CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54190 – leds: led-core: Fix refcount leak in of_led_get()
https://notcve.org/view.php?id=CVE-2023-54190
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: leds: led-core: Fix refcount leak in of_led_get() class_find_device_by_of_node() calls class_find_device(), it will take the reference, use the put_device() to drop the reference when not need anymore. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/699a8c7c4bd376aee4808e6272188319e900c8af •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54189 – pstore/ram: Add check for kstrdup
https://notcve.org/view.php?id=CVE-2023-54189
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/c617a3b777b92a0e80ceff2dffaae9350d4c3850 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54188 – dmaengine: apple-admac: Fix 'current_tx' not getting freed
https://notcve.org/view.php?id=CVE-2023-54188
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: apple-admac: Fix 'current_tx' not getting freed In terminate_all we should queue up all submitted descriptors to be freed. We do that for the content of the 'issued' and 'submitted' lists, but the 'current_tx' descriptor falls through the cracks as it's removed from the 'issued' list once it gets assigned to be the current descriptor. Explicitly queue up freeing of the 'current_tx' descriptor to address a memory leak that is othe... • https://git.kernel.org/stable/c/b127315d9a78c011c011b88b92f650510edcfbd2 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54187 – f2fs: fix potential corruption when moving a directory
https://notcve.org/view.php?id=CVE-2023-54187
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4_rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b ("ext4: Fix possible corruption when moving a directory") • https://git.kernel.org/stable/c/622f28ae9ba4fa89b4ff0f4a6cf75d153ea838ce •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54186 – usb: typec: altmodes/displayport: fix pin_assignment_show
https://notcve.org/view.php?id=CVE-2023-54186
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show when get_current_pin_assignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN: use-after-free in pin_assignment_show+0x26c/0x33c ... Call trace: dump_backtrace+0x110/0x204 dump_stack_lvl+0x84/0xbc print_report+0x358/0x974 kasan_report+0x9c/0xfc __do_kernel_fault+0xd4/0x2d4 do_bad_area+0x48/0x... • https://git.kernel.org/stable/c/0e3bb7d6894d9b6e67d6382bb03a46a1dc989588 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54185 – btrfs: remove BUG_ON()'s in add_new_free_space()
https://notcve.org/view.php?id=CVE-2023-54185
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG_ON()'s in add_new_free_space() At add_new_free_space() we have these BUG_ON()'s that are there to deal with any failure to add free space to the in memory free space cache. Such failures are mostly -ENOMEM that should be very rare. However there's no need to have these BUG_ON()'s, we can just return any error to the caller and all callers and their upper call chain are already dealing with errors. So just make add_new_free... • https://git.kernel.org/stable/c/0f9dd46cda36b8de3b9f48bc42bd09d20b9c3b52 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54184 – scsi: target: iscsit: Free cmds before session free
https://notcve.org/view.php?id=CVE-2023-54184
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That leads to use-after-free at command free or NPE with such call trace: Time2Retain timer expired for SID: 1, cleaning up iSCSI session. BUG: kernel NULL pointer dereference, address: 0000000000000140 RIP: 0010:sbitmap_queue_clear+0x3a/0xa0 Call Trace: target_release_cmd_kref+0xd1/0x1f0 [target_core_mod] transport_ge... • https://git.kernel.org/stable/c/988e3a85463d9b6dabc681df3f8f131b23c19953 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54183 – media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()
https://notcve.org/view.php?id=CVE-2023-54183
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() If fwnode_graph_get_remote_endpoint() fails, 'fwnode' is known to be NULL, so fwnode_handle_put() is a no-op. Release the reference taken from a previous fwnode_graph_get_port_parent() call instead. Also handle fwnode_graph_get_port_parent() failures. In order to fix these issues, add an error handling path to the function and the needed gotos. The SUSE Linux Enterp... • https://git.kernel.org/stable/c/ca50c197bd9610ea984cfc0dc6855f183cbb46f8 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54182 – f2fs: fix to check readonly condition correctly
https://notcve.org/view.php?id=CVE-2023-54182
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check readonly condition correctly With below case, it can mount multi-device image w/ rw option, however one of secondary device is set as ro, later update will cause panic, so let's introduce f2fs_dev_is_readonly(), and check multi-devices rw status in f2fs_remount() w/ it in order to avoid such inconsistent mount status. mkfs.f2fs -c /dev/zram1 /dev/zram0 -f blockdev --setro /dev/zram1 mount -t f2fs dev/zram0 /mnt/f2fs mount... • https://git.kernel.org/stable/c/f824deb54b683165b953371a0529446c723ef6d6 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54181 – bpf: Fix issue in verifying allow_ptr_leaks
https://notcve.org/view.php?id=CVE-2023-54181
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allow_ptr_leaks After we converted the capabilities of our networking-bpf program from cap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program failed to start. Because it failed the bpf verifier, and the error log is "R3 pointer comparison prohibited". A simple reproducer as follows, SEC("cls-ingress") int ingress(struct __sk_buff *skb) { struct iphdr *iph = (void *)(long)skb->data + sizeof(struct ethh... • https://git.kernel.org/stable/c/2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366 •