CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54081 – xen: speed up grant-table reclaim
https://notcve.org/view.php?id=CVE-2023-54081
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to unmap the grant first. However, Qubes OS's GUI protocol is subject to the constraints of the X Window System, and as such winds up with the frontend unmapping the window first. As a result, the list can grow very la... • https://git.kernel.org/stable/c/cd1a8952ff529adc210e62306849fd6f256608c0 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54079 – power: supply: bq27xxx: Fix poll_interval handling and races on remove
https://notcve.org/view.php?id=CVE-2023-54079
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx: Fix poll_interval handling and races on remove Before this patch bq27xxx_battery_teardown() was setting poll_interval = 0 to avoid bq27xxx_battery_update() requeuing the delayed_work item. There are 2 problems with this: 1. If the driver is unbound through sysfs, rather then the module being rmmod-ed, this changes poll_interval unexpectedly 2. This is racy, after it being set poll_interval could be changed before bq2... • https://git.kernel.org/stable/c/8cfaaa811894a3ae2d7360a15a6cfccff3ebc7db •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50782 – ext4: fix bug_on in __es_tree_search caused by bad quota inode
https://notcve.org/view.php?id=CVE-2022-50782
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:202! invalid opcode: 0000 [#1] PREEMPT SMP CPU: 1 PID: 810 Comm: mount Not tainted 6.1.0-rc1-next-g9631525255e3 #352 RIP: 0010:__es_tree_search.isra.0+0xb8/0xe0 RSP: 0018:ffffc90001227900 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000000077512a0f ... • https://git.kernel.org/stable/c/fb1d3b4107b4837b4a0dbbf01954269bd6acfdc3 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50780 – net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
https://notcve.org/view.php?id=CVE-2022-50780
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed When the ops_init() interface is invoked to initialize the net, but ops->init() fails, data is released. However, the ptr pointer in net->gen is invalid. In this case, when nfqnl_nf_hook_drop() is invoked to release the net, invalid address access occurs. The process is as follows: setup_net() ops_init() data = kzalloc(...) ---> alloc "data" net_assign_generic() ---> assign "... • https://git.kernel.org/stable/c/f875bae065334907796da12523f9df85c89f5712 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50779 – orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
https://notcve.org/view.php?id=CVE-2022-50779
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() When insert and remove the orangefs module, then debug_help_string will be leaked: unreferenced object 0xffff8881652ba000 (size 4096): comm "insmod", pid 1701, jiffies 4294893639 (age 13218.530s) hex dump (first 32 bytes): 43 6c 69 65 6e 74 20 44 65 62 75 67 20 4b 65 79 Client Debug Key 77 6f 72 64 73 20 61 72 65 20 75 6e 6b 6e 6f 77 words are unknow backtrace: [<0000000004e6f... • https://git.kernel.org/stable/c/44d3eac26a5e5268d11cc342dc202b0d31505c0a •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50778 – fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL
https://notcve.org/view.php?id=CVE-2022-50778
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL With CONFIG_FORTIFY=y and CONFIG_UBSAN_LOCAL_BOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's (CTS) android.hardware.input.cts.tests. This is stemming from a strlen() call in hidinput_allocate(). __compiletime_strlen() is implemented in terms of __builtin_object_size(), then does an array access to check for NUL-termination. A quirk o... • https://git.kernel.org/stable/c/ed42391164e6839a48aaf4c53eefda516835e799 •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2022-50777 – net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe
https://notcve.org/view.php?id=CVE-2022-50777
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore. In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore. • https://git.kernel.org/stable/c/3f7056e1822d648f8022997497edc6cad2ad1e73 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50776 – clk: st: Fix memory leak in st_of_quadfs_setup()
https://notcve.org/view.php?id=CVE-2022-50776
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in st_of_quadfs_setup() If st_clk_register_quadfs_pll() fails, @lock should be freed before goto @err_exit, otherwise will cause meory leak issue, fix it. In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in st_of_quadfs_setup() If st_clk_register_quadfs_pll() fails, @lock should be freed before goto @err_exit, otherwise will cause meory leak issue, fix it. • https://git.kernel.org/stable/c/081538ae5817631a2b99e8e75cce981060aab29f •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50774 – crypto: qat - fix DMA transfer direction
https://notcve.org/view.php?id=CVE-2022-50774
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix DMA transfer direction When CONFIG_DMA_API_DEBUG is selected, while running the crypto self test on the QAT crypto algorithms, the function add_dma_entry() reports a warning similar to the one below, saying that overlapping mappings are not supported. This occurs in tests where the input and the output scatter list point to the same buffers (i.e. two different scatter lists which point to the same chunks of memory). The lo... • https://git.kernel.org/stable/c/d370cec3219490656d72f5ae6e5df32c113c5a44 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50773 – ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
https://notcve.org/view.php?id=CVE-2022-50773
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt I got a null-ptr-defer error report when I do the following tests on the qemu platform: make defconfig and CONFIG_PARPORT=m, CONFIG_PARPORT_PC=m, CONFIG_SND_MTS64=m Then making test scripts: cat>test_mod1.sh<