CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54064 – ipmi:ssif: Fix a memory leak when scanning for an adapter
https://notcve.org/view.php?id=CVE-2023-54064
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function can be called more than once, and it will leak the adapter name if it had already been set. So check for NULL before setting it. In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanni... • https://git.kernel.org/stable/c/c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54063 – fs/ntfs3: Fix OOB read in indx_insert_into_buffer
https://notcve.org/view.php?id=CVE-2023-54063
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix OOB read in indx_insert_into_buffer Syzbot reported a OOB read bug: BUG: KASAN: slab-out-of-bounds in indx_insert_into_buffer+0xaa3/0x13b0 fs/ntfs3/index.c:1755 Read of size 17168 at addr ffff8880255e06c0 by task syz-executor308/3630 Call Trace:
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54062 – ext4: fix invalid free tracking in ext4_xattr_move_to_block()
https://notcve.org/view.php?id=CVE-2023-54062
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4_xattr_move_to_block() In ext4_xattr_move_to_block(), the value of the extended attribute which we need to move to an external block may be allocated by kvmalloc() if the value is stored in an external inode. So at the end of the function the code tried to check if this was the case by testing entry->e_value_inum. However, at this point, the pointer to the xattr entry is no longer valid, because it was... • https://git.kernel.org/stable/c/c7851208abffe5ae4deb01cf48763911dc14fc67 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54058 – firmware: arm_ffa: Check if ffa_driver remove is present before executing
https://notcve.org/view.php?id=CVE-2023-54058
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Check if ffa_driver remove is present before executing Currently ffa_drv->remove() is called unconditionally from ffa_device_remove(). Since the driver registration doesn't check for it and allows it to be registered without .remove callback, we need to check for the presence of it before executing it from ffa_device_remove() to above a NULL pointer dereference like the one below: | Unable to handle kernel NULL pointer de... • https://git.kernel.org/stable/c/244f5d597e1ea519c2085fbd9819458688775e42 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54057 – iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter
https://notcve.org/view.php?id=CVE-2023-54057
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter The 'acpiid' buffer in the parse_ivrs_acpihid function may overflow, because the string specifier in the format string sscanf() has no width limitation. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE. In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrs_acpihid ... • https://git.kernel.org/stable/c/ca3bf5d47cec8b7614bcb2e9132c40081d6d81db •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54056 – kheaders: Use array declaration instead of char
https://notcve.org/view.php?id=CVE-2023-54056
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIG_FORTIFY_SOURCE, memcpy() will check the size of destination and source buffers. Defining kernel_headers_data as "char" would trip this check. Since these addresses are treated as byte arrays, define them as arrays (as done everywhere else). This was seen with: $ cat /sys/kernel/kheaders.tar.xz >> /dev/null detected buffer overflow in memcpy kernel BUG at lib/string_helpers.c:1027!... • https://git.kernel.org/stable/c/43d8ce9d65a54846d378545770991e65838981e0 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54055 – RDMA/irdma: Fix memory leak of PBLE objects
https://notcve.org/view.php?id=CVE-2023-54055
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix memory leak of PBLE objects On rmmod of irdma, the PBLE object memory is not being freed. PBLE object memory are not statically pre-allocated at function initialization time unlike other HMC objects. PBLEs objects and the Segment Descriptors (SD) for it can be dynamically allocated during scale up and SD's remain allocated till function deinitialization. Fix this leak by adding IRDMA_HMC_IW_PBLE to the iw_hmc_obj_types[] tab... • https://git.kernel.org/stable/c/44d9e52977a1b90b0db1c7f8b197c218e9226520 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54053 – wifi: iwlwifi: pcie: fix possible NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-54053
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix possible NULL pointer dereference It is possible that iwl_pci_probe() will fail and free the trans, then afterwards iwl_pci_remove() will be called and crash by trying to access trans which is already freed, fix it. iwlwifi 0000:01:00.0: Detected crf-id 0xa5a5a5a2, cnv-id 0xa5a5a5a2 wfpm id 0xa5a5a5a2 iwlwifi 0000:01:00.0: Can't find a correct rfid for crf id 0x5a2 ... BUG: kernel NULL pointer dereference, address: ... • https://git.kernel.org/stable/c/809805a820c6445f7a701ded24fdc6bbc841d1e4 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-54052 – wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU
https://notcve.org/view.php?id=CVE-2023-54052
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the problem can be recovered by txs timeout handling, mt7921 still need to disable txs in AMSDU to avoid this issue. In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs... • https://git.kernel.org/stable/c/163f4d22c118d4eb9e275bf9ee1577c0d14b3208 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54051 – net: do not allow gso_size to be set to GSO_BY_FRAGS
https://notcve.org/view.php?id=CVE-2023-54051
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: do not allow gso_size to be set to GSO_BY_FRAGS One missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again [1] Do not allow gso_size to be set to GSO_BY_FRAGS (0xffff), because this magic value is used by the kernel. [1] general protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077] CPU: 0 PID: 50... • https://git.kernel.org/stable/c/3953c46c3ac7eef31a9935427371c6f54a22f1ba •