linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54315 | — | >= 5.9.0, < 5.10.188 | 5.10.188 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/sriov: perform null check on iov before dereferencing iov Currently pointer iov is being dereferenced before the null check of iov which can lead to null pointer dereference errors. Fix this by | ||
| CVE-2023-54314 | — | >= 2.6.23, < 4.14.326 | 4.14.326 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005_i2c_xfer In af9005_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data fi | ||
| CVE-2023-54313 | — | >= 5.15.0, < 5.15.121 | 5.15.121 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovl_get_acl_rcu() Following process: P1 P2 path_openat link_path_walk may_lookup inode_permission(rcu) ovl_permission acl_p | ||
| CVE-2023-54312 | — | >= 4.15.0, < 4.19.291 | 4.19.291 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix buffer overflow in tcp_basertt Using sizeof(nv) or strlen(nv)+1 is correct. | ||
| CVE-2023-54311 | — | >= 3.8.0, < 5.4.243 | 5.4.243 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock when converting an inline directory in nojournal mode In no journal mode, ext4_finish_convert_inline_dir() can self-deadlock by calling ext4_handle_dirty_dirblock() when it already has taken | ||
| CVE-2023-54310 | — | >= 2.6.12, < 4.14.316 | 4.14.316 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition mptlan_probe() calls mpt_register_lan_device() which initializes the &priv->post_buckets_task workqueue. A call to mpt_lan_ | ||
| CVE-2023-54309 | — | >= 4.8.0, < 4.14.322 | 4.14.322 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by | ||
| CVE-2023-54308 | — | >= 5.15.0, < 5.15.106 | 5.15.106 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snd_devm_card_new() snd_card_ymfpci_remove() was removed in commit c6e6bb5eab74 ("ALSA: ymfpci: Allocate resources with device-managed APIs"), but the call to snd_c | ||
| CVE-2023-54307 | — | >= 5.2.0, < 5.4.240 | 5.4.240 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ptp_qoriq: fix memory leak in probe() Smatch complains that: drivers/ptp/ptp_qoriq.c ptp_qoriq_probe() warn: 'base' from ioremap() not released. Fix this by revising the parameter from 'ptp_qoriq->base' to 'ba | ||
| CVE-2023-54306 | — | >= 5.4.0, < 5.4.235 | 5.4.235 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the tx_lock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thr | ||
| CVE-2023-54305 | — | >= 4.13.0, < 4.14.308 | 4.14.308 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access s_root while it is already set as NULL when umount is triggered. Refuse this request to avoid panic. | ||
| CVE-2023-54304 | — | >= 5.5.0, < 5.10.195 | 5.10.195 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: meson_sm: fix to avoid potential NULL pointer dereference of_match_device() may fail and returns a NULL pointer. Fix this by checking the return value of of_match_device. | ||
| CVE-2023-54303 | — | >= 6.0.0, < 6.1.45 | 6.1.45 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_perf_event_output The nesting protection in bpf_perf_event_output relies on disabled preemption, which is guaranteed for kprobes and tracepoints. However bpf_perf_event_output ca | ||
| CVE-2023-54302 | — | >= 5.14.0, < 5.15.124 | 5.15.124 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdma_wait_event and irdma_check_cqp_progress while it can be updated in the completion thread irdma_sc_ccq_get_cq | ||
| CVE-2023-54301 | — | >= 5.13.0, < 5.15.113 | 5.15.113 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: 8250_bcm7271: fix leak in `brcmuart_probe` Smatch reports: drivers/tty/serial/8250/8250_bcm7271.c:1120 brcmuart_probe() warn: 'baud_mux_clk' from clk_prepare_enable() not released on lines: 1032. The i | ||
| CVE-2023-54300 | — | >= 2.6.35, < 4.14.322 | 4.14.322 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx For the reasons also described in commit b383e8abed41 ("wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()"), ath9k_htc_rx_msg() should | ||
| CVE-2023-54299 | — | >= 4.19.0, < 5.4.257 | 5.4.257 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs will negotiate DisplayPort Alt mode with the device but will then negotiate a data role swap after entering the alt mode. The data | ||
| CVE-2023-54298 | — | >= 4.2.0, < 4.14.308 | 4.14.308 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quark_dts: fix error pointer dereference If alloc_soc_dts() fails, then we can just return. Trying to free "soc_dts" will lead to an Oops. | ||
| CVE-2023-54297 | — | >= 5.11.0, < 5.15.123 | 5.15.123 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix memory leak after finding block group with super blocks At exclude_super_stripes(), if we happen to find a block group that has super blocks mapped to it and we are on a zoned filesystem, we e | ||
| CVE-2023-54296 | — | >= 5.19.0, < 6.1.54 | 6.1.54 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration Fix a goof where KVM tries to grab source vCPUs from the destination VM when doing intrahost migration. Grabbing the wrong vCPU not only |
- CVE-2023-54315Dec 30, 2025affected >= 5.9.0, < 5.10.188fixed 5.10.188
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/sriov: perform null check on iov before dereferencing iov Currently pointer iov is being dereferenced before the null check of iov which can lead to null pointer dereference errors. Fix this by
- CVE-2023-54314Dec 30, 2025affected >= 2.6.23, < 4.14.326fixed 4.14.326
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005_i2c_xfer In af9005_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data fi
- CVE-2023-54313Dec 30, 2025affected >= 5.15.0, < 5.15.121fixed 5.15.121
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovl_get_acl_rcu() Following process: P1 P2 path_openat link_path_walk may_lookup inode_permission(rcu) ovl_permission acl_p
- CVE-2023-54312Dec 30, 2025affected >= 4.15.0, < 4.19.291fixed 4.19.291
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix buffer overflow in tcp_basertt Using sizeof(nv) or strlen(nv)+1 is correct.
- CVE-2023-54311Dec 30, 2025affected >= 3.8.0, < 5.4.243fixed 5.4.243
In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock when converting an inline directory in nojournal mode In no journal mode, ext4_finish_convert_inline_dir() can self-deadlock by calling ext4_handle_dirty_dirblock() when it already has taken
- CVE-2023-54310Dec 30, 2025affected >= 2.6.12, < 4.14.316fixed 4.14.316
In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition mptlan_probe() calls mpt_register_lan_device() which initializes the &priv->post_buckets_task workqueue. A call to mpt_lan_
- CVE-2023-54309Dec 30, 2025affected >= 4.8.0, < 4.14.322fixed 4.14.322
In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by
- CVE-2023-54308Dec 30, 2025affected >= 5.15.0, < 5.15.106fixed 5.15.106
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snd_devm_card_new() snd_card_ymfpci_remove() was removed in commit c6e6bb5eab74 ("ALSA: ymfpci: Allocate resources with device-managed APIs"), but the call to snd_c
- CVE-2023-54307Dec 30, 2025affected >= 5.2.0, < 5.4.240fixed 5.4.240
In the Linux kernel, the following vulnerability has been resolved: ptp_qoriq: fix memory leak in probe() Smatch complains that: drivers/ptp/ptp_qoriq.c ptp_qoriq_probe() warn: 'base' from ioremap() not released. Fix this by revising the parameter from 'ptp_qoriq->base' to 'ba
- CVE-2023-54306Dec 30, 2025affected >= 5.4.0, < 5.4.235fixed 5.4.235
In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the tx_lock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thr
- CVE-2023-54305Dec 30, 2025affected >= 4.13.0, < 4.14.308fixed 4.14.308
In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access s_root while it is already set as NULL when umount is triggered. Refuse this request to avoid panic.
- CVE-2023-54304Dec 30, 2025affected >= 5.5.0, < 5.10.195fixed 5.10.195
In the Linux kernel, the following vulnerability has been resolved: firmware: meson_sm: fix to avoid potential NULL pointer dereference of_match_device() may fail and returns a NULL pointer. Fix this by checking the return value of of_match_device.
- CVE-2023-54303Dec 30, 2025affected >= 6.0.0, < 6.1.45fixed 6.1.45
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_perf_event_output The nesting protection in bpf_perf_event_output relies on disabled preemption, which is guaranteed for kprobes and tracepoints. However bpf_perf_event_output ca
- CVE-2023-54302Dec 30, 2025affected >= 5.14.0, < 5.15.124fixed 5.15.124
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdma_wait_event and irdma_check_cqp_progress while it can be updated in the completion thread irdma_sc_ccq_get_cq
- CVE-2023-54301Dec 30, 2025affected >= 5.13.0, < 5.15.113fixed 5.15.113
In the Linux kernel, the following vulnerability has been resolved: serial: 8250_bcm7271: fix leak in `brcmuart_probe` Smatch reports: drivers/tty/serial/8250/8250_bcm7271.c:1120 brcmuart_probe() warn: 'baud_mux_clk' from clk_prepare_enable() not released on lines: 1032. The i
- CVE-2023-54300Dec 30, 2025affected >= 2.6.35, < 4.14.322fixed 4.14.322
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx For the reasons also described in commit b383e8abed41 ("wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()"), ath9k_htc_rx_msg() should
- CVE-2023-54299Dec 30, 2025affected >= 4.19.0, < 5.4.257fixed 5.4.257
In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs will negotiate DisplayPort Alt mode with the device but will then negotiate a data role swap after entering the alt mode. The data
- CVE-2023-54298Dec 30, 2025affected >= 4.2.0, < 4.14.308fixed 4.14.308
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quark_dts: fix error pointer dereference If alloc_soc_dts() fails, then we can just return. Trying to free "soc_dts" will lead to an Oops.
- CVE-2023-54297Dec 30, 2025affected >= 5.11.0, < 5.15.123fixed 5.15.123
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix memory leak after finding block group with super blocks At exclude_super_stripes(), if we happen to find a block group that has super blocks mapped to it and we are on a zoned filesystem, we e
- CVE-2023-54296Dec 30, 2025affected >= 5.19.0, < 6.1.54fixed 6.1.54
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration Fix a goof where KVM tries to grab source vCPUs from the destination VM when doing intrahost migration. Grabbing the wrong vCPU not only
Page 22 of 88