CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54255 – sh: dma: Fix DMA channel offset calculation
https://notcve.org/view.php?id=CVE-2023-54255
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: sh: dma: Fix DMA channel offset calculation Various SoCs of the SH3, SH4 and SH4A family, which use this driver, feature a differing number of DMA channels, which can be distributed between up to two DMAC modules. The existing implementation fails to correctly accommodate for all those variations, resulting in wrong channel offset calculations and leading to kernel panics. Rewrite dma_base_addr() in order to properly calculate channel offse... • https://git.kernel.org/stable/c/7f47c7189b3e8f19a589f77a3ad169d7b691b582 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54253 – btrfs: set page extent mapped after read_folio in relocate_one_page
https://notcve.org/view.php?id=CVE-2023-54253
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after read_folio in relocate_one_page One of the CI runs triggered the following panic assertion failed: PagePrivate(page) && page->private, in fs/btrfs/subpage.c:229 ------------[ cut here ]------------ kernel BUG at fs/btrfs/subpage.c:229! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP CPU: 0 PID: 923660 Comm: btrfs Not tainted 6.5.0-rc3+ #1 pstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=-... • https://git.kernel.org/stable/c/08daa38ca212d87f77beae839bc9be71079c7abf •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54250 – ksmbd: avoid out of bounds access in decode_preauth_ctxt()
https://notcve.org/view.php?id=CVE-2023-54250
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decode_preauth_ctxt() Confirm that the accessed pneg_ctxt->HashAlgorithms address sits within the SMB request boundary; deassemble_neg_contexts() only checks that the eight byte smb2_neg_context header + (client controlled) DataLength are within the packet boundary, which is insufficient. Checking for sizeof(struct smb2_preauth_neg_context) is overkill given that the type currently assumes SMB311_SALT_SI... • https://git.kernel.org/stable/c/39f5b4b313b445c980a2a295bed28228c29228ed •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54247 – bpf: Silence a warning in btf_type_id_size()
https://notcve.org/view.php?id=CVE-2023-54247
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btf_type_id_size() syzbot reported a warning in [1] with the following stacktrace: WARNING: CPU: 0 PID: 5005 at kernel/bpf/btf.c:1988 btf_type_id_size+0x2d9/0x9d0 kernel/bpf/btf.c:1988 ... RIP: 0010:btf_type_id_size+0x2d9/0x9d0 kernel/bpf/btf.c:1988 ... Call Trace:
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54246 – rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle()
https://notcve.org/view.php?id=CVE-2023-54246
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle() The rcuscale.holdoff module parameter can be used to delay the start of rcu_scale_writer() kthread. However, the hung-task timeout will trigger when the timeout specified by rcuscale.holdoff is greater than hung_task_timeout_secs: runqemu kvm nographic slirp qemuparams="-smp 4 -m 2048M" bootparams="rcuscale.shutdown=0 rcuscale.holdoff=300" [ 247.071753] INFO: ta... • https://git.kernel.org/stable/c/55887adc76e19aec9763186e2c1d0a3481d20e96 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54245 – ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds
https://notcve.org/view.php?id=CVE-2023-54245
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller we get below Out of Bound. "KASAN: slab-out-of-bounds Read in regcache_flat_read" Below is the backtrace of the issue: dump_backtrace+0x0/0x4c8 show_stack+0x34/0x44 dump_stack_lvl+0xd8/0x118 print_address_description+0x30/0x2d8 kasan_report+0x158/0x198 __asan_report_load4_noabort+0x44/0x50 regcache_flat_read+0x10c/0x110 regcache_read+0xf4/0x180 _regmap_read+0xc4... • https://git.kernel.org/stable/c/da35a4e6eee5d73886312e85322a6e97df901987 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54244 – ACPI: EC: Fix oops when removing custom query handlers
https://notcve.org/view.php?id=CVE-2023-54244
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was already unloaded. Fix this by flushing the EC query workqueue when removing custom query handlers. Tested on a Acer Travelmate 4002WLMi • https://git.kernel.org/stable/c/130e3eac51912f2c866e7d035992ede25f8feac0 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50872 – ARM: OMAP2+: Fix memory leak in realtime_counter_init()
https://notcve.org/view.php?id=CVE-2022-50872
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtime_counter_init() The "sys_clk" resource is malloced by clk_get(), it is not released when the function return. • https://git.kernel.org/stable/c/fa6d79d27614223d82418023b7f5300f1a1530d3 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50870 – powerpc/rtas: avoid device tree lookups in rtas_os_term()
https://notcve.org/view.php?id=CVE-2022-50870
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ state changes. If the kernel panics while devtree_lock is held, rtas_os_term() as currently written could hang. Instead of discovering the relevant characteristics at panic time, cache them in file-static vari... • https://git.kernel.org/stable/c/088186ded490ced80758200cf8f906ed741df306 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50868 – hwrng: amd - Fix PCI device refcount leak
https://notcve.org/view.php?id=CVE-2022-50868
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also decrease the reference count for the input pci_dev @from if it is not NULL. If we break for_each_pci_dev() loop with pdev not NULL, we need to call pci_dev_put() to decrease the reference count. Add the missing pci_dev_put() for the n... • https://git.kernel.org/stable/c/96d63c0297ccfd6d9059c614b3f5555d9441a2b3 •