linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54126 | — | >= 4.13.0, < 5.4.243 | 5.4.243 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on load failure A failure loading the safexcel driver results in the following warning on boot, because the IRQ affinity has not been correctly cleaned up. Ensure | ||
| CVE-2023-54125 | — | >= 6.2.0, < 6.4.12 | 6.4.12 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Return error for inconsistent extended attributes ntfs_read_ea is called when we want to read extended attributes. There are some sanity checks for the validity of the EAs. However, it fails to return | ||
| CVE-2023-54124 | — | >= 4.19.0, < 4.19.284 | 4.19.284 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount() if cp_error is set xfstest generic/361 reports a bug as below: f2fs_bug_on(sbi, sbi->fsync_node_num); kernel BUG at fs/f2fs/super.c:1627! RIP: 0010:f2fs_put_s | ||
| CVE-2023-54123 | — | >= 4.12.0, < 4.19.283 | 4.19.283 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak for 'conf->bio_split' In the error path of raid10_run(), 'conf' need be freed, however, 'conf->bio_split' is missed and memory will be leaked. Since there are 3 places to free 'conf', fa | ||
| CVE-2023-54122 | — | >= 5.3.0, < 5.4.235 | 5.4.235 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in __drm_atomic_helper_crtc_reset. Patchwork: h | ||
| CVE-2023-54121 | — | >= 2.6.33, < 6.1.47 | 6.1.47 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect splitting in btrfs_drop_extent_map_range In production we were seeing a variety of WARN_ON()'s in the extent_map code, specifically in btrfs_drop_extent_map_range() when we have to call add | ||
| CVE-2023-54120 | — | >= 2.6.12, < 4.14.313 | 4.14.313 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidp_session_thread There is a potential race condition in hidp_session_thread that may lead to use-after-free. For instance, the timer is active while hidp_del_timer is called | ||
| CVE-2023-54119 | — | >= 2.6.31, < 5.4.243 | 5.4.243 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: inotify: Avoid reporting event with invalid wd When inotify_freeing_mark() races with inotify_handle_inode_event() it can happen that inotify_handle_inode_event() sees that i_mark->wd got already reset to -1 an | ||
| CVE-2023-54118 | — | >= 3.16.0, < 5.10.173 | 5.10.173 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the G | ||
| CVE-2023-54117 | — | >= 5.17.0, < 6.1.53 | 6.1.53 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with list_add corruption Commit fb08a1908cb1 ("dax: simplify the dax_device <-> gendisk association") introduced new logic for gendisk association, requiring drivers to explicitly | ||
| CVE-2023-54116 | — | >= 5.18.0, < 6.1.30 | 6.1.30 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-generic: prohibit potential out-of-bounds access The fbdev test of IGT may write after EOF, which lead to out-of-bound access for drm drivers with fbdev-generic. For example, run fbdev test on a x86+a | ||
| CVE-2023-54115 | — | >= 2.6.12, < 4.14.324 | 4.14.324 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() When nonstatic_release_resource_db() frees all resources associated with an PCMCIA socket, it forgets to free socket_data too, causing | ||
| CVE-2023-54114 | — | >= 4.14.0, < 4.14.316 | 4.14.316 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() As the call trace shows, skb_panic was caused by wrong skb->mac_header in nsh_gso_segment(): invalid opcode: 0000 [#1] PREEMPT SMP KASAN | ||
| CVE-2023-54113 | — | >= 5.12.0, < 5.15.132 | 5.15.132 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), will dump rcu_head objects memory info, if the objects is not allocated from the slab allocator, the vmalloc_dump_obj() will be invo | ||
| CVE-2023-54112 | — | >= 4.6.0, < 4.14.326 | 4.14.326 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcm_sendmsg() syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 (size 240): comm "syz-executor186", pid 5012, jiffies 429 | ||
| CVE-2023-54111 | — | >= 3.11.0, < 4.14.308 | 4.14.308 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups of_find_node_by_phandle() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add m | ||
| CVE-2023-54110 | — | >= 2.6.22, < 4.14.303 | 4.14.303 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: rndis_host: Secure rndis_query check against int overflow Variables off and len typed as uint32 in rndis_query function are controlled by incoming RNDIS response message thus their value may be manipulated | ||
| CVE-2023-54109 | — | >= 4.10.0, < 4.19.283 | 4.19.283 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: rcar_fdp1: Fix refcount leak in probe and remove function rcar_fcp_get() take reference, which should be balanced with rcar_fcp_put(). Add missing rcar_fcp_put() in fdp1_remove and the error paths of fdp | ||
| CVE-2023-54108 | — | < 5.4.235 | 5.4.235 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error [device addres | ||
| CVE-2023-54106 | — | >= 6.0.0, < 6.1.45 | 6.1.45 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the error path of mlx5e_init_rep_rx, which can lead to a memory leak. Fix by freeing th |
- CVE-2023-54126Dec 24, 2025affected >= 4.13.0, < 5.4.243fixed 5.4.243
In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on load failure A failure loading the safexcel driver results in the following warning on boot, because the IRQ affinity has not been correctly cleaned up. Ensure
- CVE-2023-54125Dec 24, 2025affected >= 6.2.0, < 6.4.12fixed 6.4.12
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Return error for inconsistent extended attributes ntfs_read_ea is called when we want to read extended attributes. There are some sanity checks for the validity of the EAs. However, it fails to return
- CVE-2023-54124Dec 24, 2025affected >= 4.19.0, < 4.19.284fixed 4.19.284
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount() if cp_error is set xfstest generic/361 reports a bug as below: f2fs_bug_on(sbi, sbi->fsync_node_num); kernel BUG at fs/f2fs/super.c:1627! RIP: 0010:f2fs_put_s
- CVE-2023-54123Dec 24, 2025affected >= 4.12.0, < 4.19.283fixed 4.19.283
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak for 'conf->bio_split' In the error path of raid10_run(), 'conf' need be freed, however, 'conf->bio_split' is missed and memory will be leaked. Since there are 3 places to free 'conf', fa
- CVE-2023-54122Dec 24, 2025affected >= 5.3.0, < 5.4.235fixed 5.4.235
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add check for cstate As kzalloc may fail and return NULL pointer, it should be better to check cstate in order to avoid the NULL pointer dereference in __drm_atomic_helper_crtc_reset. Patchwork: h
- CVE-2023-54121Dec 24, 2025affected >= 2.6.33, < 6.1.47fixed 6.1.47
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect splitting in btrfs_drop_extent_map_range In production we were seeing a variety of WARN_ON()'s in the extent_map code, specifically in btrfs_drop_extent_map_range() when we have to call add
- CVE-2023-54120Dec 24, 2025affected >= 2.6.12, < 4.14.313fixed 4.14.313
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidp_session_thread There is a potential race condition in hidp_session_thread that may lead to use-after-free. For instance, the timer is active while hidp_del_timer is called
- CVE-2023-54119Dec 24, 2025affected >= 2.6.31, < 5.4.243fixed 5.4.243
In the Linux kernel, the following vulnerability has been resolved: inotify: Avoid reporting event with invalid wd When inotify_freeing_mark() races with inotify_handle_inode_event() it can happen that inotify_handle_inode_event() sees that i_mark->wd got already reset to -1 an
- CVE-2023-54118Dec 24, 2025affected >= 3.16.0, < 5.10.173fixed 5.10.173
In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the G
- CVE-2023-54117Dec 24, 2025affected >= 5.17.0, < 6.1.53fixed 6.1.53
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with list_add corruption Commit fb08a1908cb1 ("dax: simplify the dax_device <-> gendisk association") introduced new logic for gendisk association, requiring drivers to explicitly
- CVE-2023-54116Dec 24, 2025affected >= 5.18.0, < 6.1.30fixed 6.1.30
In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-generic: prohibit potential out-of-bounds access The fbdev test of IGT may write after EOF, which lead to out-of-bound access for drm drivers with fbdev-generic. For example, run fbdev test on a x86+a
- CVE-2023-54115Dec 24, 2025affected >= 2.6.12, < 4.14.324fixed 4.14.324
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() When nonstatic_release_resource_db() frees all resources associated with an PCMCIA socket, it forgets to free socket_data too, causing
- CVE-2023-54114Dec 24, 2025affected >= 4.14.0, < 4.14.316fixed 4.14.316
In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() As the call trace shows, skb_panic was caused by wrong skb->mac_header in nsh_gso_segment(): invalid opcode: 0000 [#1] PREEMPT SMP KASAN
- CVE-2023-54113Dec 24, 2025affected >= 5.12.0, < 5.15.132fixed 5.15.132
In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), will dump rcu_head objects memory info, if the objects is not allocated from the slab allocator, the vmalloc_dump_obj() will be invo
- CVE-2023-54112Dec 24, 2025affected >= 4.6.0, < 4.14.326fixed 4.14.326
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcm_sendmsg() syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 (size 240): comm "syz-executor186", pid 5012, jiffies 429
- CVE-2023-54111Dec 24, 2025affected >= 3.11.0, < 4.14.308fixed 4.14.308
In the Linux kernel, the following vulnerability has been resolved: pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups of_find_node_by_phandle() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add m
- CVE-2023-54110Dec 24, 2025affected >= 2.6.22, < 4.14.303fixed 4.14.303
In the Linux kernel, the following vulnerability has been resolved: usb: rndis_host: Secure rndis_query check against int overflow Variables off and len typed as uint32 in rndis_query function are controlled by incoming RNDIS response message thus their value may be manipulated
- CVE-2023-54109Dec 24, 2025affected >= 4.10.0, < 4.19.283fixed 4.19.283
In the Linux kernel, the following vulnerability has been resolved: media: rcar_fdp1: Fix refcount leak in probe and remove function rcar_fcp_get() take reference, which should be balanced with rcar_fcp_put(). Add missing rcar_fcp_put() in fdp1_remove and the error paths of fdp
- CVE-2023-54108Dec 24, 2025affected < 5.4.235fixed 5.4.235
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error [device addres
- CVE-2023-54106Dec 24, 2025affected >= 6.0.0, < 6.1.45fixed 6.1.45
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the error path of mlx5e_init_rep_rx, which can lead to a memory leak. Fix by freeing th
Page 36 of 88