linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54232 | — | >= 2.6.18, < 4.14.312 | 4.14.312 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: m68k: Only force 030 bus error if PC not in exception table __get_kernel_nofault() does copy data in supervisor mode when forcing a task backtrace log through /proc/sysrq_trigger. This is expected cause a bus e | ||
| CVE-2023-54231 | — | >= 6.3.0, < 6.3.2 | 6.3.2 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix memory leak in wx_setup_rx_resources When wx_alloc_page_pool() failed in wx_setup_rx_resources(), it doesn't release DMA buffer. Add dma_free_coherent() in the error path to release the DMA buff | ||
| CVE-2023-54230 | — | >= 3.1.0, < 4.14.326 | 4.14.326 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_node, but not releases it in amba_device_release, so there is refcount leak. By us | ||
| CVE-2023-54229 | — | >= 5.9.0, < 5.10.188 | 5.10.188 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register: | ||
| CVE-2023-54228 | — | >= 6.5.0, < 6.5.4 | 6.5.4 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: raa215300: Fix resource leak in case of error The clk_register_clkdev() allocates memory by calling vclkdev_alloc() and this memory is not freed in the error path. Similarly, resources allocated by c | ||
| CVE-2023-54227 | — | >= 5.16.0, < 6.5.5 | 6.5.5 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nr_hw_queues Although we don't need to realloc set->tags[] when shrink nr_hw_queues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs | ||
| CVE-2023-54226 | — | >= 2.6.12, < 4.19.284 | 4.19.284 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown. KCSAN found a data race around sk->sk_shutdown where unix_release_sock() and unix_shutdown() update it under unix_state_lock(), OTOH unix_poll() and unix_dgram_po | ||
| CVE-2023-54225 | — | >= 6.1.0, < 6.1.45 | 6.1.45 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a c | ||
| CVE-2023-54224 | — | >= 5.15.0, < 5.15.133 | 5.15.133 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix lockdep splat and potential deadlock after failure running delayed items When running delayed items we are holding a delayed node's mutex and then we will attempt to modify a subvolume btree to inser | ||
| CVE-2023-54223 | — | >= 6.4.5, < 6.4.10 | 6.4.10 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDP_REDIRECT path, and then once again in | ||
| CVE-2023-54222 | — | >= 5.19.0, < 6.1.28 | 6.1.28 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id() The "map_sz" is the number of elements in the "m" array so the > comparison needs to be changed to >= to prevent an out of bounds read. | ||
| CVE-2023-54221 | — | >= 5.18.0, < 6.1.39 | 6.1.39 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe In function probe(), it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregister_hws;' on line | ||
| CVE-2023-54220 | — | < 4.14.324 | 4.14.324 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port->pm on uart_change_pm() Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten seconds after unloading | ||
| CVE-2023-54219 | — | < 4.14.326 | 4.14.326 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert connection") is causing problems on OPA when DEVICE_REMOVAL is happening. --------- | ||
| CVE-2023-54218 | — | >= 4.12.0, < 4.14.316 | 4.14.316 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs(). KCSAN found a data race in sock_recv_cmsgs() where the read access to sk->sk_stamp needs READ_ONCE(). BUG: KCSAN: data-race in packet_recvmsg / packe | ||
| CVE-2023-54217 | — | >= 6.3.0, < 6.3.2 | 6.3.2 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msm_drm_init() paths with respe | ||
| CVE-2023-54216 | — | >= 6.3.0, < 6.3.6 | 6.3.6 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix using eswitch mapping in nic mode Cited patch is using the eswitch object mapping pool while in nic mode where it isn't initialized. This results in the trace below [0]. Fix that by using ei | ||
| CVE-2023-54215 | — | >= 6.4.0, < 6.4.12 | 6.4.12 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs() Free the cpumask allocated by create_affinity_masks() before returning from the function. | ||
| CVE-2023-54214 | — | >= 3.5.0, < 4.14.308 | 4.14.308 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling alloc_skb which may release the chan lock and reacquire later which makes it possible that | ||
| CVE-2023-54213 | — | >= 2.6.12, < 4.14.316 | 4.14.316 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the sisusbvga driver: ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 1 PID |
- CVE-2023-54232Dec 30, 2025affected >= 2.6.18, < 4.14.312fixed 4.14.312
In the Linux kernel, the following vulnerability has been resolved: m68k: Only force 030 bus error if PC not in exception table __get_kernel_nofault() does copy data in supervisor mode when forcing a task backtrace log through /proc/sysrq_trigger. This is expected cause a bus e
- CVE-2023-54231Dec 30, 2025affected >= 6.3.0, < 6.3.2fixed 6.3.2
In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix memory leak in wx_setup_rx_resources When wx_alloc_page_pool() failed in wx_setup_rx_resources(), it doesn't release DMA buffer. Add dma_free_coherent() in the error path to release the DMA buff
- CVE-2023-54230Dec 30, 2025affected >= 3.1.0, < 4.14.326fixed 4.14.326
In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_node, but not releases it in amba_device_release, so there is refcount leak. By us
- CVE-2023-54229Dec 30, 2025affected >= 5.9.0, < 5.10.188fixed 5.10.188
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register:
- CVE-2023-54228Dec 30, 2025affected >= 6.5.0, < 6.5.4fixed 6.5.4
In the Linux kernel, the following vulnerability has been resolved: regulator: raa215300: Fix resource leak in case of error The clk_register_clkdev() allocates memory by calling vclkdev_alloc() and this memory is not freed in the error path. Similarly, resources allocated by c
- CVE-2023-54227Dec 30, 2025affected >= 5.16.0, < 6.5.5fixed 6.5.5
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nr_hw_queues Although we don't need to realloc set->tags[] when shrink nr_hw_queues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs
- CVE-2023-54226Dec 30, 2025affected >= 2.6.12, < 4.19.284fixed 4.19.284
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown. KCSAN found a data race around sk->sk_shutdown where unix_release_sock() and unix_shutdown() update it under unix_state_lock(), OTOH unix_poll() and unix_dgram_po
- CVE-2023-54225Dec 30, 2025affected >= 6.1.0, < 6.1.45fixed 6.1.45
In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a c
- CVE-2023-54224Dec 30, 2025affected >= 5.15.0, < 5.15.133fixed 5.15.133
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix lockdep splat and potential deadlock after failure running delayed items When running delayed items we are holding a delayed node's mutex and then we will attempt to modify a subvolume btree to inser
- CVE-2023-54223Dec 30, 2025affected >= 6.4.5, < 6.4.10fixed 6.4.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDP_REDIRECT path, and then once again in
- CVE-2023-54222Dec 30, 2025affected >= 5.19.0, < 6.1.28fixed 6.1.28
In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id() The "map_sz" is the number of elements in the "m" array so the > comparison needs to be changed to >= to prevent an out of bounds read.
- CVE-2023-54221Dec 30, 2025affected >= 5.18.0, < 6.1.39fixed 6.1.39
In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe In function probe(), it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregister_hws;' on line
- CVE-2023-54220Dec 30, 2025affected < 4.14.324fixed 4.14.324
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port->pm on uart_change_pm() Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten seconds after unloading
- CVE-2023-54219Dec 30, 2025affected < 4.14.326fixed 4.14.326
In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert connection") is causing problems on OPA when DEVICE_REMOVAL is happening. ---------
- CVE-2023-54218Dec 30, 2025affected >= 4.12.0, < 4.14.316fixed 4.14.316
In the Linux kernel, the following vulnerability has been resolved: net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs(). KCSAN found a data race in sock_recv_cmsgs() where the read access to sk->sk_stamp needs READ_ONCE(). BUG: KCSAN: data-race in packet_recvmsg / packe
- CVE-2023-54217Dec 30, 2025affected >= 6.3.0, < 6.3.2fixed 6.3.2
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msm_drm_init() paths with respe
- CVE-2023-54216Dec 30, 2025affected >= 6.3.0, < 6.3.6fixed 6.3.6
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix using eswitch mapping in nic mode Cited patch is using the eswitch object mapping pool while in nic mode where it isn't initialized. This results in the trace below [0]. Fix that by using ei
- CVE-2023-54215Dec 30, 2025affected >= 6.4.0, < 6.4.12fixed 6.4.12
In the Linux kernel, the following vulnerability has been resolved: virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs() Free the cpumask allocated by create_affinity_masks() before returning from the function.
- CVE-2023-54214Dec 30, 2025affected >= 3.5.0, < 4.14.308fixed 4.14.308
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling alloc_skb which may release the chan lock and reacquire later which makes it possible that
- CVE-2023-54213Dec 30, 2025affected >= 2.6.12, < 4.14.316fixed 4.14.316
In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the sisusbvga driver: ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 1 PID
Page 26 of 88