linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54190 | — | >= 5.6.0, < 5.10.173 | 5.10.173 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: leds: led-core: Fix refcount leak in of_led_get() class_find_device_by_of_node() calls class_find_device(), it will take the reference, use the put_device() to drop the reference when not need anymore. | ||
| CVE-2023-54189 | — | < 5.4.251 | 5.4.251 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. | ||
| CVE-2023-54188 | — | >= 6.0.0, < 6.1.25 | 6.1.25 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: apple-admac: Fix 'current_tx' not getting freed In terminate_all we should queue up all submitted descriptors to be freed. We do that for the content of the 'issued' and 'submitted' lists, but the 'c | ||
| CVE-2023-54187 | — | >= 3.19.0, < 5.4.243 | 5.4.243 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4_rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b ("ext4: Fix possible corruption when m | ||
| CVE-2023-54186 | — | >= 4.19.0, < 4.19.284 | 4.19.284 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show when get_current_pin_assignments returns 0 i.e. no compatible pin assignments are | ||
| CVE-2023-54185 | — | >= 2.6.29, < 6.1.45 | 6.1.45 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG_ON()'s in add_new_free_space() At add_new_free_space() we have these BUG_ON()'s that are there to deal with any failure to add free space to the in memory free space cache. Such failures are m | ||
| CVE-2023-54184 | — | >= 3.12.0, < 5.4.244 | 5.4.244 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That leads to use-after-free at command free or NPE with such call trace: Time2Retain | ||
| CVE-2023-54183 | — | >= 4.13.0, < 4.19.295 | 4.19.295 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() If fwnode_graph_get_remote_endpoint() fails, 'fwnode' is known to be NULL, so fwnode_handle_put() is a no-op. Release the reference t | ||
| CVE-2023-54182 | — | >= 5.2.0, < 5.15.113 | 5.15.113 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check readonly condition correctly With below case, it can mount multi-device image w/ rw option, however one of secondary device is set as ro, later update will cause panic, so let's introduce f2f | ||
| CVE-2023-54181 | — | >= 5.8.0, < 6.1.53 | 6.1.53 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allow_ptr_leaks After we converted the capabilities of our networking-bpf program from cap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program failed to start. Because it | ||
| CVE-2023-54180 | — | >= 3.8.0, < 6.0.19 | 6.0.19 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace [BUG] There is a bug report that a BUG_ON() in btrfs_repair_io_failure() (originally repair_io_failure() in v6.0 kernel) got triggered when replacing a un | ||
| CVE-2023-54179 | — | >= 2.6.12, < 4.19.291 | 4.19.291 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. Use snprintf() instead of sprintf(). | ||
| CVE-2023-54178 | — | >= 4.14.0, < 4.14.326 | 4.14.326 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name() when kmalloc() fail to allocate memory in kasprintf(), name or full_name will be NULL, strcmp() will cause null pointer dereferenc | ||
| CVE-2023-54177 | — | >= 3.15.0, < 4.14.324 | 4.14.324 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab() There's issue as follows when do fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquot_disable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm: | ||
| CVE-2023-54176 | — | >= 5.11.0, < 5.15.108 | 5.15.108 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcp_worker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect() // incoming reset + fastclose // th | ||
| CVE-2023-54175 | — | >= 5.16.0, < 6.1.28 | 6.1.28 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path The xiic_xfer() function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is curr | ||
| CVE-2023-54174 | — | >= 6.2.0, < 6.2.3 | 6.2.3 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd group->iommufd is not initialized for the iommufd_ctx_put() [20018.331541] BUG: kernel NULL pointer dereference, address: 0000000000000 | ||
| CVE-2023-54173 | — | >= 5.7.0, < 5.10.190 | 5.10.190 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_event_output We received report [1] of kernel crash, which is caused by using nesting protection without disabled preemption. The bpf_event_output can be called by programs execu | ||
| CVE-2023-54172 | — | >= 5.18.0, < 6.1.45 | 6.1.45 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking (IBT), Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, curre | ||
| CVE-2023-54171 | — | >= 5.7.0, < 5.10.188 | 5.10.188 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak of iter->temp when reading trace_pipe kmemleak reports: unreferenced object 0xffff88814d14e200 (size 256): comm "cat", pid 336, jiffies 4294871818 (age 779.490s) hex dump (fir |
- CVE-2023-54190Dec 30, 2025affected >= 5.6.0, < 5.10.173fixed 5.10.173
In the Linux kernel, the following vulnerability has been resolved: leds: led-core: Fix refcount leak in of_led_get() class_find_device_by_of_node() calls class_find_device(), it will take the reference, use the put_device() to drop the reference when not need anymore.
- CVE-2023-54189Dec 30, 2025affected < 5.4.251fixed 5.4.251
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.
- CVE-2023-54188Dec 30, 2025affected >= 6.0.0, < 6.1.25fixed 6.1.25
In the Linux kernel, the following vulnerability has been resolved: dmaengine: apple-admac: Fix 'current_tx' not getting freed In terminate_all we should queue up all submitted descriptors to be freed. We do that for the content of the 'issued' and 'submitted' lists, but the 'c
- CVE-2023-54187Dec 30, 2025affected >= 3.19.0, < 5.4.243fixed 5.4.243
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4_rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b ("ext4: Fix possible corruption when m
- CVE-2023-54186Dec 30, 2025affected >= 4.19.0, < 4.19.284fixed 4.19.284
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show when get_current_pin_assignments returns 0 i.e. no compatible pin assignments are
- CVE-2023-54185Dec 30, 2025affected >= 2.6.29, < 6.1.45fixed 6.1.45
In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG_ON()'s in add_new_free_space() At add_new_free_space() we have these BUG_ON()'s that are there to deal with any failure to add free space to the in memory free space cache. Such failures are m
- CVE-2023-54184Dec 30, 2025affected >= 3.12.0, < 5.4.244fixed 5.4.244
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That leads to use-after-free at command free or NPE with such call trace: Time2Retain
- CVE-2023-54183Dec 30, 2025affected >= 4.13.0, < 4.19.295fixed 4.19.295
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() If fwnode_graph_get_remote_endpoint() fails, 'fwnode' is known to be NULL, so fwnode_handle_put() is a no-op. Release the reference t
- CVE-2023-54182Dec 30, 2025affected >= 5.2.0, < 5.15.113fixed 5.15.113
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check readonly condition correctly With below case, it can mount multi-device image w/ rw option, however one of secondary device is set as ro, later update will cause panic, so let's introduce f2f
- CVE-2023-54181Dec 30, 2025affected >= 5.8.0, < 6.1.53fixed 6.1.53
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allow_ptr_leaks After we converted the capabilities of our networking-bpf program from cap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program failed to start. Because it
- CVE-2023-54180Dec 30, 2025affected >= 3.8.0, < 6.0.19fixed 6.0.19
In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace [BUG] There is a bug report that a BUG_ON() in btrfs_repair_io_failure() (originally repair_io_failure() in v6.0 kernel) got triggered when replacing a un
- CVE-2023-54179Dec 30, 2025affected >= 2.6.12, < 4.19.291fixed 4.19.291
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. Use snprintf() instead of sprintf().
- CVE-2023-54178Dec 30, 2025affected >= 4.14.0, < 4.14.326fixed 4.14.326
In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name() when kmalloc() fail to allocate memory in kasprintf(), name or full_name will be NULL, strcmp() will cause null pointer dereferenc
- CVE-2023-54177Dec 30, 2025affected >= 3.15.0, < 4.14.324fixed 4.14.324
In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab() There's issue as follows when do fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquot_disable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm:
- CVE-2023-54176Dec 30, 2025affected >= 5.11.0, < 5.15.108fixed 5.15.108
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcp_worker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect() // incoming reset + fastclose // th
- CVE-2023-54175Dec 30, 2025affected >= 5.16.0, < 6.1.28fixed 6.1.28
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path The xiic_xfer() function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is curr
- CVE-2023-54174Dec 30, 2025affected >= 6.2.0, < 6.2.3fixed 6.2.3
In the Linux kernel, the following vulnerability has been resolved: vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd group->iommufd is not initialized for the iommufd_ctx_put() [20018.331541] BUG: kernel NULL pointer dereference, address: 0000000000000
- CVE-2023-54173Dec 30, 2025affected >= 5.7.0, < 5.10.190fixed 5.10.190
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_event_output We received report [1] of kernel crash, which is caused by using nesting protection without disabled preemption. The bpf_event_output can be called by programs execu
- CVE-2023-54172Dec 30, 2025affected >= 5.18.0, < 6.1.45fixed 6.1.45
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking (IBT), Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, curre
- CVE-2023-54171Dec 30, 2025affected >= 5.7.0, < 5.10.188fixed 5.10.188
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak of iter->temp when reading trace_pipe kmemleak reports: unreferenced object 0xffff88814d14e200 (size 256): comm "cat", pid 336, jiffies 4294871818 (age 779.490s) hex dump (fir
Page 28 of 88