsd nfs_acl target_core_user uio tcm_fc libfc scsi_transport_fc tcm_loop target_cor... • https://git.kernel.org/stable/c/ccf5a1b28e2b73952e8d23126fa1abc6ff99de55 •