CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54005 – binder: fix memory leak in binder_init()
https://notcve.org/view.php?id=CVE-2023-54005
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: binder: fix memory leak in binder_init() In binder_init(), the destruction of binder_alloc_shrinker_init() is not performed in the wrong path, which will cause memory leaks. So this commit introduces binder_alloc_shrinker_exit() and calls it in the wrong path to fix that. • https://git.kernel.org/stable/c/f2517eb76f1f2f7f89761f9db2b202e89931738c •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54004 – udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
https://notcve.org/view.php?id=CVE-2023-54004
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated(). syzbot reported [0] a null-ptr-deref in sk_get_rmem0() while using IPPROTO_UDPLITE (0x88): 14:25:52 executing program 1: r0 = socket$inet6(0xa, 0x80002, 0x88) We had a similar report [1] for probably sk_memory_allocated_add() in __sk_mem_raise_allocated(), and commit c915fe13cbaa ("udplite: fix NULL pointer dereference") fixed it by setting .memory_allocated for udplite_pr... • https://git.kernel.org/stable/c/850cbaddb52dfd4e0c7cabe2c168dd34b44ae0b9 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54003 – RDMA/core: Fix GID entry ref leak when create_ah fails
https://notcve.org/view.php?id=CVE-2023-54003
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fails, release sgid_attr to avoid GID entry referrence leak reported while releasing GID table • https://git.kernel.org/stable/c/1a1f460ff151710289c2f8d4badd8b603b87d610 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54002 – btrfs: fix assertion of exclop condition when starting balance
https://notcve.org/view.php?id=CVE-2023-54002
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion of exclop condition when starting balance Balance as exclusive state is compatible with paused balance and device add, which makes some things more complicated. The assertion of valid states when starting from paused balance needs to take into account two more states, the combinations can be hit when there are several threads racing to start balance and device add. This won't typically happen when the commands are start... • https://git.kernel.org/stable/c/a174c0a2e857081195db6888323802f0fae793ef •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54001 – staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
https://notcve.org/view.php?id=CVE-2023-54001
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: r8712: Fix memory leak in _r8712_init_xmit_priv() In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later one fails, the routine will leak memory. This patch fixes commit 2865d42c78a9 ("staging: r8712u: Add the new driver to the mainline kernel"). A potential memory leak in r8712_xmit_resource_alloc() is also addressed. • https://git.kernel.org/stable/c/2865d42c78a9121caad52cb02d1fbb7f5cdbc4ef •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-54000 – net: hns3: fix deadlock issue when externel_lb and reset are executed together
https://notcve.org/view.php?id=CVE-2023-54000
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix deadlock issue when externel_lb and reset are executed together When externel_lb and reset are executed together, a deadlock may occur: [ 3147.217009] INFO: task kworker/u321:0:7 blocked for more than 120 seconds. [ 3147.230483] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 3147.238999] task:kworker/u321:0 state:D stack: 0 pid: 7 ppid: 2 flags:0x00000008 [ 3147.248045] Workqueue: hclge hclge_serv... • https://git.kernel.org/stable/c/04b6ba143521f4485b7f2c36c655b262a79dae97 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53999 – net/mlx5e: TC, Fix internal port memory leak
https://notcve.org/view.php?id=CVE-2023-53999
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix internal port memory leak The flow rule can be splited, and the extra post_act rules are added to post_act table. It's possible to trigger memleak when the rule forwards packets from internal port and over tunnel, in the case that, for example, CT 'new' state offload is allowed. As int_port object is assigned to the flow attribute of post_act rule, and its refcnt is incremented by mlx5e_tc_int_port_get(), but mlx5e_tc_int... • https://git.kernel.org/stable/c/8300f225268be9ee2c0daf5a3f23929fcdcbf213 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53998 – hwrng: virtio - Fix race on data_avail and actual data
https://notcve.org/view.php?id=CVE-2023-53998
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on data_avail and actual data The virtio rng device kicks off a new entropy request whenever the data available reaches zero. When a new request occurs at the end of a read operation, that is, when the result of that request is only needed by the next reader, then there is a race between the writing of the new data and the next reader. This is because there is no synchronisation whatsoever between the writer and the... • https://git.kernel.org/stable/c/f7f510ec195781c857ab76366a3e1c59e1caae42 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53996 – x86/sev: Make enc_dec_hypercall() accept a size instead of npages
https://notcve.org/view.php?id=CVE-2023-53996
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make enc_dec_hypercall() accept a size instead of npages enc_dec_hypercall() accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marked as decrypted via the encryption status hypercall, which in turn caused consistent corruption of pages during live migration. Live migration requires accurate encryption status information to avoid migratin... • https://git.kernel.org/stable/c/064ce6c550a0630789978bfec7a13ab2bd1bdcdf •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53995 – net: ipv4: fix one memleak in __inet_del_ifa()
https://notcve.org/view.php?id=CVE-2023-53995
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bond0 to become free. Usage count = 2 It can be repoduced via: ip link add bond0 type bond sysctl -w net.ipv4.conf.bond0.promote_secondaries=1 ip addr add 4.117.174.103/0 scope 0x40 dev bond0 ip addr add 192.168.100.111/255.255.255.254 scope 0 dev bond0 ip addr add 0.0.0.4/0 scope 0x40 secondary dev bond0 ip addr de... • https://git.kernel.org/stable/c/0ff60a45678e67b2547256a636fd00c1667ce4fa •