CVSS: 9.6EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53582 – wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds
https://notcve.org/view.php?id=CVE-2023-53582
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of strreplace() in brcmf_c_preinit_dcmds(). This buffer is filled with a CLM version string by memcpy() in brcmf_fil_iovar_data_get(). Ensure buf is null-terminated. Found by a modified version of syzkaller. [ 33.004414][ T1896] brcmfmac: b... • https://git.kernel.org/stable/c/fdd0bd88ceaecf729db103ac8836af5805dd2dc1 • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53581 – net/mlx5e: Check for NOT_READY flag state after locking
https://notcve.org/view.php?id=CVE-2023-53581
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the necessary lock. This opens a possibility for race condition when the flow is concurrently removed from unready_flows list by the workqueue task, which causes a double-removal from the list and a crash[0]. Fix the issue by moving the flag check inside the section protected by uplink_priv->unready_flows_lock mutex. ... • https://git.kernel.org/stable/c/ad86755b18d5edf1956f6d25c844f27289216877 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50505 – iommu/amd: Fix pci device refcount leak in ppr_notifier()
https://notcve.org/view.php?id=CVE-2022-50505
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in ppr_notifier() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling pci_dev_put(). So call it before returning from ppr_notifier() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in ppr_notifi... • https://git.kernel.org/stable/c/daae2d25a4779b272a66ddd01f5810bcee822b9e • CWE-911: Improper Update of Reference Count •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50504 – powerpc/rtas: avoid scheduling in rtas_os_term()
https://notcve.org/view.php?id=CVE-2022-50504
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtas_os_term() It's unsafe to use rtas_busy_delay() to handle a busy status from the ibm,os-term RTAS function in rtas_os_term(): Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b BUG: sleeping function called from invalid context at arch/powerpc/kernel/rtas.c:618 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 1, name: swapper/0 preempt_count: 2, expected: 0 CPU: 7 PID: 1 Comm:... • https://git.kernel.org/stable/c/507279db1819aacf4022e790b3fc8bc8cf56debf •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50503 – mtd: lpddr2_nvm: Fix possible null-ptr-deref
https://notcve.org/view.php?id=CVE-2022-50503
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2_nvm: Fix possible null-ptr-deref It will cause null-ptr-deref when resource_size(add_range) invoked, if platform_get_resource() returns NULL. In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2_nvm: Fix possible null-ptr-deref It will cause null-ptr-deref when resource_size(add_range) invoked, if platform_get_resource() returns NULL. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix variou... • https://git.kernel.org/stable/c/96ba9dd65788a0bd2a7d1e57ec78b7642f0ccc25 •
CVSS: 6.4EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50501 – media: coda: Add check for dcoda_iram_alloc
https://notcve.org/view.php?id=CVE-2022-50501
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcoda_iram_alloc As the coda_iram_alloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others. In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcoda_iram_alloc As the coda_iram_alloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter der... • https://git.kernel.org/stable/c/b313bcc9a46795c0233a765411cef9a15caaa7fb •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-50500 – netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed
https://notcve.org/view.php?id=CVE-2022-50500
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed If some items in nsim_dev_resources_register() fail, memory leak will occur. The following is the memory leak information. unreferenced object 0xffff888074c02600 (size 128): comm "echo", pid 8159, jiffies 4294945184 (age 493.530s) hex dump (first 32 bytes): 40 47 ea 89 ff ff ff ff 01 00 00 00 00 00 00 00 @G.............. ff ff ff ff ff ff ff ff ff ff ff... • https://git.kernel.org/stable/c/37923ed6b8cea94d7d76038e2f72c57a0b45daab •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-50499 – media: dvb-core: Fix double free in dvb_register_device()
https://notcve.org/view.php?id=CVE-2022-50499
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: Fix double free in dvb_register_device() In function dvb_register_device() -> dvb_register_media_device() -> dvb_create_media_entity(), dvb->entity is allocated and initialized. If the initialization fails, it frees the dvb->entity, and return an error code. The caller takes the error code and handles the error by calling dvb_media_device_free(), which unregisters the entity and frees the field again if it is not NULL. As d... • https://git.kernel.org/stable/c/9db28659aa893c68f162b11fd63bb7f6a713e52f •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50497 – binfmt_misc: fix shift-out-of-bounds in check_special_flags
https://notcve.org/view.php?id=CVE-2022-50497
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: fix shift-out-of-bounds in check_special_flags UBSAN reported a shift-out-of-bounds warning: left shift of 1 by 31 places cannot be represented in type 'int' Call Trace:
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50496 – dm cache: Fix UAF in destroy()
https://notcve.org/view.php?id=CVE-2022-50496
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy(). In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy(). The SUSE Linux Enterprise 15 SP5 RT kern... • https://git.kernel.org/stable/c/c6b4fcbad044e6fffcc75bba160e720eb8d67d17 • CWE-825: Expired Pointer Dereference •