CVSS: 7.1EPSS: %CPEs: 4EXPL: 0CVE-2023-53038 – scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()
https://notcve.org/view.php?id=CVE-2023-53038
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() If kzalloc() fails in lpfc_sli4_cgn_params_read(), then we rely on lpfc_read_object()'s routine to NULL check pdata. Currently, an early return error is thrown from lpfc_read_object() to protect us from NULL ptr dereference, but the errno code is -ENODEV. Change the errno code to a more appropriate -ENOMEM. In the Linux kernel, the following vulnerability has been resolved: scsi: lp... • https://git.kernel.org/stable/c/67b8343998b84418bc5b5206aa01fe9b461a80ef •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2023-53037 – scsi: mpi3mr: Bad drive in topology results kernel crash
https://notcve.org/view.php?id=CVE-2023-53037
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an internal HBA port data structure. However, in some places, the reference to the freed memory is not cleared. When the firmware sends the Device Info change event for the same device again, the freed memory is accessed and ... • https://git.kernel.org/stable/c/1f822ae8fb2a20fffa71e9bfa9b203c03d72d3ba •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2023-53036 – drm/amdgpu: Fix call trace warning and hang when removing amdgpu device
https://notcve.org/view.php?id=CVE-2023-53036
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the check to prevent memory wipe in shutdown stage. [ +0.000000] RIP: 0010:amdgpu_vram_mgr_fini+0x18d/0x1c0 [amdgpu] [ +0.000001] PKRU: 55555554 [ +0.000001] Call Trace: [ +0.000001]
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2023-53035 – nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
https://notcve.org/view.php?id=CVE-2023-53035
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() The ioctl helper function nilfs_ioctl_wrap_copy(), which exchanges a metadata array to/from user space, may copy uninitialized buffer regions to user space memory for read-only ioctl commands NILFS_IOCTL_GET_SUINFO and NILFS_IOCTL_GET_CPINFO. This can occur when the element size of the user space metadata given by the v_size member of the argument nilfs_argv structure is larger than the... • https://git.kernel.org/stable/c/a94932381e8dae4117e9129b3c1282e18aa97b05 •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2022-49933 – KVM: VMX: Reset eVMCS controls in VP assist page during hardware disabling
https://notcve.org/view.php?id=CVE-2022-49933
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Reset eVMCS controls in VP assist page during hardware disabling Reset the eVMCS controls in the per-CPU VP assist page during hardware disabling instead of waiting until kvm-intel's module exit. The controls are activated if and only if KVM creates a VM, i.e. don't need to be reset if hardware is never enabled. Doing the reset during hardware disabling will naturally fix a potential NULL pointer deref bug once KVM disables CPU ho... • https://git.kernel.org/stable/c/afb26bfc01db6ef4728e96314f08431934ffe833 •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2022-49932 – KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace
https://notcve.org/view.php?id=CVE-2022-49932
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace Call kvm_init() only after _all_ setup is complete, as kvm_init() exposes /dev/kvm to userspace and thus allows userspace to create VMs (and call other ioctls). E.g. KVM will encounter a NULL pointer when attempting to add a vCPU to the per-CPU loaded_vmcss_on_cpu list if userspace is able to create a VM before vmx_init() configures said list. BUG: kernel NULL pointer d... • https://git.kernel.org/stable/c/e136e969d268b9b89329c816c002e53f60e82985 •
CVSS: 9.8EPSS: %CPEs: 6EXPL: 0CVE-2025-37798 – codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
https://notcve.org/view.php?id=CVE-2025-37798
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the check of qlen!=0 from both fq_codel_dequeue() and codel_qdisc_dequeue(). In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbacks idempotent, now it is safe to remove the c... • https://git.kernel.org/stable/c/76e3cc126bb223013a6b9a0e2a51238d1ef2e409 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49927 – nfs4: Fix kmemleak when allocate slot failed
https://notcve.org/view.php?id=CVE-2022-49927
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nfs4: Fix kmemleak when allocate slot failed If one of the slot allocate failed, should cleanup all the other allocated slots, otherwise, the allocated slots will leak: unreferenced object 0xffff8881115aa100 (size 64): comm ""mount.nfs"", pid 679, jiffies 4294744957 (age 115.037s) hex dump (first 32 bytes): 00 cc 19 73 81 88 ff ff 00 a0 5a 11 81 88 ff ff ...s......Z..... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backt... • https://git.kernel.org/stable/c/abf79bb341bf52f75f295b850abdf5f78f584311 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-49926 – net: dsa: Fix possible memory leaks in dsa_loop_init()
https://notcve.org/view.php?id=CVE-2022-49926
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fix possible memory leaks in dsa_loop_init() kmemleak reported memory leaks in dsa_loop_init(): kmemleak: 12 new suspected memory leaks unreferenced object 0xffff8880138ce000 (size 2048): comm "modprobe", pid 390, jiffies 4295040478 (age 238.976s) backtrace: [<000000006a94f1d5>] kmalloc_trace+0x26/0x60 [<00000000a9c44622>] phy_device_create+0x5d/0x970 [<00000000d0ee2afc>] get_phy_device+0xf3/0x2b0 [<00000000dca0c71f>] __fixed_phy_... • https://git.kernel.org/stable/c/98cd1552ea27e512c7e99e2aa76042a26e4fb25c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49925 – RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
https://notcve.org/view.php?id=CVE-2022-49925
01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ib_core_cleanup() KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f] CPU: 1 PID: 379 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:destroy_workqueue+0x2f/0x740 RSP: 0018:ffff888016137df8 EFLAGS: 00000202 ... Call Trace: ib_core_cleanup+0xa/0xa1 [ib_core] __do_sys_delete_module.constprop.0+0x34f/0x5b0 do_syscall_64+0x3a/0x90 entry_SY... • https://git.kernel.org/stable/c/03db3a2d81e6e84f3ed3cb9e087cae17d762642b •