CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54010 – ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects
https://notcve.org/view.php?id=CVE-2023-54010
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects ACPICA commit 0d5f467d6a0ba852ea3aad68663cbcbd43300fd4 ACPI_ALLOCATE_ZEROED may fails, object_info might be null and will cause null pointer dereference later. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/9957510255724c1c746c9a6264c849e9fdd4cd24 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54007 – vmci_host: fix a race condition in vmci_host_poll() causing GPF
https://notcve.org/view.php?id=CVE-2023-54007
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: vmci_host: fix a race condition in vmci_host_poll() causing GPF During fuzzing, a general protection fault is observed in vmci_host_poll(). general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x00000000000000c8-0x00000000000000cf] RIP: 0010:__lock_acquire+0xf3/0x5e00 kernel/locking/lockdep.c:4926 <- omitting registers -> Call Trace:
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54006 – af_unix: Fix data-race around unix_tot_inflight.
https://notcve.org/view.php?id=CVE-2023-54006
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data-race around unix_tot_inflight. unix_tot_inflight is changed under spin_lock(unix_gc_lock), but unix_release_sock() reads it locklessly. Let's use READ_ONCE() for unix_tot_inflight. Note that the writer side was marked by commit 9d6d7f1cb67c ("af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress") BUG: KCSAN: data-race in unix_inflight / unix_release_sock write (marked) to 0xffffffff871852b8 of 4 bytes by... • https://git.kernel.org/stable/c/9305cfa4443dbfb99faf35c5603ec0c0e91b5ef8 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54005 – binder: fix memory leak in binder_init()
https://notcve.org/view.php?id=CVE-2023-54005
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: binder: fix memory leak in binder_init() In binder_init(), the destruction of binder_alloc_shrinker_init() is not performed in the wrong path, which will cause memory leaks. So this commit introduces binder_alloc_shrinker_exit() and calls it in the wrong path to fix that. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/f2517eb76f1f2f7f89761f9db2b202e89931738c •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-54004 – udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().
https://notcve.org/view.php?id=CVE-2023-54004
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated(). syzbot reported [0] a null-ptr-deref in sk_get_rmem0() while using IPPROTO_UDPLITE (0x88): 14:25:52 executing program 1: r0 = socket$inet6(0xa, 0x80002, 0x88) We had a similar report [1] for probably sk_memory_allocated_add() in __sk_mem_raise_allocated(), and commit c915fe13cbaa ("udplite: fix NULL pointer dereference") fixed it by setting .memory_allocated for udplite_pr... • https://git.kernel.org/stable/c/850cbaddb52dfd4e0c7cabe2c168dd34b44ae0b9 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-54003 – RDMA/core: Fix GID entry ref leak when create_ah fails
https://notcve.org/view.php?id=CVE-2023-54003
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fails, release sgid_attr to avoid GID entry referrence leak reported while releasing GID table The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/1a1f460ff151710289c2f8d4badd8b603b87d610 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-54001 – staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
https://notcve.org/view.php?id=CVE-2023-54001
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: r8712: Fix memory leak in _r8712_init_xmit_priv() In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later one fails, the routine will leak memory. This patch fixes commit 2865d42c78a9 ("staging: r8712u: Add the new driver to the mainline kernel"). A potential memory leak in r8712_xmit_resource_alloc() is also addressed. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix va... • https://git.kernel.org/stable/c/2865d42c78a9121caad52cb02d1fbb7f5cdbc4ef •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53998 – hwrng: virtio - Fix race on data_avail and actual data
https://notcve.org/view.php?id=CVE-2023-53998
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on data_avail and actual data The virtio rng device kicks off a new entropy request whenever the data available reaches zero. When a new request occurs at the end of a read operation, that is, when the result of that request is only needed by the next reader, then there is a race between the writing of the new data and the next reader. This is because there is no synchronisation whatsoever between the writer and the... • https://git.kernel.org/stable/c/f7f510ec195781c857ab76366a3e1c59e1caae42 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53995 – net: ipv4: fix one memleak in __inet_del_ifa()
https://notcve.org/view.php?id=CVE-2023-53995
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bond0 to become free. Usage count = 2 It can be repoduced via: ip link add bond0 type bond sysctl -w net.ipv4.conf.bond0.promote_secondaries=1 ip addr add 4.117.174.103/0 scope 0x40 dev bond0 ip addr add 192.168.100.111/255.255.255.254 scope 0 dev bond0 ip addr add 0.0.0.4/0 scope 0x40 secondary dev bond0 ip addr de... • https://git.kernel.org/stable/c/0ff60a45678e67b2547256a636fd00c1667ce4fa •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53994 – ionic: remove WARN_ON to prevent panic_on_warn
https://notcve.org/view.php?id=CVE-2023-53994
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ionic: remove WARN_ON to prevent panic_on_warn Remove unnecessary early code development check and the WARN_ON that it uses. The irq alloc and free paths have long been cleaned up and this check shouldn't have stuck around so long. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/77ceb68e29ccd25d923b6af59e74ecaf736cc4b7 •