CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53254 – cacheinfo: Fix shared_cpu_map to handle shared caches at different levels
https://notcve.org/view.php?id=CVE-2023-53254
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels The cacheinfo sets up the shared_cpu_map by checking whether the caches with the same index are shared between CPUs. However, this will trigger slab-out-of-bounds access if the CPUs do not have the same cache hierarchy. Another problem is the mismatched shared_cpu_map when the shared cache does not have the same index between CPUs. CPU0 I D L3 index 0 1 2 x ^ ^ ^ ^ in... • https://git.kernel.org/stable/c/246246cbde5e840012f853e27630ebb59f409486 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53244 – media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish
https://notcve.org/view.php?id=CVE-2023-53244
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish When the driver calls tw68_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a empty buffer buf->cpu. Later when we free the buffer or access the buffer, null ptr deref is triggered. This bug is similar to the following one: https://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae911d71. We believe t... • https://git.kernel.org/stable/c/e15d1c12c5878b3a80d6573af1721e17264e0286 • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50315 – ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
https://notcve.org/view.php?id=CVE-2022-50315
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS UBSAN complains about array-index-out-of-bounds: [ 1.980703] kernel: UBSAN: array-index-out-of-bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41 [ 1.980709] kernel: index 15 is out of range for type 'ahci_em_priv [8]' [ 1.980713] kernel: CPU: 0 PID: 209 Comm: scsi_eh_8 Not tainted 5.15.0-25-generic #25-Ubuntu [ 1.980716] kernel: Hardware name: System manufacturer Sy... • https://git.kernel.org/stable/c/18f7ba4c2f4be6b37d925931f04d6cc28d88d1ee •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50312 – drivers: serial: jsm: fix some leaks in probe
https://notcve.org/view.php?id=CVE-2022-50312
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/03a8482c17dd0ae3251451d54cbbc03f930f21d5 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50309 – media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
https://notcve.org/view.php?id=CVE-2022-50309
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented,... • https://git.kernel.org/stable/c/df3305156f989339529b3d6744b898d498fb1f7b •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50301 – iommu/omap: Fix buffer overflow in debugfs
https://notcve.org/view.php?id=CVE-2022-50301
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix buffer overflow in debugfs There are two issues here: 1) The "len" variable needs to be checked before the very first write. Otherwise if omap2_iommu_dump_ctx() with "bytes" less than 32 it is a buffer overflow. 2) The snprintf() function returns the number of bytes that *would* have been copied if there were enough space. But we want to know the number of bytes which were *actually* copied so use scnprintf() instead. In the... • https://git.kernel.org/stable/c/bd4396f09a4a9e77423e92ec9448217ab46f6edf •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50297 – wifi: ath9k: verify the expected usb_endpoints are present
https://notcve.org/view.php?id=CVE-2022-50297
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usb_endpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. (In this case there was an interrupt endpoint where the driver expected a bulk endpoint.) The kernel needs to be able to handle such devices without getting an internal error. usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 3 PID: 500 at drivers/usb/core/urb.c:493 usb_submit_urb+0... • https://git.kernel.org/stable/c/fb9987d0f748c983bb795a86f47522313f701a08 • CWE-544: Missing Standardized Error Handling Mechanism •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50296 – UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
https://notcve.org/view.php?id=CVE-2022-50296
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS is selected, cpu_max_bits_warn() generates a runtime warning similar as below while we show /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit) instead of NR_CPUS to iterate CPUs. [ 3.052463] ------------[ cut here ]------------ [ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x5f... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50294 – wifi: libertas: fix memory leak in lbs_init_adapter()
https://notcve.org/view.php?id=CVE-2022-50294
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix memory leak in lbs_init_adapter() When kfifo_alloc() failed in lbs_init_adapter(), cmd buffer is not released. Add free memory to processing error path. In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix memory leak in lbs_init_adapter() When kfifo_alloc() failed in lbs_init_adapter(), cmd buffer is not released. Add free memory to processing error path. This update provides the initi... • https://git.kernel.org/stable/c/7919b89c8276d657976d4d4d6b7cb58ea1aa08c3 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50293 – btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range
https://notcve.org/view.php?id=CVE-2022-50293
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range If we get -ENOMEM while dropping file extent items in a given range, at btrfs_drop_extents(), due to failure to allocate memory when attempting to increment the reference count for an extent or drop the reference count, we handle it with a BUG_ON(). This is excessive, instead we can simply abort the transaction and return the error to the caller. In fact most callers of... • https://git.kernel.org/stable/c/39279cc3d2704cfbf9c35dcb5bdd392159ae4625 •