linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54084 | — | >= 5.4.0, < 5.4.244 | 5.4.244 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if init_stream() failed, but it instead freed dg00x->rx_stream and returned success. This potentially lead | ||
| CVE-2023-54083 | — | >= 5.7.0, < 5.10.188 | 5.10.188 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy th | ||
| CVE-2023-54081 | — | >= 3.5.0, < 6.1.43 | 6.1.43 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols ex | ||
| CVE-2023-54080 | — | >= 6.5.0, < 6.5.3 | 6.5.3 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: skip splitting and logical rewriting on pre-alloc write When doing a relocation, there is a chance that at the time of btrfs_reloc_clone_csums(), there is no checksum for the corresponding region. | ||
| CVE-2023-54079 | — | >= 3.3.0, < 4.14.316 | 4.14.316 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx: Fix poll_interval handling and races on remove Before this patch bq27xxx_battery_teardown() was setting poll_interval = 0 to avoid bq27xxx_battery_update() requeuing the delayed_work ite | ||
| CVE-2023-54078 | — | >= 5.9.0, < 5.10.180 | 5.10.180 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: max9286: Free control handler The control handler is leaked in some probe-time error paths, as well as in the remove path. Fix it. | ||
| CVE-2023-54077 | — | >= 5.15.0, < 5.15.111 | 5.15.111 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfs_read_mft failed Label ATTR_ROOT in ntfs_read_mft() sets is_root = true and ni->ni_flags |= NI_FLAG_DIR, then next attr will goto label ATTR_ALLOC and alloc ni->dir.alloc_run. H | ||
| CVE-2023-54076 | — | >= 6.4.0, < 6.4.7 | 6.4.7 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifs_smb_ses_inc_refcount() helper to get an active reference of @ses and @ses->dfs_root_ses (if set). This will prevent @ses->dfs_root_ses of being put in the n | ||
| CVE-2023-54075 | — | >= 6.3.0, < 6.3.2 | 6.3.2 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parse_dai_link_info Add missing of_node_put()s before the returns to balance of_node_get()s and of_node_put()s, which may get unbalanced in case the for loop 'for_ea | ||
| CVE-2023-54074 | — | >= 5.18.0, < 6.1.31 | 6.1.31 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use correct encap attribute during invalidation With introduction of post action infrastructure most of the users of encap attribute had been modified in order to obtain the correct attribute by call | ||
| CVE-2023-54073 | — | >= 6.1.0, < 6.1.28 | 6.1.28 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site The following crash was reported: [ 1950.279393] list_del corruption, ffff99560d485790->next is NULL [ 1950.279400] ------------[ cut he | ||
| CVE-2023-54072 | — | >= 5.6.0, < 5.10.193 | 5.10.193 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper l | ||
| CVE-2023-54071 | — | >= 5.19.0, < 6.1.30 | 6.1.30 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: use work to update rate to avoid RCU warning The ieee80211_ops::sta_rc_update must be atomic, because ieee80211_chan_bw_change() holds rcu_read lock while calling drv_sta_rc_update(), so create a w | ||
| CVE-2023-54070 | — | >= 6.3.0, < 6.5.4 | 6.5.4 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 ("igb: Enable SR-IOV after reinit"), removing the igb module could hang or crash (depending on the machine) when the module has be | ||
| CVE-2023-54069 | — | < 5.4.260 | 5.4.260 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end position of ext4_free_extent, this position may be exactly where ext4_lblk_t (i.e. uint) overflows. For example, if ac_g_ex.fe_l | ||
| CVE-2023-54068 | — | >= 5.6.0, < 5.10.180 | 5.10.180 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to call f2fs_wait_on_page_writeback() in f2fs_write_raw_pages() BUG_ON() will be triggered when writing files concurrently, because the same page is writtenback multiple times. 1597 void fo | ||
| CVE-2023-54067 | — | >= 4.5.0, < 6.1.39 | 6.1.39 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting free space root from the dirty cow roots list When deleting the free space tree we are deleting the free space root from the list fs_info->dirty_cowonly_roots without taking the lo | ||
| CVE-2023-54066 | — | >= 5.5.0, < 5.10.197 | 5.10.197 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer In gl861_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be pa | ||
| CVE-2023-54065 | — | >= 5.18.0, < 6.1.23 | 6.1.23 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: realtek: fix out-of-bounds access The probe function sets priv->chip_data to (void *)priv + sizeof(*priv) with the expectation that priv has enough trailing space. However, only realtek-smi actually | ||
| CVE-2023-54064 | — | >= 5.4.0, < 5.4.257 | 5.4.257 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function ca |
- CVE-2023-54084Dec 24, 2025affected >= 5.4.0, < 5.4.244fixed 5.4.244
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if init_stream() failed, but it instead freed dg00x->rx_stream and returned success. This potentially lead
- CVE-2023-54083Dec 24, 2025affected >= 5.7.0, < 5.10.188fixed 5.10.188
In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy th
- CVE-2023-54081Dec 24, 2025affected >= 3.5.0, < 6.1.43fixed 6.1.43
In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols ex
- CVE-2023-54080Dec 24, 2025affected >= 6.5.0, < 6.5.3fixed 6.5.3
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: skip splitting and logical rewriting on pre-alloc write When doing a relocation, there is a chance that at the time of btrfs_reloc_clone_csums(), there is no checksum for the corresponding region.
- CVE-2023-54079Dec 24, 2025affected >= 3.3.0, < 4.14.316fixed 4.14.316
In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx: Fix poll_interval handling and races on remove Before this patch bq27xxx_battery_teardown() was setting poll_interval = 0 to avoid bq27xxx_battery_update() requeuing the delayed_work ite
- CVE-2023-54078Dec 24, 2025affected >= 5.9.0, < 5.10.180fixed 5.10.180
In the Linux kernel, the following vulnerability has been resolved: media: max9286: Free control handler The control handler is leaked in some probe-time error paths, as well as in the remove path. Fix it.
- CVE-2023-54077Dec 24, 2025affected >= 5.15.0, < 5.15.111fixed 5.15.111
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak if ntfs_read_mft failed Label ATTR_ROOT in ntfs_read_mft() sets is_root = true and ni->ni_flags |= NI_FLAG_DIR, then next attr will goto label ATTR_ALLOC and alloc ni->dir.alloc_run. H
- CVE-2023-54076Dec 24, 2025affected >= 6.4.0, < 6.4.7fixed 6.4.7
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifs_smb_ses_inc_refcount() helper to get an active reference of @ses and @ses->dfs_root_ses (if set). This will prevent @ses->dfs_root_ses of being put in the n
- CVE-2023-54075Dec 24, 2025affected >= 6.3.0, < 6.3.2fixed 6.3.2
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parse_dai_link_info Add missing of_node_put()s before the returns to balance of_node_get()s and of_node_put()s, which may get unbalanced in case the for loop 'for_ea
- CVE-2023-54074Dec 24, 2025affected >= 5.18.0, < 6.1.31fixed 6.1.31
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use correct encap attribute during invalidation With introduction of post action infrastructure most of the users of encap attribute had been modified in order to obtain the correct attribute by call
- CVE-2023-54073Dec 24, 2025affected >= 6.1.0, < 6.1.28fixed 6.1.28
In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site The following crash was reported: [ 1950.279393] list_del corruption, ffff99560d485790->next is NULL [ 1950.279400] ------------[ cut he
- CVE-2023-54072Dec 24, 2025affected >= 5.6.0, < 5.10.193fixed 5.10.193
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper l
- CVE-2023-54071Dec 24, 2025affected >= 5.19.0, < 6.1.30fixed 6.1.30
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: use work to update rate to avoid RCU warning The ieee80211_ops::sta_rc_update must be atomic, because ieee80211_chan_bw_change() holds rcu_read lock while calling drv_sta_rc_update(), so create a w
- CVE-2023-54070Dec 24, 2025affected >= 6.3.0, < 6.5.4fixed 6.5.4
In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 ("igb: Enable SR-IOV after reinit"), removing the igb module could hang or crash (depending on the machine) when the module has be
- CVE-2023-54069Dec 24, 2025affected < 5.4.260fixed 5.4.260
In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end position of ext4_free_extent, this position may be exactly where ext4_lblk_t (i.e. uint) overflows. For example, if ac_g_ex.fe_l
- CVE-2023-54068Dec 24, 2025affected >= 5.6.0, < 5.10.180fixed 5.10.180
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to call f2fs_wait_on_page_writeback() in f2fs_write_raw_pages() BUG_ON() will be triggered when writing files concurrently, because the same page is writtenback multiple times. 1597 void fo
- CVE-2023-54067Dec 24, 2025affected >= 4.5.0, < 6.1.39fixed 6.1.39
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting free space root from the dirty cow roots list When deleting the free space tree we are deleting the free space root from the list fs_info->dirty_cowonly_roots without taking the lo
- CVE-2023-54066Dec 24, 2025affected >= 5.5.0, < 5.10.197fixed 5.10.197
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer In gl861_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be pa
- CVE-2023-54065Dec 24, 2025affected >= 5.18.0, < 6.1.23fixed 6.1.23
In the Linux kernel, the following vulnerability has been resolved: net: dsa: realtek: fix out-of-bounds access The probe function sets priv->chip_data to (void *)priv + sizeof(*priv) with the expectation that priv has enough trailing space. However, only realtek-smi actually
- CVE-2023-54064Dec 24, 2025affected >= 5.4.0, < 5.4.257fixed 5.4.257
In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function ca
Page 38 of 88