CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54079 – power: supply: bq27xxx: Fix poll_interval handling and races on remove
https://notcve.org/view.php?id=CVE-2023-54079
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx: Fix poll_interval handling and races on remove Before this patch bq27xxx_battery_teardown() was setting poll_interval = 0 to avoid bq27xxx_battery_update() requeuing the delayed_work item. There are 2 problems with this: 1. If the driver is unbound through sysfs, rather then the module being rmmod-ed, this changes poll_interval unexpectedly 2. This is racy, after it being set poll_interval could be changed before bq2... • https://git.kernel.org/stable/c/8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db •
CVSS: 5.6EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54078 – media: max9286: Free control handler
https://notcve.org/view.php?id=CVE-2023-54078
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: max9286: Free control handler The control handler is leaked in some probe-time error paths, as well as in the remove path. Fix it. In the Linux kernel, the following vulnerability has been resolved: media: max9286: Free control handler The control handler is leaked in some probe-time error paths, as well as in the remove path. Fix it. • https://git.kernel.org/stable/c/66d8c9d2422da21ed41f75c03ba0685987b65fe0 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50783 – mptcp: use proper req destructor for IPv6
https://notcve.org/view.php?id=CVE-2022-50783
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from TCP request sock in IPv4 was called even if the subflow was IPv6. It is important to use the right destructor to avoid memory leaks with some advanced IPv6 features, e.g. when the request socks contain specific IPv6 options. In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from T... • https://git.kernel.org/stable/c/79c0949e9a09f6a14a6dd18dc8396029423f9b68 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50782 – ext4: fix bug_on in __es_tree_search caused by bad quota inode
https://notcve.org/view.php?id=CVE-2022-50782
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:202! invalid opcode: 0000 [#1] PREEMPT SMP CPU: 1 PID: 810 Comm: mount Not tainted 6.1.0-rc1-next-g9631525255e3 #352 RIP: 0010:__es_tree_search.isra.0+0xb8/0xe0 RSP: 0018:ffffc90001227900 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000000077512a0f ... • https://git.kernel.org/stable/c/393d1d1d76933886d5e1ce603214c9987589c6d5 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50781 – amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
https://notcve.org/view.php?id=CVE-2022-50781
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is capped at 2 but not checked for negative values so it results in an out of bounds read. This value comes from the user via sysfs. In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index... • https://git.kernel.org/stable/c/d5bf26539494d16dfabbbea0854a47d202ea15c0 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50780 – net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
https://notcve.org/view.php?id=CVE-2022-50780
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed When the ops_init() interface is invoked to initialize the net, but ops->init() fails, data is released. However, the ptr pointer in net->gen is invalid. In this case, when nfqnl_nf_hook_drop() is invoked to release the net, invalid address access occurs. The process is as follows: setup_net() ops_init() data = kzalloc(...) ---> alloc "data" net_assign_generic() ---> assign "... • https://git.kernel.org/stable/c/f875bae065334907796da12523f9df85c89f5712 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50779 – orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
https://notcve.org/view.php?id=CVE-2022-50779
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() When insert and remove the orangefs module, then debug_help_string will be leaked: unreferenced object 0xffff8881652ba000 (size 4096): comm "insmod", pid 1701, jiffies 4294893639 (age 13218.530s) hex dump (first 32 bytes): 43 6c 69 65 6e 74 20 44 65 62 75 67 20 4b 65 79 Client Debug Key 77 6f 72 64 73 20 61 72 65 20 75 6e 6b 6e 6f 77 words are unknow backtrace: [<0000000004e6f... • https://git.kernel.org/stable/c/dc0336214eb07ee9de2a41dd4c81c744ffa419ac •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50778 – fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL
https://notcve.org/view.php?id=CVE-2022-50778
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL With CONFIG_FORTIFY=y and CONFIG_UBSAN_LOCAL_BOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's (CTS) android.hardware.input.cts.tests. This is stemming from a strlen() call in hidinput_allocate(). __compiletime_strlen() is implemented in terms of __builtin_object_size(), then does an array access to check for NUL-termination. A quirk o... • https://git.kernel.org/stable/c/3009f891bb9f328945ebd5b71e12df7e2467f3dd •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2022-50777 – net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe
https://notcve.org/view.php?id=CVE-2022-50777
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore. In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore. • https://git.kernel.org/stable/c/3f7056e1822d648f8022997497edc6cad2ad1e73 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50776 – clk: st: Fix memory leak in st_of_quadfs_setup()
https://notcve.org/view.php?id=CVE-2022-50776
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in st_of_quadfs_setup() If st_clk_register_quadfs_pll() fails, @lock should be freed before goto @err_exit, otherwise will cause meory leak issue, fix it. In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in st_of_quadfs_setup() If st_clk_register_quadfs_pll() fails, @lock should be freed before goto @err_exit, otherwise will cause meory leak issue, fix it. • https://git.kernel.org/stable/c/5f7aa9071e935c8c0e869306c7ef073df6c409f6 •