CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53431 – scsi: ses: Handle enclosure with just a primary component gracefully
https://notcve.org/view.php?id=CVE-2023-53431
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 ("scsi: ses: Don't attach if enclosure has no components") and introduces proper handling of case where there are no detected secondary components, but primary component (enumerated in num_enclosures) does exist. That fix was originally proposed by Ding Hui
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53429 – btrfs: don't check PageError in __extent_writepage
https://notcve.org/view.php?id=CVE-2023-53429
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: don't check PageError in __extent_writepage __extent_writepage currenly sets PageError whenever any error happens, and the also checks for PageError to decide if to call error handling. This leads to very unclear responsibility for cleaning up on errors. In the VM and generic writeback helpers the basic idea is that once I/O is fired off all error handling responsibility is delegated to the end I/O handler. But if that end I/O handle... • https://git.kernel.org/stable/c/61391d562229ed94899ed4b4973dc2f0c015292a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53425 – media: platform: mediatek: vpu: fix NULL ptr dereference
https://notcve.org/view.php?id=CVE-2023-53425
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtk_vpu.c:570 vpu_load_firmware() warn: address of NULL pointer 'pdev' This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/3003a180ef6b9462f3cccc2a89884ef2332d2a1c • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50419 – Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
https://notcve.org/view.php?id=CVE-2022-50419
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times device_add shall not be called multiple times as stated in its documentation: 'Do not call this routine or device_register() more than once for any device structure' Syzkaller reports a bug as follows [1]: ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:33! invalid opcode: 0000 [#1] PREEMPT SMP KASAN [...] Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50415 – parisc: led: Fix potential null-ptr-deref in start_task()
https://notcve.org/view.php?id=CVE-2022-50415
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: parisc: led: Fix potential null-ptr-deref in start_task() start_task() calls create_singlethread_workqueue() and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: start_task() create_singlethread_workqueue() # failed, led_wq is NULL queue_delayed_work() queue_delayed_work_on() __queue_delayed_work() # warning here, but continue __queue_work() # access wq->flags, null-ptr-deref Check the ret value and return ... • https://git.kernel.org/stable/c/3499495205a676d85fcc2f3c28e35ec9b43c47e3 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50414 – scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
https://notcve.org/view.php?id=CVE-2022-50414
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails fcoe_init() calls fcoe_transport_attach(&fcoe_sw_transport), but when fcoe_if_init() fails, &fcoe_sw_transport is not detached and leaves freed &fcoe_sw_transport on fcoe_transports list. This causes panic when reinserting module. BUG: unable to handle page fault for address: fffffbfff82e2213 RIP: 0010:fcoe_transport_attach+0xe1/0x230 [libfcoe] Call Trace:
CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50411 – ACPICA: Fix error code path in acpi_ds_call_control_method()
https://notcve.org/view.php?id=CVE-2022-50411
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix error code path in acpi_ds_call_control_method() A use-after-free in acpi_ps_parse_aml() after a failing invocaion of acpi_ds_call_control_method() is reported by KASAN [1] and code inspection reveals that next_walk_state pushed to the thread by acpi_ds_create_walk_state() is freed on errors, but it is not popped from the thread beforehand. Thus acpi_ds_get_current_walk_state() called by acpi_ps_parse_aml() subsequently returns ... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 • CWE-416: Use After Free •
CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50410 – NFSD: Protect against send buffer overflow in NFSv2 READ
https://notcve.org/view.php?id=CVE-2022-50410
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array of pages. This works because there are no cases where an operation needs a large RPC Call message and a large RPC Reply at the same time. Once an RPC Call has been received, svc_process() updates svc_rqst::rq_res to describe the pa... • https://git.kernel.org/stable/c/4452435948424e5322c2a2fefbdc2cf3732cc45d • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50408 – wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
https://notcve.org/view.php?id=CVE-2022-50408
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() > ret = brcmf_proto_tx_queue_data(drvr, ifp->ifidx, skb); may be schedule, and then complete before the line > ndev->stats.tx_bytes += skb->len; [ 46.912801] ================================================================== [ 46.920552] BUG: KASAN: use-after-free in brcmf_netdev_start_xmit+0x718/0x8c8 [brcmfmac] [ 46.928673] Read of size 4 at addr ffffff803f5882e8 by task ... • https://git.kernel.org/stable/c/b1a2a41126fc582a3d5613aa2d3e632b2eb1a2c4 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50406 – iomap: iomap: fix memory corruption when recording errors during writeback
https://notcve.org/view.php?id=CVE-2022-50406
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev dm-0, logical block 8733687, async page read Mem abort info: ESR = 0x0000000096000006 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x06: level 2 translation fault Data abort i... • https://git.kernel.org/stable/c/150d5be09ce49a9bed6feb7b7dc4e5ae188778ec • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •