CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54017 – powerpc/pseries: fix possible memory leak in ibmebus_bus_init()
https://notcve.org/view.php?id=CVE-2023-54017
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebus_bus_init() If device_register() returns error in ibmebus_bus_init(), name of kobject which is allocated in dev_set_name() called in device_add() is leaked. As comment of device_add() says, it should call put_device() to drop the reference count that was set in device_initialize() when it fails, so the name can be freed in kobject_cleanup(). • https://git.kernel.org/stable/c/d7a301033f1990188f65abf4fe8e5b90ef0e3888 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54015 – net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
https://notcve.org/view.php?id=CVE-2023-54015
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device In case devcom allocation is failed, mlx5 is always freeing the priv. However, this priv might have been allocated by a different thread, and freeing it might lead to use-after-free bugs. Fix it by freeing the priv only in case it was allocated by the running thread. • https://git.kernel.org/stable/c/fadd59fc50d010145f251db583c7ccef37393d19 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54014 – scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
https://notcve.org/view.php?id=CVE-2023-54014
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be dereferenced. rport returned by call to fc_bsg_to_rport() could be NULL and dereferenced. Check valid rport returned by fc_bsg_to_rport(). • https://git.kernel.org/stable/c/75cc8cfc6e13d42d50c2bf4307d0a68c2a70f709 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-54013 – interconnect: Fix locking for runpm vs reclaim
https://notcve.org/view.php?id=CVE-2023-54013
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: interconnect: Fix locking for runpm vs reclaim For cases where icc_bw_set() can be called in callbaths that could deadlock against shrinker/reclaim, such as runpm resume, we need to decouple the icc locking. Introduce a new icc_bw_lock for cases where we need to serialize bw aggregation and update to decouple that from paths that require memory allocation such as node/link creation/ destruction. Fixes this lockdep splat: ===================... • https://git.kernel.org/stable/c/11f1ceca7031deefc1a34236ab7b94360016b71d •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54012 – net: fix stack overflow when LRO is disabled for virtual interfaces
https://notcve.org/view.php?id=CVE-2023-54012
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: fix stack overflow when LRO is disabled for virtual interfaces When the virtual interface's feature is updated, it synchronizes the updated feature for its own lower interface. This propagation logic should be worked as the iteration, not recursively. But it works recursively due to the netdev notification unexpectedly. This problem occurs when it disables LRO only for the team and bonding interface type. team0 | +------+------+-----+-... • https://git.kernel.org/stable/c/fd867d51f889aec11cca235ebb008578780d052d •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54011 – scsi: mpi3mr: Fix an issue found by KASAN
https://notcve.org/view.php?id=CVE-2023-54011
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix an issue found by KASAN Write only correct size (32 instead of 64 bytes). • https://git.kernel.org/stable/c/42fc9fee116fc6a225a1f738adf86689d5c39d49 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54010 – ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects
https://notcve.org/view.php?id=CVE-2023-54010
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects ACPICA commit 0d5f467d6a0ba852ea3aad68663cbcbd43300fd4 ACPI_ALLOCATE_ZEROED may fails, object_info might be null and will cause null pointer dereference later. • https://git.kernel.org/stable/c/9957510255724c1c746c9a6264c849e9fdd4cd24 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54009 – i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path
https://notcve.org/view.php?id=CVE-2023-54009
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path The cdns_i2c_master_xfer() function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is currently one error path where the function exits directly, which leads to a leak of the runtime PM reference. Make sure that this error path also releases the runtime PM reference. • https://git.kernel.org/stable/c/1a351b10b9671fc2fac767c40a1c4373b9bf5092 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54007 – vmci_host: fix a race condition in vmci_host_poll() causing GPF
https://notcve.org/view.php?id=CVE-2023-54007
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: vmci_host: fix a race condition in vmci_host_poll() causing GPF During fuzzing, a general protection fault is observed in vmci_host_poll(). general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x00000000000000c8-0x00000000000000cf] RIP: 0010:__lock_acquire+0xf3/0x5e00 kernel/locking/lockdep.c:4926 <- omitting registers -> Call Trace:
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54006 – af_unix: Fix data-race around unix_tot_inflight.
https://notcve.org/view.php?id=CVE-2023-54006
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data-race around unix_tot_inflight. unix_tot_inflight is changed under spin_lock(unix_gc_lock), but unix_release_sock() reads it locklessly. Let's use READ_ONCE() for unix_tot_inflight. Note that the writer side was marked by commit 9d6d7f1cb67c ("af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress") BUG: KCSAN: data-race in unix_inflight / unix_release_sock write (marked) to 0xffffffff871852b8 of 4 bytes by... • https://git.kernel.org/stable/c/9305cfa4443dbfb99faf35c5603ec0c0e91b5ef8 •