CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53451 – scsi: qla2xxx: Fix potential NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-53451
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate pointer before dereferencing the pointer. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate pointer before dereferencing the pointer. This update provides the initial liv... • https://git.kernel.org/stable/c/a9083016a5314b3aeba6e0d2e814872e72168c08 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53450 – ext4: remove a BUG_ON in ext4_mb_release_group_pa()
https://notcve.org/view.php?id=CVE-2023-53450
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: remove a BUG_ON in ext4_mb_release_group_pa() If a malicious fuzzer overwrites the ext4 superblock while it is mounted such that the s_first_data_block is set to a very large number, the calculation of the block group can underflow, and trigger a BUG_ON check. Change this to be an ext4_warning so that we don't crash the kernel. In the Linux kernel, the following vulnerability has been resolved: ext4: remove a BUG_ON in ext4_mb_release... • https://git.kernel.org/stable/c/c9de560ded61faa5b754137b7753da252391c55a •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50444 – clk: tegra20: Fix refcount leak in tegra20_clock_init
https://notcve.org/view.php?id=CVE-2022-50444
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: tegra20: Fix refcount leak in tegra20_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: clk: tegra20: Fix refcount leak in tegra20_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use... • https://git.kernel.org/stable/c/37c26a906527b8a6a252614ca83d21ad318c4e84 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50440 – drm/vmwgfx: Validate the box size for the snooped cursor
https://notcve.org/view.php?id=CVE-2022-50440
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimensions of the copybox have to be validated against the expected size of the snooped cursor. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace d... • https://git.kernel.org/stable/c/2ac863719e518ae1a8f328849e64ea26a222f079 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50439 – ASoC: mediatek: mt8173: Enable IRQ when pdata is ready
https://notcve.org/view.php?id=CVE-2022-50439
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8173: Enable IRQ when pdata is ready If the device does not come straight from reset, we might receive an IRQ before we are ready to handle it. [ 2.334737] Unable to handle kernel read from unreadable memory at virtual address 00000000000001e4 [ 2.522601] Call trace: [ 2.525040] regmap_read+0x1c/0x80 [ 2.528434] mt8173_afe_irq_handler+0x40/0xf0 ... [ 2.598921] start_kernel+0x338/0x42c In the Linux kernel, the following vul... • https://git.kernel.org/stable/c/ee0bcaff109f36d582df9851f204c9a5eb79c028 •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50437 – drm/msm/hdmi: fix memory corruption with too many bridges
https://notcve.org/view.php?id=CVE-2022-50437
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight bridges. Patchwork: https://patchwork.freedesktop.org/patch/502670/ In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: fix memory corruption with too many bridges Add the missing sanity check on the bridg... • https://git.kernel.org/stable/c/a3376e3ec81c5dd0622cbc187db76d2824d31c1c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50434 – blk-mq: fix possible memleak when register 'hctx' failed
https://notcve.org/view.php?id=CVE-2022-50434
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 (size 512): comm "insmod", pid 308021, jiffies 4324277909 (age 509.733s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 08 f4 a9 32 81 88 ff ff ...........2.... 08 f4 a9 32 81 88 ff ff 00 00 00 00 00 00 00 00 ...2............ backtrace: [<00000000e8952bb4>] kmalloc_node_trace+0x22/0xa0 [<... • https://git.kernel.org/stable/c/67aec14ce87fe25bdfff7dbf468556333df11c4e •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50432 – kernfs: fix use-after-free in __kernfs_remove
https://notcve.org/view.php?id=CVE-2022-50432
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in __kernfs_remove Syzkaller managed to trigger concurrent calls to kernfs_remove_by_name_ns() for the same file resulting in a KASAN detected use-after-free. The race occurs when the root node is freed during kernfs_drain(). To prevent this acquire an additional reference for the root of the tree that is removed before calling __kernfs_remove(). Found by syzkaller with the following reproducer (slab_nomerge is re... • https://git.kernel.org/stable/c/45a140e587f3d32d8d424ed940dffb61e1739047 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50431 – ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
https://notcve.org/view.php?id=CVE-2022-50431
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() dev_set_name() in soundbus_add_one() allocates memory for name, it need be freed when of_device_register() fails, call soundbus_dev_put() to give up the reference that hold in device_initialize(), so that it can be freed in kobject_cleanup() when the refcount hit to 0. And other resources are also freed in i2sbus_release_dev(), so it can return 0 directly. In the Linux kernel, ... • https://git.kernel.org/stable/c/f3d9478b2ce468c3115b02ecae7e975990697f15 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50430 – mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
https://notcve.org/view.php?id=CVE-2022-50430
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING vub300_enable_sdio_irq() works with mutex and need TASK_RUNNING here. Ensure that we mark current as TASK_RUNNING for sleepable context. [ 77.554641] do not call blocking ops when !TASK_RUNNING; state=1 set at [