CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50835 – jbd2: add miss release buffer head in fc_do_one_pass()
https://notcve.org/view.php?id=CVE-2022-50835
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fc_do_one_pass() In fc_do_one_pass() miss release buffer head after use which will lead to reference count leak. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/5b849b5f96b47d82b5a432d8b91a8ad260e1de46 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50834 – nfc: Fix potential resource leaks
https://notcve.org/view.php?id=CVE-2022-50834
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfc_get_device() take reference for the device, add missing nfc_put_device() to release it when not need anymore. Also fix the style warnning by use error EOPNOTSUPP instead of ENOTSUPP. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/5ce3f32b5264b337bfd13a780452a17705307725 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50833 – Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works
https://notcve.org/view.php?id=CVE-2022-50833
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works syzbot is reporting attempt to schedule hdev->cmd_work work from system_wq WQ into hdev->workqueue WQ which is under draining operation [1], for commit c8efcc2589464ac7 ("workqueue: allow chained queueing during destruction") does not allow such operation. The check introduced by commit 877afadad2dce8aa ("Bluetooth: When HCI work queue is drained, only queue chained wo... • https://git.kernel.org/stable/c/3b382555706558f5c0587862b6dc03e96a252bba •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50832 – wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
https://notcve.org/view.php?id=CVE-2022-50832
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() The wilc_mac_xmit() returns NETDEV_TX_OK without freeing skb, add dev_kfree_skb() to fix it. Compile tested only. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/c5c77ba18ea66aa05441c71e38473efb787705a4 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50830 – auxdisplay: hd44780: Fix potential memory leak in hd44780_remove()
https://notcve.org/view.php?id=CVE-2022-50830
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() hd44780_probe() allocates a memory chunk for hd with kzalloc() and makes "lcd->drvdata->hd44780" point to it. When we call hd44780_remove(), we should release all relevant memory and resource. But "lcd->drvdata ->hd44780" is not released, which will lead to a memory leak. We should release the "lcd->drvdata->hd44780" in hd44780_remove() to fix the memory leak bug. The SUSE L... • https://git.kernel.org/stable/c/718e05ed92ecac0d9d3954bcc8064527c3ce7565 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50829 – wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
https://notcve.org/view.php?id=CVE-2022-50829
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), then usb_submit_urb() fails and we try to free skb again. It causes use-after-free bug. Moreover, if alloc_skb() fails, urb->context becomes NULL but rx_buf is not freed and there can be a memory leak. The patch removes unnecessary nskb and makes skb processing more clear: it is supposed that ath9k_htc_rx_msg() eithe... • https://git.kernel.org/stable/c/3deff76095c4ac4252e27c537db3041f619c23a2 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50828 – clk: zynqmp: Fix stack-out-of-bounds in strncpy`
https://notcve.org/view.php?id=CVE-2022-50828
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy` "BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68" Linux-ATF interface is using 16 bytes of SMC payload. In case clock name is longer than 15 bytes, string terminated NULL character will not be received by Linux. Add explicit NULL character at last byte to fix issues when clock name is longer. This fixes below bug reported by KASAN: ========================================================... • https://git.kernel.org/stable/c/5852b1365df4414523210e444ac7df1dec09acb4 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54203 – ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
https://notcve.org/view.php?id=CVE-2023-54203
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr When smb1 mount fails, KASAN detect slab-out-of-bounds in init_smb2_rsp_hdr like the following one. For smb1 negotiate(56bytes) , init_smb2_rsp_hdr() for smb2 is called. The issue occurs while handling smb1 negotiate as smb2 server operations. Add smb server operations for smb1 (get_cmd_val, init_rsp_hdr, allocate_rsp_buf, check_user_session) to handle smb1 negotiate so that smb2 server ope... • https://git.kernel.org/stable/c/51a8534c0f35c0401e45f1055f914729cad98bf9 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54202 – drm/i915: fix race condition UAF in i915_perf_add_config_ioctl
https://notcve.org/view.php?id=CVE-2023-54202
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl Userspace can guess the id value and try to race oa_config object creation with config remove, resulting in a use-after-free if we dereference the object after unlocking the metrics_lock. For that reason, unlocking the metrics_lock must be done after we are done dereferencing the object. [tursulin: Manually added stable tag.] (cherry picked from commit 49f6f6483b652108bcb73accd0... • https://git.kernel.org/stable/c/f89823c212246d0671cc51e69894a3df1a743aee •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54201 – RDMA/efa: Fix wrong resources deallocation order
https://notcve.org/view.php?id=CVE-2023-54201
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If the device fails, the object isn't fully destroyed so the user/IB core can try to destroy the object again which will lead to underflow when trying to decrease an already zeroed refcount. Deallocate resources in reve... • https://git.kernel.org/stable/c/ff6629f88c529b07d9704c656c64dae76910e3e9 •