CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50821 – SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
https://notcve.org/view.php?id=CVE-2022-50821
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails • https://git.kernel.org/stable/c/030d794bf49855f5e2a9e8dfbfad34211d1eb08b •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50817 – net: hsr: avoid possible NULL deref in skb_clone()
https://notcve.org/view.php?id=CVE-2022-50817
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skb_clone() syzbot got a crash [1] in skb_clone(), caused by a bug in hsr_get_untagged_frame(). When/if create_stripped_skb_hsr() returns NULL, we must not attempt to call skb_clone(). While we are at it, replace a WARN_ONCE() by netdev_warn_once(). [1] general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x00000000... • https://git.kernel.org/stable/c/f266a683a4804dc499efc6c2206ef68efed029d0 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50816 – ipv6: ensure sane device mtu in tunnels
https://notcve.org/view.php?id=CVE-2022-50816
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report [1] with no reproducer hints at a bug in ip6_gre tunnel (dev:ip6gretap0) Since ipv6 mcast code makes sure to read dev->mtu once and applies a sanity check on it (see commit b9b312a7a451 "ipv6: mcast: better catch silly mtu values"), a remaining possibility is that a layer is able to set dev->mtu to an underflowed value (high order bit set). This could happen indeed in ip6gre_tnl_... • https://git.kernel.org/stable/c/c12b395a46646bab69089ce7016ac78177f6001f •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50815 – ext2: Add sanity checks for group and filesystem size
https://notcve.org/view.php?id=CVE-2022-50815
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that filesystem size does not exceed the underlying device size and that group size is big enough so that metadata can fit into it. This avoid trying to mount some crafted filesystems with extremely large group counts. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50813 – drivers: mcb: fix resource leak in mcb_probe()
https://notcve.org/view.php?id=CVE-2022-50813
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: mcb: fix resource leak in mcb_probe() When probe hook function failed in mcb_probe(), it doesn't put the device. Compiled test only. • https://git.kernel.org/stable/c/7bc364097a89a0a9a5e5e4989d6b3e6fb2027a9e •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50810 – rapidio: devices: fix missing put_device in mport_cdev_open
https://notcve.org/view.php?id=CVE-2022-50810
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing put_device in mport_cdev_open When kfifo_alloc fails, the refcount of chdev->dev is left incremental. We should use put_device(&chdev->dev) to decrease the ref count of chdev->dev to avoid refcount leak. • https://git.kernel.org/stable/c/e8de370188d098bb49483c287b44925957c3c9b6 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50786 – media: s5p-mfc: Clear workbit to handle error condition
https://notcve.org/view.php?id=CVE-2022-50786
30 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSE_INSTANCE command, ctx_work_bits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic. This patch fixes this issue by making sure to clear ctx_work_bits always. • https://git.kernel.org/stable/c/818cd91ab8c6e42c2658c8e61f8462637c6f586b •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-68750 – usb: potential integer overflow in usbg_make_tpg()
https://notcve.org/view.php?id=CVE-2025-68750
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: potential integer overflow in usbg_make_tpg() The variable tpgt in usbg_make_tpg() is defined as unsigned long and is assigned to tpgt->tport_tpgt, which is defined as u16. This may cause an integer overflow when tpgt is greater than USHRT_MAX (65535). I haven't tried to trigger it myself, but it is possible to trigger it by calling usbg_make_tpg() with a large value for tpgt. I modified the type of tpgt to match tpgt->tport_tpgt and a... • https://git.kernel.org/stable/c/c52661d60f636d17e26ad834457db333bd1df494 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-54140 – nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
https://notcve.org/view.php?id=CVE-2023-54140
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that mark_buffer_dirty() called from __nilfs_mark_inode_dirty() or nilfs_palloc_commit_alloc_entry() may output a kernel warning, and can panic if the kernel is booted with panic_on_warn. This is because nilfs2 keeps buffer pointers in local structures for some metadata and reuses them, but such buffers may be fo... • https://git.kernel.org/stable/c/8c26c4e2694a163d525976e804d81cd955bbb40c •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-54134 – autofs: fix memory leak of waitqueues in autofs_catatonic_mode
https://notcve.org/view.php?id=CVE-2023-54134
24 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofs_catatonic_mode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 (size 96): comm "syz-executor399", pid 3631, jiffies 4294964921 (age 23.870s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 08 9e 27 0b 81 88 ff ff ..........'..... 08 9e 27 0b 81 88 ff ff 00 00 00 00 00 00 00 00 ..'............. backtrace: [