{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/vdpa/vdpa_user/vduse_dev.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f9d46429de2a251e1e4962e1bf86c344d6336562",
              "status": "affected",
              "version": "28f6288eb63d5979fa6758e64f52e4d55cf184a8",
              "versionType": "git"
            },
            {
              "lessThan": "f06cf1e1a503169280467d12d2ec89bf2c30ace7",
              "status": "affected",
              "version": "28f6288eb63d5979fa6758e64f52e4d55cf184a8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/vdpa/vdpa_user/vduse_dev.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "lessThan": "6.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.4",
                  "versionStartIncluding": "6.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "6.4",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvduse: fix NULL pointer dereference\n\nvduse_vdpa_set_vq_affinity callback can be called\nwith NULL value as cpu_mask when deleting the vduse\ndevice.\n\nThis patch resets virtqueue\u0027s IRQ affinity mask value\nto set all CPUs instead of dereferencing NULL cpu_mask.\n\n[ 4760.952149] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 4760.959110] #PF: supervisor read access in kernel mode\n[ 4760.964247] #PF: error_code(0x0000) - not-present page\n[ 4760.969385] PGD 0 P4D 0\n[ 4760.971927] Oops: 0000 [#1] PREEMPT SMP PTI\n[ 4760.976112] CPU: 13 PID: 2346 Comm: vdpa Not tainted 6.4.0-rc6+ #4\n[ 4760.982291] Hardware name: Dell Inc. PowerEdge R640/0W23H8, BIOS 2.8.1 06/26/2020\n[ 4760.989769] RIP: 0010:memcpy_orig+0xc5/0x130\n[ 4760.994049] Code: 16 f8 4c 89 07 4c 89 4f 08 4c 89 54 17 f0 4c 89 5c 17 f8 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 fa 08 72 1b \u003c4c\u003e 8b 06 4c 8b 4c 16 f8 4c 89 07 4c 89 4c 17 f8 c3 cc cc cc cc 66\n[ 4761.012793] RSP: 0018:ffffb1d565abb830 EFLAGS: 00010246\n[ 4761.018020] RAX: ffff9f4bf6b27898 RBX: ffff9f4be23969c0 RCX: ffff9f4bcadf6400\n[ 4761.025152] RDX: 0000000000000008 RSI: 0000000000000000 RDI: ffff9f4bf6b27898\n[ 4761.032286] RBP: 0000000000000000 R08: 0000000000000008 R09: 0000000000000000\n[ 4761.039416] R10: 0000000000000000 R11: 0000000000000600 R12: 0000000000000000\n[ 4761.046549] R13: 0000000000000000 R14: 0000000000000080 R15: ffffb1d565abbb10\n[ 4761.053680] FS:  00007f64c2ec2740(0000) GS:ffff9f635f980000(0000) knlGS:0000000000000000\n[ 4761.061765] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4761.067513] CR2: 0000000000000000 CR3: 0000001875270006 CR4: 00000000007706e0\n[ 4761.074645] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4761.081775] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4761.088909] PKRU: 55555554\n[ 4761.091620] Call Trace:\n[ 4761.094074]  \u003cTASK\u003e\n[ 4761.096180]  ? __die+0x1f/0x70\n[ 4761.099238]  ? page_fault_oops+0x171/0x4f0\n[ 4761.103340]  ? exc_page_fault+0x7b/0x180\n[ 4761.107265]  ? asm_exc_page_fault+0x22/0x30\n[ 4761.111460]  ? memcpy_orig+0xc5/0x130\n[ 4761.115126]  vduse_vdpa_set_vq_affinity+0x3e/0x50 [vduse]\n[ 4761.120533]  virtnet_clean_affinity.part.0+0x3d/0x90 [virtio_net]\n[ 4761.126635]  remove_vq_common+0x1a4/0x250 [virtio_net]\n[ 4761.131781]  virtnet_remove+0x5d/0x70 [virtio_net]\n[ 4761.136580]  virtio_dev_remove+0x3a/0x90\n[ 4761.140509]  device_release_driver_internal+0x19b/0x200\n[ 4761.145742]  bus_remove_device+0xc2/0x130\n[ 4761.149755]  device_del+0x158/0x3e0\n[ 4761.153245]  ? kernfs_find_ns+0x35/0xc0\n[ 4761.157086]  device_unregister+0x13/0x60\n[ 4761.161010]  unregister_virtio_device+0x11/0x20\n[ 4761.165543]  device_release_driver_internal+0x19b/0x200\n[ 4761.170770]  bus_remove_device+0xc2/0x130\n[ 4761.174782]  device_del+0x158/0x3e0\n[ 4761.178276]  ? __pfx_vdpa_name_match+0x10/0x10 [vdpa]\n[ 4761.183336]  device_unregister+0x13/0x60\n[ 4761.187260]  vdpa_nl_cmd_dev_del_set_doit+0x63/0xe0 [vdpa]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:29.754Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f9d46429de2a251e1e4962e1bf86c344d6336562"
        },
        {
          "url": "https://git.kernel.org/stable/c/f06cf1e1a503169280467d12d2ec89bf2c30ace7"
        }
      ],
      "title": "vduse: fix NULL pointer dereference",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54291",
    "datePublished": "2025-12-30T12:23:29.754Z",
    "dateReserved": "2025-12-30T12:06:44.527Z",
    "dateUpdated": "2025-12-30T12:23:29.754Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sched/cls_flower.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "253a3a324e0ebc2825de76a0f5f17b8383b2023d",
              "status": "affected",
              "version": "08a0063df3aed8d76a4034279117db12dbc1050f",
              "versionType": "git"
            },
            {
              "lessThan": "dd4f6bbfa646f258e5bcdfac57a5c413d687f588",
              "status": "affected",
              "version": "08a0063df3aed8d76a4034279117db12dbc1050f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sched/cls_flower.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.3",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: flower: fix filter idr initialization\n\nThe cited commit moved idr initialization too early in fl_change() which\nallows concurrent users to access the filter that is still being\ninitialized and is in inconsistent state, which, in turn, can cause NULL\npointer dereference [0]. Since there is no obvious way to fix the ordering\nwithout reverting the whole cited commit, alternative approach taken to\nfirst insert NULL pointer into idr in order to allocate the handle but\nstill cause fl_get() to return NULL and prevent concurrent users from\nseeing the filter while providing miss-to-action infrastructure with valid\nhandle id early in fl_change().\n\n[  152.434728] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN\n[  152.436163] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n[  152.437269] CPU: 4 PID: 3877 Comm: tc Not tainted 6.3.0-rc4+ #5\n[  152.438110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[  152.439644] RIP: 0010:fl_dump_key+0x8b/0x1d10 [cls_flower]\n[  152.440461] Code: 01 f2 02 f2 c7 40 08 04 f2 04 f2 c7 40 0c 04 f3 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 84 24 00 01 00 00 48 89 c8 48 c1 e8 03 \u003c0f\u003e b6 04 10 84 c0 74 08 3c 03 0f 8e 98 19 00 00 8b 13 85 d2 74 57\n[  152.442885] RSP: 0018:ffff88817a28f158 EFLAGS: 00010246\n[  152.443851] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[  152.444826] RDX: dffffc0000000000 RSI: ffffffff8500ae80 RDI: ffff88810a987900\n[  152.445791] RBP: ffff888179d88240 R08: ffff888179d8845c R09: ffff888179d88240\n[  152.446780] R10: ffffed102f451e48 R11: 00000000fffffff2 R12: ffff88810a987900\n[  152.447741] R13: ffffffff8500ae80 R14: ffff88810a987900 R15: ffff888149b3c738\n[  152.448756] FS:  00007f5eb2a34800(0000) GS:ffff88881ec00000(0000) knlGS:0000000000000000\n[  152.449888] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  152.450685] CR2: 000000000046ad19 CR3: 000000010b0bd006 CR4: 0000000000370ea0\n[  152.451641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[  152.452628] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[  152.453588] Call Trace:\n[  152.454032]  \u003cTASK\u003e\n[  152.454447]  ? netlink_sendmsg+0x7a1/0xcb0\n[  152.455109]  ? sock_sendmsg+0xc5/0x190\n[  152.455689]  ? ____sys_sendmsg+0x535/0x6b0\n[  152.456320]  ? ___sys_sendmsg+0xeb/0x170\n[  152.456916]  ? do_syscall_64+0x3d/0x90\n[  152.457529]  ? entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[  152.458321]  ? ___sys_sendmsg+0xeb/0x170\n[  152.458958]  ? __sys_sendmsg+0xb5/0x140\n[  152.459564]  ? do_syscall_64+0x3d/0x90\n[  152.460122]  ? entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[  152.460852]  ? fl_dump_key_options.part.0+0xea0/0xea0 [cls_flower]\n[  152.461710]  ? _raw_spin_lock+0x7a/0xd0\n[  152.462299]  ? _raw_read_lock_irq+0x30/0x30\n[  152.462924]  ? nla_put+0x15e/0x1c0\n[  152.463480]  fl_dump+0x228/0x650 [cls_flower]\n[  152.464112]  ? fl_tmplt_dump+0x210/0x210 [cls_flower]\n[  152.464854]  ? __kmem_cache_alloc_node+0x1a7/0x330\n[  152.465592]  ? nla_put+0x15e/0x1c0\n[  152.466160]  tcf_fill_node+0x515/0x9a0\n[  152.466766]  ? tc_setup_offload_action+0xf0/0xf0\n[  152.467463]  ? __alloc_skb+0x13c/0x2a0\n[  152.468067]  ? __build_skb_around+0x330/0x330\n[  152.468814]  ? fl_get+0x107/0x1a0 [cls_flower]\n[  152.469503]  tc_del_tfilter+0x718/0x1330\n[  152.470115]  ? is_bpf_text_address+0xa/0x20\n[  152.470765]  ? tc_ctl_chain+0xee0/0xee0\n[  152.471335]  ? __kernel_text_address+0xe/0x30\n[  152.471948]  ? unwind_get_return_address+0x56/0xa0\n[  152.472639]  ? __thaw_task+0x150/0x150\n[  152.473218]  ? arch_stack_walk+0x98/0xf0\n[  152.473839]  ? __stack_depot_save+0x35/0x4c0\n[  152.474501]  ? stack_trace_save+0x91/0xc0\n[  152.475119]  ? security_capable+0x51/0x90\n[  152.475741]  rtnetlink_rcv_msg+0x2c1/0x9d0\n[  152.476387]  ? rtnl_calcit.isra.0+0x2b0/0x2b0\n[  152.477042]\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:11:05.945Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/253a3a324e0ebc2825de76a0f5f17b8383b2023d"
        },
        {
          "url": "https://git.kernel.org/stable/c/dd4f6bbfa646f258e5bcdfac57a5c413d687f588"
        }
      ],
      "title": "net/sched: flower: fix filter idr initialization",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54206",
    "datePublished": "2025-12-30T12:11:05.945Z",
    "dateReserved": "2025-12-30T12:06:44.499Z",
    "dateUpdated": "2025-12-30T12:11:05.945Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en/xsk/rx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "58a113a35846d9a5bd759beb332e551e28451f09",
              "status": "affected",
              "version": "cbb5379362513cbff450df0457dc370da7244bec",
              "versionType": "git"
            },
            {
              "lessThan": "e0f52298fee449fec37e3e3c32df60008b509b16",
              "status": "affected",
              "version": "7abd955a58fb0fcd4e756fa2065c03ae488fcfa7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en/xsk/rx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6.4.10",
              "status": "affected",
              "version": "6.4.5",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.10",
                  "versionStartIncluding": "6.4.5",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: xsk: Fix invalid buffer access for legacy rq\n\nThe below crash can be encountered when using xdpsock in rx mode for\nlegacy rq: the buffer gets released in the XDP_REDIRECT path, and then\nonce again in the driver. This fix sets the flag to avoid releasing on\nthe driver side.\n\nXSK handling of buffers for legacy rq was relying on the caller to set\nthe skip release flag. But the referenced fix started using fragment\ncounts for pages instead of the skip flag.\n\nCrash log:\n general protection fault, probably for non-canonical address 0xffff8881217e3a: 0000 [#1] SMP\n CPU: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 6.5.0-rc1+ #31\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:bpf_prog_03b13f331978c78c+0xf/0x28\n Code:  ...\n RSP: 0018:ffff88810082fc98 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff888138404901 RCX: c0ffffc900027cbc\n RDX: ffffffffa000b514 RSI: 00ffff8881217e32 RDI: ffff888138404901\n RBP: ffff88810082fc98 R08: 0000000000091100 R09: 0000000000000006\n R10: 0000000000000800 R11: 0000000000000800 R12: ffffc9000027a000\n R13: ffff8881217e2dc0 R14: ffff8881217e2910 R15: ffff8881217e2f00\n FS:  0000000000000000(0000) GS:ffff88852c800000(0000) knlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000564cb2e2cde0 CR3: 000000010e603004 CR4: 0000000000370eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n  \u003cTASK\u003e\n  ? die_addr+0x32/0x80\n  ? exc_general_protection+0x192/0x390\n  ? asm_exc_general_protection+0x22/0x30\n  ? 0xffffffffa000b514\n  ? bpf_prog_03b13f331978c78c+0xf/0x28\n  mlx5e_xdp_handle+0x48/0x670 [mlx5_core]\n  ? dev_gro_receive+0x3b5/0x6e0\n  mlx5e_xsk_skb_from_cqe_linear+0x6e/0x90 [mlx5_core]\n  mlx5e_handle_rx_cqe+0x55/0x100 [mlx5_core]\n  mlx5e_poll_rx_cq+0x87/0x6e0 [mlx5_core]\n  mlx5e_napi_poll+0x45e/0x6b0 [mlx5_core]\n  __napi_poll+0x25/0x1a0\n  net_rx_action+0x28a/0x300\n  __do_softirq+0xcd/0x279\n  ? sort_range+0x20/0x20\n  run_ksoftirqd+0x1a/0x20\n  smpboot_thread_fn+0xa2/0x130\n  kthread+0xc9/0xf0\n  ? kthread_complete_and_exit+0x20/0x20\n  ret_from_fork+0x1f/0x30\n  \u003c/TASK\u003e\n Modules linked in: mlx5_ib mlx5_core rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm ib_uverbs ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter overlay zram zsmalloc fuse [last unloaded: mlx5_core]\n ---[ end trace 0000000000000000 ]---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:11:17.389Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/58a113a35846d9a5bd759beb332e551e28451f09"
        },
        {
          "url": "https://git.kernel.org/stable/c/e0f52298fee449fec37e3e3c32df60008b509b16"
        }
      ],
      "title": "net/mlx5e: xsk: Fix invalid buffer access for legacy rq",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54223",
    "datePublished": "2025-12-30T12:11:17.389Z",
    "dateReserved": "2025-12-30T12:06:44.501Z",
    "dateUpdated": "2025-12-30T12:11:17.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/host/via-sdmmc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "076bcd2c93e16b05c10564e299d6e5d26a766d00",
              "status": "affected",
              "version": "f0bf7f61b8405224bc52fc9a3ccd167a68126e00",
              "versionType": "git"
            },
            {
              "lessThan": "12b8e81b77c05c658efd9cde3585bbd65ae39b59",
              "status": "affected",
              "version": "f0bf7f61b8405224bc52fc9a3ccd167a68126e00",
              "versionType": "git"
            },
            {
              "lessThan": "95025a8dd0ec015872f6c16473fe04d6264e68ca",
              "status": "affected",
              "version": "f0bf7f61b8405224bc52fc9a3ccd167a68126e00",
              "versionType": "git"
            },
            {
              "lessThan": "f59ef2a47a228e51322ad76752a55a8917c56e38",
              "status": "affected",
              "version": "f0bf7f61b8405224bc52fc9a3ccd167a68126e00",
              "versionType": "git"
            },
            {
              "lessThan": "63400da6cd37a9793c19bb6aed7131b58b975a04",
              "status": "affected",
              "version": "f0bf7f61b8405224bc52fc9a3ccd167a68126e00",
              "versionType": "git"
            },
            {
              "lessThan": "0959cc1685eb19774300d43ef25e318b457b156b",
              "status": "affected",
              "version": "f0bf7f61b8405224bc52fc9a3ccd167a68126e00",
              "versionType": "git"
            },
            {
              "lessThan": "0ec94795114edc7e24ec71849dce42bfa61dafa3",
              "status": "affected",
              "version": "f0bf7f61b8405224bc52fc9a3ccd167a68126e00",
              "versionType": "git"
            },
            {
              "lessThan": "ba91b413983a9235792523c6b9f7ba2586c4d75d",
              "status": "affected",
              "version": "f0bf7f61b8405224bc52fc9a3ccd167a68126e00",
              "versionType": "git"
            },
            {
              "lessThan": "e4e46fb61e3bb4628170810d3f2b996b709b90d9",
              "status": "affected",
              "version": "f0bf7f61b8405224bc52fc9a3ccd167a68126e00",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/host/via-sdmmc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.31"
            },
            {
              "lessThan": "2.6.31",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.337",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.303",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.270",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.229",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.163",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.86",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.337",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.303",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.270",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.229",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.163",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.86",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.16",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.2",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: via-sdmmc: fix return value check of mmc_add_host()\n\nmmc_add_host() may return error, if we ignore its return value,\nit will lead two issues:\n1. The memory that allocated in mmc_alloc_host() is leaked.\n2. In the remove() path, mmc_remove_host() will be called to\n   delete device, but it\u0027s not added yet, it will lead a kernel\n   crash because of null-ptr-deref in device_del().\n\nFix this by checking the return value and goto error path which\nwill call mmc_free_host()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:11:03.286Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/076bcd2c93e16b05c10564e299d6e5d26a766d00"
        },
        {
          "url": "https://git.kernel.org/stable/c/12b8e81b77c05c658efd9cde3585bbd65ae39b59"
        },
        {
          "url": "https://git.kernel.org/stable/c/95025a8dd0ec015872f6c16473fe04d6264e68ca"
        },
        {
          "url": "https://git.kernel.org/stable/c/f59ef2a47a228e51322ad76752a55a8917c56e38"
        },
        {
          "url": "https://git.kernel.org/stable/c/63400da6cd37a9793c19bb6aed7131b58b975a04"
        },
        {
          "url": "https://git.kernel.org/stable/c/0959cc1685eb19774300d43ef25e318b457b156b"
        },
        {
          "url": "https://git.kernel.org/stable/c/0ec94795114edc7e24ec71849dce42bfa61dafa3"
        },
        {
          "url": "https://git.kernel.org/stable/c/ba91b413983a9235792523c6b9f7ba2586c4d75d"
        },
        {
          "url": "https://git.kernel.org/stable/c/e4e46fb61e3bb4628170810d3f2b996b709b90d9"
        }
      ],
      "title": "mmc: via-sdmmc: fix return value check of mmc_add_host()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50846",
    "datePublished": "2025-12-30T12:11:03.286Z",
    "dateReserved": "2025-12-30T12:06:07.134Z",
    "dateUpdated": "2025-12-30T12:11:03.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/adreno/adreno_gpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "65a8b6d129cfcf63a2b8a36a63d275479ba6a217",
              "status": "affected",
              "version": "594726c93841c9e6182d3af540c6f317464bc23d",
              "versionType": "git"
            },
            {
              "lessThan": "b26bd7791f3cdf3c3318162b1d40c9d1910facca",
              "status": "affected",
              "version": "17e822f7591fb66162aca07685dc0b01468e5480",
              "versionType": "git"
            },
            {
              "lessThan": "399d01375659c273fb6ad9ccfb6e92bc5b891e0d",
              "status": "affected",
              "version": "17e822f7591fb66162aca07685dc0b01468e5480",
              "versionType": "git"
            },
            {
              "lessThan": "7af606b9eb11d6cdf767cabbddc326e20d0d4702",
              "status": "affected",
              "version": "17e822f7591fb66162aca07685dc0b01468e5480",
              "versionType": "git"
            },
            {
              "lessThan": "5fef23c1c0edceb44d16e64e7818f27d48b5bc38",
              "status": "affected",
              "version": "17e822f7591fb66162aca07685dc0b01468e5480",
              "versionType": "git"
            },
            {
              "lessThan": "dbeedbcb268d055d8895aceca427f897e12c2b50",
              "status": "affected",
              "version": "17e822f7591fb66162aca07685dc0b01468e5480",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/adreno/adreno_gpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.173",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.99",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.3",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.173",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.99",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.16",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.3",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()\n\nFix the below kernel panic due to null pointer access:\n[   18.504431] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000048\n[   18.513464] Mem abort info:\n[   18.516346]   ESR = 0x0000000096000005\n[   18.520204]   EC = 0x25: DABT (current EL), IL = 32 bits\n[   18.525706]   SET = 0, FnV = 0\n[   18.528878]   EA = 0, S1PTW = 0\n[   18.532117]   FSC = 0x05: level 1 translation fault\n[   18.537138] Data abort info:\n[   18.540110]   ISV = 0, ISS = 0x00000005\n[   18.544060]   CM = 0, WnR = 0\n[   18.547109] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000112826000\n[   18.553738] [0000000000000048] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[   18.562690] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n**Snip**\n[   18.696758] Call trace:\n[   18.699278]  adreno_gpu_cleanup+0x30/0x88\n[   18.703396]  a6xx_destroy+0xc0/0x130\n[   18.707066]  a6xx_gpu_init+0x308/0x424\n[   18.710921]  adreno_bind+0x178/0x288\n[   18.714590]  component_bind_all+0xe0/0x214\n[   18.718797]  msm_drm_bind+0x1d4/0x614\n[   18.722566]  try_to_bring_up_aggregate_device+0x16c/0x1b8\n[   18.728105]  __component_add+0xa0/0x158\n[   18.732048]  component_add+0x20/0x2c\n[   18.735719]  adreno_probe+0x40/0xc0\n[   18.739300]  platform_probe+0xb4/0xd4\n[   18.743068]  really_probe+0xfc/0x284\n[   18.746738]  __driver_probe_device+0xc0/0xec\n[   18.751129]  driver_probe_device+0x48/0x110\n[   18.755421]  __device_attach_driver+0xa8/0xd0\n[   18.759900]  bus_for_each_drv+0x90/0xdc\n[   18.763843]  __device_attach+0xfc/0x174\n[   18.767786]  device_initial_probe+0x20/0x2c\n[   18.772090]  bus_probe_device+0x40/0xa0\n[   18.776032]  deferred_probe_work_func+0x94/0xd0\n[   18.780686]  process_one_work+0x190/0x3d0\n[   18.784805]  worker_thread+0x280/0x3d4\n[   18.788659]  kthread+0x104/0x1c0\n[   18.791981]  ret_from_fork+0x10/0x20\n[   18.795654] Code: f9400408 aa0003f3 aa1f03f4 91142015 (f9402516)\n[   18.801913] ---[ end trace 0000000000000000 ]---\n[   18.809039] Kernel panic - not syncing: Oops: Fatal exception\n\nPatchwork: https://patchwork.freedesktop.org/patch/515605/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:09:04.886Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/65a8b6d129cfcf63a2b8a36a63d275479ba6a217"
        },
        {
          "url": "https://git.kernel.org/stable/c/b26bd7791f3cdf3c3318162b1d40c9d1910facca"
        },
        {
          "url": "https://git.kernel.org/stable/c/399d01375659c273fb6ad9ccfb6e92bc5b891e0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/7af606b9eb11d6cdf767cabbddc326e20d0d4702"
        },
        {
          "url": "https://git.kernel.org/stable/c/5fef23c1c0edceb44d16e64e7818f27d48b5bc38"
        },
        {
          "url": "https://git.kernel.org/stable/c/dbeedbcb268d055d8895aceca427f897e12c2b50"
        }
      ],
      "title": "drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54199",
    "datePublished": "2025-12-30T12:09:04.886Z",
    "dateReserved": "2025-12-30T12:06:44.499Z",
    "dateUpdated": "2025-12-30T12:09:04.886Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b99f490ea87ebcca3a429fd8837067feb56a4c7c",
              "status": "affected",
              "version": "63fb45ddc491895c4b36664e0c2c3b548545ae93",
              "versionType": "git"
            },
            {
              "lessThan": "5ee28bcfbaacf289eb25c662a2862542ea6ce6a7",
              "status": "affected",
              "version": "1bf709b9625001eefdd41048c5f4c7544ee33394",
              "versionType": "git"
            },
            {
              "lessThan": "6b67a6d2e50634fe127e656147c81915955e9f5e",
              "status": "affected",
              "version": "3b4c15171c3ce9120c81f5564b9367d8d0f4219c",
              "versionType": "git"
            },
            {
              "lessThan": "e8f5f849ffce24490eb9449e98312b66c0dba76f",
              "status": "affected",
              "version": "da787d5b74983f7525d1eb4b9c0b4aff2821511a",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "cff7fb969edaeff2bc80c8a8f7cf7b0c8df32da7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5.15.128",
              "status": "affected",
              "version": "5.15.121",
              "versionType": "semver"
            },
            {
              "lessThan": "6.1.47",
              "status": "affected",
              "version": "6.1.39",
              "versionType": "semver"
            },
            {
              "lessThan": "6.4.12",
              "status": "affected",
              "version": "6.4.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.128",
                  "versionStartIncluding": "5.15.121",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.47",
                  "versionStartIncluding": "6.1.39",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.12",
                  "versionStartIncluding": "6.4.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.3.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential oops in cifs_oplock_break\n\nWith deferred close we can have closes that race with lease breaks,\nand so with the current checks for whether to send the lease response,\noplock_response(), this can mean that an unmount (kill_sb) can occur\njust before we were checking if the tcon-\u003eses is valid.  See below:\n\n[Fri Aug  4 04:12:50 2023] RIP: 0010:cifs_oplock_break+0x1f7/0x5b0 [cifs]\n[Fri Aug  4 04:12:50 2023] Code: 7d a8 48 8b 7d c0 c0 e9 02 48 89 45 b8 41 89 cf e8 3e f5 ff ff 4c 89 f7 41 83 e7 01 e8 82 b3 03 f2 49 8b 45 50 48 85 c0 74 5e \u003c48\u003e 83 78 60 00 74 57 45 84 ff 75 52 48 8b 43 98 48 83 eb 68 48 39\n[Fri Aug  4 04:12:50 2023] RSP: 0018:ffffb30607ddbdf8 EFLAGS: 00010206\n[Fri Aug  4 04:12:50 2023] RAX: 632d223d32612022 RBX: ffff97136944b1e0 RCX: 0000000080100009\n[Fri Aug  4 04:12:50 2023] RDX: 0000000000000001 RSI: 0000000080100009 RDI: ffff97136944b188\n[Fri Aug  4 04:12:50 2023] RBP: ffffb30607ddbe58 R08: 0000000000000001 R09: ffffffffc08e0900\n[Fri Aug  4 04:12:50 2023] R10: 0000000000000001 R11: 000000000000000f R12: ffff97136944b138\n[Fri Aug  4 04:12:50 2023] R13: ffff97149147c000 R14: ffff97136944b188 R15: 0000000000000000\n[Fri Aug  4 04:12:50 2023] FS:  0000000000000000(0000) GS:ffff9714f7c00000(0000) knlGS:0000000000000000\n[Fri Aug  4 04:12:50 2023] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[Fri Aug  4 04:12:50 2023] CR2: 00007fd8de9c7590 CR3: 000000011228e000 CR4: 0000000000350ef0\n[Fri Aug  4 04:12:50 2023] Call Trace:\n[Fri Aug  4 04:12:50 2023]  \u003cTASK\u003e\n[Fri Aug  4 04:12:50 2023]  process_one_work+0x225/0x3d0\n[Fri Aug  4 04:12:50 2023]  worker_thread+0x4d/0x3e0\n[Fri Aug  4 04:12:50 2023]  ? process_one_work+0x3d0/0x3d0\n[Fri Aug  4 04:12:50 2023]  kthread+0x12a/0x150\n[Fri Aug  4 04:12:50 2023]  ? set_kthread_struct+0x50/0x50\n[Fri Aug  4 04:12:50 2023]  ret_from_fork+0x22/0x30\n[Fri Aug  4 04:12:50 2023]  \u003c/TASK\u003e\n\nTo fix this change the ordering of the checks before sending the oplock_response\nto first check if the openFileList is empty."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:15:52.855Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b99f490ea87ebcca3a429fd8837067feb56a4c7c"
        },
        {
          "url": "https://git.kernel.org/stable/c/5ee28bcfbaacf289eb25c662a2862542ea6ce6a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/6b67a6d2e50634fe127e656147c81915955e9f5e"
        },
        {
          "url": "https://git.kernel.org/stable/c/e8f5f849ffce24490eb9449e98312b66c0dba76f"
        }
      ],
      "title": "cifs: fix potential oops in cifs_oplock_break",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54258",
    "datePublished": "2025-12-30T12:15:52.855Z",
    "dateReserved": "2025-12-30T12:06:44.516Z",
    "dateUpdated": "2025-12-30T12:15:52.855Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/mips/include/asm/kvm_host.h",
            "arch/mips/kvm/emulate.c",
            "arch/mips/kvm/mips.c",
            "arch/mips/kvm/trace.h",
            "arch/mips/kvm/vz.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cd517f9a9d07d41f4f3593b1da3982261e09d162",
              "status": "affected",
              "version": "45c7e8af4a5e3f0bea4ac209eea34118dd57ac64",
              "versionType": "git"
            },
            {
              "lessThan": "bd9cf2a5f9e1b2229ad22f21de6f6ad1a9c8858e",
              "status": "affected",
              "version": "45c7e8af4a5e3f0bea4ac209eea34118dd57ac64",
              "versionType": "git"
            },
            {
              "lessThan": "6b9fb255d53759e3ea9b30067cb55091df1caf06",
              "status": "affected",
              "version": "45c7e8af4a5e3f0bea4ac209eea34118dd57ac64",
              "versionType": "git"
            },
            {
              "lessThan": "e4de2057698636c0ee709e545d19b169d2069fa3",
              "status": "affected",
              "version": "45c7e8af4a5e3f0bea4ac209eea34118dd57ac64",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/mips/include/asm/kvm_host.h",
            "arch/mips/kvm/emulate.c",
            "arch/mips/kvm/mips.c",
            "arch/mips/kvm/trace.h",
            "arch/mips/kvm/vz.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.121",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.40",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.121",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.40",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.5",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nMIPS: KVM: Fix NULL pointer dereference\n\nAfter commit 45c7e8af4a5e3f0bea4ac209 (\"MIPS: Remove KVM_TE support\") we\nget a NULL pointer dereference when creating a KVM guest:\n\n[  146.243409] Starting KVM with MIPS VZ extensions\n[  149.849151] CPU 3 Unable to handle kernel paging request at virtual address 0000000000000300, epc == ffffffffc06356ec, ra == ffffffffc063568c\n[  149.849177] Oops[#1]:\n[  149.849182] CPU: 3 PID: 2265 Comm: qemu-system-mip Not tainted 6.4.0-rc3+ #1671\n[  149.849188] Hardware name: THTF CX TL630 Series/THTF-LS3A4000-7A1000-ML4A, BIOS KL4.1F.TF.D.166.201225.R 12/25/2020\n[  149.849192] $ 0   : 0000000000000000 000000007400cce0 0000000000400004 ffffffff8119c740\n[  149.849209] $ 4   : 000000007400cce1 000000007400cce1 0000000000000000 0000000000000000\n[  149.849221] $ 8   : 000000240058bb36 ffffffff81421ac0 0000000000000000 0000000000400dc0\n[  149.849233] $12   : 9800000102a07cc8 ffffffff80e40e38 0000000000000001 0000000000400dc0\n[  149.849245] $16   : 0000000000000000 9800000106cd0000 9800000106cd0000 9800000100cce000\n[  149.849257] $20   : ffffffffc0632b28 ffffffffc05b31b0 9800000100ccca00 0000000000400000\n[  149.849269] $24   : 9800000106cd09ce ffffffff802f69d0\n[  149.849281] $28   : 9800000102a04000 9800000102a07cd0 98000001106a8000 ffffffffc063568c\n[  149.849293] Hi    : 00000335b2111e66\n[  149.849295] Lo    : 6668d90061ae0ae9\n[  149.849298] epc   : ffffffffc06356ec kvm_vz_vcpu_setup+0xc4/0x328 [kvm]\n[  149.849324] ra    : ffffffffc063568c kvm_vz_vcpu_setup+0x64/0x328 [kvm]\n[  149.849336] Status: 7400cce3 KX SX UX KERNEL EXL IE\n[  149.849351] Cause : 1000000c (ExcCode 03)\n[  149.849354] BadVA : 0000000000000300\n[  149.849357] PrId  : 0014c004 (ICT Loongson-3)\n[  149.849360] Modules linked in: kvm nfnetlink_queue nfnetlink_log nfnetlink fuse sha256_generic libsha256 cfg80211 rfkill binfmt_misc vfat fat snd_hda_codec_hdmi input_leds led_class snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_hda_core snd_pcm snd_timer snd serio_raw xhci_pci radeon drm_suballoc_helper drm_display_helper xhci_hcd ip_tables x_tables\n[  149.849432] Process qemu-system-mip (pid: 2265, threadinfo=00000000ae2982d2, task=0000000038e09ad4, tls=000000ffeba16030)\n[  149.849439] Stack : 9800000000000003 9800000100ccca00 9800000100ccc000 ffffffffc062cef4\n[  149.849453]         9800000102a07d18 c89b63a7ab338e00 0000000000000000 ffffffff811a0000\n[  149.849465]         0000000000000000 9800000106cd0000 ffffffff80e59938 98000001106a8920\n[  149.849476]         ffffffff80e57f30 ffffffffc062854c ffffffff811a0000 9800000102bf4240\n[  149.849488]         ffffffffc05b0000 ffffffff80e3a798 000000ff78000000 000000ff78000010\n[  149.849500]         0000000000000255 98000001021f7de0 98000001023f0078 ffffffff81434000\n[  149.849511]         0000000000000000 0000000000000000 9800000102ae0000 980000025e92ae28\n[  149.849523]         0000000000000000 c89b63a7ab338e00 0000000000000001 ffffffff8119dce0\n[  149.849535]         000000ff78000010 ffffffff804f3d3c 9800000102a07eb0 0000000000000255\n[  149.849546]         0000000000000000 ffffffff8049460c 000000ff78000010 0000000000000255\n[  149.849558]         ...\n[  149.849565] Call Trace:\n[  149.849567] [\u003cffffffffc06356ec\u003e] kvm_vz_vcpu_setup+0xc4/0x328 [kvm]\n[  149.849586] [\u003cffffffffc062cef4\u003e] kvm_arch_vcpu_create+0x184/0x228 [kvm]\n[  149.849605] [\u003cffffffffc062854c\u003e] kvm_vm_ioctl+0x64c/0xf28 [kvm]\n[  149.849623] [\u003cffffffff805209c0\u003e] sys_ioctl+0xc8/0x118\n[  149.849631] [\u003cffffffff80219eb0\u003e] syscall_common+0x34/0x58\n\nThe root cause is the deletion of kvm_mips_commpage_init() leaves vcpu\n-\u003earch.cop0 NULL. So fix it by making cop0 from a pointer to an embedded\nobject."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:11:29.726Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cd517f9a9d07d41f4f3593b1da3982261e09d162"
        },
        {
          "url": "https://git.kernel.org/stable/c/bd9cf2a5f9e1b2229ad22f21de6f6ad1a9c8858e"
        },
        {
          "url": "https://git.kernel.org/stable/c/6b9fb255d53759e3ea9b30067cb55091df1caf06"
        },
        {
          "url": "https://git.kernel.org/stable/c/e4de2057698636c0ee709e545d19b169d2069fa3"
        }
      ],
      "title": "MIPS: KVM: Fix NULL pointer dereference",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54241",
    "datePublished": "2025-12-30T12:11:29.726Z",
    "dateReserved": "2025-12-30T12:06:44.509Z",
    "dateUpdated": "2025-12-30T12:11:29.726Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/doe.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d96799ee3b78962c80e4b6653734f488f999ca09",
              "status": "affected",
              "version": "2a0e0f4773fe8032fb17e56f897bee32ce3cdc2b",
              "versionType": "git"
            },
            {
              "lessThan": "c4f9c0a3a6df143f2e1092823b7fa9e07d6ab57f",
              "status": "affected",
              "version": "abf04be0e7071f2bcd39bf97ba407e7d4439785e",
              "versionType": "git"
            },
            {
              "lessThan": "19cf3ba16dcc2ef059dcf010072d4f96d76486e0",
              "status": "affected",
              "version": "abf04be0e7071f2bcd39bf97ba407e7d4439785e",
              "versionType": "git"
            },
            {
              "lessThan": "e3a3a097eaebaf234a482b4d2f9f18fe989208c1",
              "status": "affected",
              "version": "abf04be0e7071f2bcd39bf97ba407e7d4439785e",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "95628b830952943631d3d74f73f431f501c5d6f5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/doe.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.53",
                  "versionStartIncluding": "6.1.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.16",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.3",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.2.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/DOE: Fix destroy_work_on_stack() race\n\nThe following debug object splat was observed in testing:\n\n  ODEBUG: free active (active state 0) object: 0000000097d23782 object type: work_struct hint: doe_statemachine_work+0x0/0x510\n  WARNING: CPU: 1 PID: 71 at lib/debugobjects.c:514 debug_print_object+0x7d/0xb0\n  ...\n  Workqueue: pci 0000:36:00.0 DOE [1 doe_statemachine_work\n  RIP: 0010:debug_print_object+0x7d/0xb0\n  ...\n  Call Trace:\n   ? debug_print_object+0x7d/0xb0\n   ? __pfx_doe_statemachine_work+0x10/0x10\n   debug_object_free.part.0+0x11b/0x150\n   doe_statemachine_work+0x45e/0x510\n   process_one_work+0x1d4/0x3c0\n\nThis occurs because destroy_work_on_stack() was called after signaling\nthe completion in the calling thread.  This creates a race between\ndestroy_work_on_stack() and the task-\u003ework struct going out of scope in\npci_doe().\n\nSignal the work complete after destroying the work struct.  This is safe\nbecause signal_task_complete() is the final thing the work item does and\nthe workqueue code is careful not to access the work struct after."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:11:25.688Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d96799ee3b78962c80e4b6653734f488f999ca09"
        },
        {
          "url": "https://git.kernel.org/stable/c/c4f9c0a3a6df143f2e1092823b7fa9e07d6ab57f"
        },
        {
          "url": "https://git.kernel.org/stable/c/19cf3ba16dcc2ef059dcf010072d4f96d76486e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/e3a3a097eaebaf234a482b4d2f9f18fe989208c1"
        }
      ],
      "title": "PCI/DOE: Fix destroy_work_on_stack() race",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54235",
    "datePublished": "2025-12-30T12:11:25.688Z",
    "dateReserved": "2025-12-30T12:06:44.508Z",
    "dateUpdated": "2025-12-30T12:11:25.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/realtek/rtw89/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d4b4f6ff8ff1b87d25977423cf38fb61744d0023",
              "status": "affected",
              "version": "fc5f311fce742d906294360e378c1df631d2d692",
              "versionType": "git"
            },
            {
              "lessThan": "216c59b66f2d0c428a4fdaa24dc28cd6be4a2bf6",
              "status": "affected",
              "version": "fc5f311fce742d906294360e378c1df631d2d692",
              "versionType": "git"
            },
            {
              "lessThan": "eae672f386049146058b9e5d3d33e9e4af9dca1d",
              "status": "affected",
              "version": "fc5f311fce742d906294360e378c1df631d2d692",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/realtek/rtw89/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.19.*",
              "status": "unaffected",
              "version": "5.19.17",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19.17",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.3",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: free unused skb to prevent memory leak\n\nThis avoid potential memory leak under power saving mode."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-02T15:05:02.337Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d4b4f6ff8ff1b87d25977423cf38fb61744d0023"
        },
        {
          "url": "https://git.kernel.org/stable/c/216c59b66f2d0c428a4fdaa24dc28cd6be4a2bf6"
        },
        {
          "url": "https://git.kernel.org/stable/c/eae672f386049146058b9e5d3d33e9e4af9dca1d"
        }
      ],
      "title": "wifi: rtw89: free unused skb to prevent memory leak",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50863",
    "datePublished": "2025-12-30T12:15:35.834Z",
    "dateReserved": "2025-12-30T12:06:07.135Z",
    "dateUpdated": "2026-01-02T15:05:02.337Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/erdma/erdma_verbs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8372207b009d6abdd60bb05624640bd86386599f",
              "status": "affected",
              "version": "155055771704f8cbb5c176a4309b7dc30a50450c",
              "versionType": "git"
            },
            {
              "lessThan": "410f0f46ffca4d0102470c1e0c747ecfece4204c",
              "status": "affected",
              "version": "155055771704f8cbb5c176a4309b7dc30a50450c",
              "versionType": "git"
            },
            {
              "lessThan": "ee84146c05ad2316b9a7222d0ec4413e0bf30eeb",
              "status": "affected",
              "version": "155055771704f8cbb5c176a4309b7dc30a50450c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/erdma/erdma_verbs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.3",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.16",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.3",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/erdma: Fix refcount leak in erdma_mmap\n\nrdma_user_mmap_entry_get() take reference, we should release it when not\nneed anymore, add the missing rdma_user_mmap_entry_put() in the error\npath to fix it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:15.388Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8372207b009d6abdd60bb05624640bd86386599f"
        },
        {
          "url": "https://git.kernel.org/stable/c/410f0f46ffca4d0102470c1e0c747ecfece4204c"
        },
        {
          "url": "https://git.kernel.org/stable/c/ee84146c05ad2316b9a7222d0ec4413e0bf30eeb"
        }
      ],
      "title": "RDMA/erdma: Fix refcount leak in erdma_mmap",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50874",
    "datePublished": "2025-12-30T12:23:15.388Z",
    "dateReserved": "2025-12-30T12:06:07.137Z",
    "dateUpdated": "2025-12-30T12:23:15.388Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/uvc/uvc_driver.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6c5da92103bddd1f0c36cb69446ff7cae3043986",
              "status": "affected",
              "version": "2886477ff98740cc3333cf785e4de0b1ff3d7a28",
              "versionType": "git"
            },
            {
              "lessThan": "deb8f32ae4b10a48c433f2da1b1159521ac24674",
              "status": "affected",
              "version": "2886477ff98740cc3333cf785e4de0b1ff3d7a28",
              "versionType": "git"
            },
            {
              "lessThan": "4a7ae8d982a89b3b43b36ec7d62a2e3d06ffa16e",
              "status": "affected",
              "version": "2886477ff98740cc3333cf785e4de0b1ff3d7a28",
              "versionType": "git"
            },
            {
              "lessThan": "f0f078457f18f10696888f8d0e6aba9deb9cde92",
              "status": "affected",
              "version": "2886477ff98740cc3333cf785e4de0b1ff3d7a28",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/uvc/uvc_driver.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.19.*",
              "status": "unaffected",
              "version": "5.19.17",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.75",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19.17",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.3",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix memory leak in uvc_gpio_parse\n\nPreviously the unit buffer was allocated before checking the IRQ for\nprivacy GPIO. In case of error, the unit buffer was leaked.\n\nAllocate the unit buffer after the IRQ to avoid it.\n\nAddresses-Coverity-ID: 1474639 (\"Resource leak\")"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:21.019Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6c5da92103bddd1f0c36cb69446ff7cae3043986"
        },
        {
          "url": "https://git.kernel.org/stable/c/deb8f32ae4b10a48c433f2da1b1159521ac24674"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a7ae8d982a89b3b43b36ec7d62a2e3d06ffa16e"
        },
        {
          "url": "https://git.kernel.org/stable/c/f0f078457f18f10696888f8d0e6aba9deb9cde92"
        }
      ],
      "title": "media: uvcvideo: Fix memory leak in uvc_gpio_parse",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50882",
    "datePublished": "2025-12-30T12:23:21.019Z",
    "dateReserved": "2025-12-30T12:06:07.137Z",
    "dateUpdated": "2025-12-30T12:23:21.019Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "block/bfq-iosched.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1655cfc85250a224b0d9486c8136baeea33b9b5c",
              "status": "affected",
              "version": "76f1df88bbc2f984eb0418cc90de0a8384e63604",
              "versionType": "git"
            },
            {
              "lessThan": "c0346a59d719461248c6dc6f21c9e55ef836b66f",
              "status": "affected",
              "version": "76f1df88bbc2f984eb0418cc90de0a8384e63604",
              "versionType": "git"
            },
            {
              "lessThan": "e53413f8deedf738a6782cc14cc00bd5852ccf18",
              "status": "affected",
              "version": "76f1df88bbc2f984eb0418cc90de0a8384e63604",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "block/bfq-iosched.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.17"
            },
            {
              "lessThan": "5.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.30",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.30",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.4",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: Fix division by zero error on zero wsum\n\nWhen the weighted sum is zero the calculation of limit causes\na division by zero error. Fix this by continuing to the next level.\n\nThis was discovered by running as root:\n\nstress-ng --ioprio 0\n\nFixes divison by error oops:\n\n[  521.450556] divide error: 0000 [#1] SMP NOPTI\n[  521.450766] CPU: 2 PID: 2684464 Comm: stress-ng-iopri Not tainted 6.2.1-1280.native #1\n[  521.451117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014\n[  521.451627] RIP: 0010:bfqq_request_over_limit+0x207/0x400\n[  521.451875] Code: 01 48 8d 0c c8 74 0b 48 8b 82 98 00 00 00 48 8d 0c c8 8b 85 34 ff ff ff 48 89 ca 41 0f af 41 50 48 d1 ea 48 98 48 01 d0 31 d2 \u003c48\u003e f7 f1 41 39 41 48 89 85 34 ff ff ff 0f 8c 7b 01 00 00 49 8b 44\n[  521.452699] RSP: 0018:ffffb1af84eb3948 EFLAGS: 00010046\n[  521.452938] RAX: 000000000000003c RBX: 0000000000000000 RCX: 0000000000000000\n[  521.453262] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffb1af84eb3978\n[  521.453584] RBP: ffffb1af84eb3a30 R08: 0000000000000001 R09: ffff8f88ab8a4ba0\n[  521.453905] R10: 0000000000000000 R11: 0000000000000001 R12: ffff8f88ab8a4b18\n[  521.454224] R13: ffff8f8699093000 R14: 0000000000000001 R15: ffffb1af84eb3970\n[  521.454549] FS:  00005640b6b0b580(0000) GS:ffff8f88b3880000(0000) knlGS:0000000000000000\n[  521.454912] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  521.455170] CR2: 00007ffcbcae4e38 CR3: 00000002e46de001 CR4: 0000000000770ee0\n[  521.455491] PKRU: 55555554\n[  521.455619] Call Trace:\n[  521.455736]  \u003cTASK\u003e\n[  521.455837]  ? bfq_request_merge+0x3a/0xc0\n[  521.456027]  ? elv_merge+0x115/0x140\n[  521.456191]  bfq_limit_depth+0xc8/0x240\n[  521.456366]  __blk_mq_alloc_requests+0x21a/0x2c0\n[  521.456577]  blk_mq_submit_bio+0x23c/0x6c0\n[  521.456766]  __submit_bio+0xb8/0x140\n[  521.457236]  submit_bio_noacct_nocheck+0x212/0x300\n[  521.457748]  submit_bio_noacct+0x1a6/0x580\n[  521.458220]  submit_bio+0x43/0x80\n[  521.458660]  ext4_io_submit+0x23/0x80\n[  521.459116]  ext4_do_writepages+0x40a/0xd00\n[  521.459596]  ext4_writepages+0x65/0x100\n[  521.460050]  do_writepages+0xb7/0x1c0\n[  521.460492]  __filemap_fdatawrite_range+0xa6/0x100\n[  521.460979]  file_write_and_wait_range+0xbf/0x140\n[  521.461452]  ext4_sync_file+0x105/0x340\n[  521.461882]  __x64_sys_fsync+0x67/0x100\n[  521.462305]  ? syscall_exit_to_user_mode+0x2c/0x1c0\n[  521.462768]  do_syscall_64+0x3b/0xc0\n[  521.463165]  entry_SYSCALL_64_after_hwframe+0x5a/0xc4\n[  521.463621] RIP: 0033:0x5640b6c56590\n[  521.464006] Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 80 3d 71 70 0e 00 00 74 17 b8 4a 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T11:36:58.701Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1655cfc85250a224b0d9486c8136baeea33b9b5c"
        },
        {
          "url": "https://git.kernel.org/stable/c/c0346a59d719461248c6dc6f21c9e55ef836b66f"
        },
        {
          "url": "https://git.kernel.org/stable/c/e53413f8deedf738a6782cc14cc00bd5852ccf18"
        }
      ],
      "title": "block, bfq: Fix division by zero error on zero wsum",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54242",
    "datePublished": "2025-12-30T12:11:30.503Z",
    "dateReserved": "2025-12-30T12:06:44.510Z",
    "dateUpdated": "2026-01-05T11:36:58.701Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/typec/bus.c",
            "drivers/usb/typec/tcpm/tcpm.c",
            "include/linux/usb/typec_altmode.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5f71716772b88cbe0e1788f6a38d7871aff2120b",
              "status": "affected",
              "version": "8a37d87d72f0c69f837229c04d2fcd7117ea57e7",
              "versionType": "git"
            },
            {
              "lessThan": "38e1f2ee82bacbbfded8f1c06794a443d038d054",
              "status": "affected",
              "version": "8a37d87d72f0c69f837229c04d2fcd7117ea57e7",
              "versionType": "git"
            },
            {
              "lessThan": "0ad6bad31da692f8d7acacab07eabe7586239ae0",
              "status": "affected",
              "version": "8a37d87d72f0c69f837229c04d2fcd7117ea57e7",
              "versionType": "git"
            },
            {
              "lessThan": "0d3b5fe47938e9c451466845304a2bd74e967a80",
              "status": "affected",
              "version": "8a37d87d72f0c69f837229c04d2fcd7117ea57e7",
              "versionType": "git"
            },
            {
              "lessThan": "d49547950bf7f3480d6ca05fe055978e5f0d9e5b",
              "status": "affected",
              "version": "8a37d87d72f0c69f837229c04d2fcd7117ea57e7",
              "versionType": "git"
            },
            {
              "lessThan": "1101867a1711c27d8bbe0e83136bec47f8c1ca2a",
              "status": "affected",
              "version": "8a37d87d72f0c69f837229c04d2fcd7117ea57e7",
              "versionType": "git"
            },
            {
              "lessThan": "f23643306430f86e2f413ee2b986e0773e79da31",
              "status": "affected",
              "version": "8a37d87d72f0c69f837229c04d2fcd7117ea57e7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/typec/bus.c",
            "drivers/usb/typec/tcpm/tcpm.c",
            "include/linux/usb/typec_altmode.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.19"
            },
            {
              "lessThan": "4.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.257",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.195",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.132",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.257",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.195",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.132",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.53",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.16",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.3",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: bus: verify partner exists in typec_altmode_attention\n\nSome usb hubs will negotiate DisplayPort Alt mode with the device\nbut will then negotiate a data role swap after entering the alt\nmode. The data role swap causes the device to unregister all alt\nmodes, however the usb hub will still send Attention messages\neven after failing to reregister the Alt Mode. type_altmode_attention\ncurrently does not verify whether or not a device\u0027s altmode partner\nexists, which results in a NULL pointer error when dereferencing\nthe typec_altmode and typec_altmode_ops belonging to the altmode\npartner.\n\nVerify the presence of a device\u0027s altmode partner before sending\nthe Attention message to the Alt Mode driver."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:35.146Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5f71716772b88cbe0e1788f6a38d7871aff2120b"
        },
        {
          "url": "https://git.kernel.org/stable/c/38e1f2ee82bacbbfded8f1c06794a443d038d054"
        },
        {
          "url": "https://git.kernel.org/stable/c/0ad6bad31da692f8d7acacab07eabe7586239ae0"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d3b5fe47938e9c451466845304a2bd74e967a80"
        },
        {
          "url": "https://git.kernel.org/stable/c/d49547950bf7f3480d6ca05fe055978e5f0d9e5b"
        },
        {
          "url": "https://git.kernel.org/stable/c/1101867a1711c27d8bbe0e83136bec47f8c1ca2a"
        },
        {
          "url": "https://git.kernel.org/stable/c/f23643306430f86e2f413ee2b986e0773e79da31"
        }
      ],
      "title": "usb: typec: bus: verify partner exists in typec_altmode_attention",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54299",
    "datePublished": "2025-12-30T12:23:35.146Z",
    "dateReserved": "2025-12-30T12:06:44.528Z",
    "dateUpdated": "2025-12-30T12:23:35.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/trace/bpf_trace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3654ed5daf492463c3faa434c7000d45c2da2ace",
              "status": "affected",
              "version": "8c7dcb84e3b744b2b70baa7a44a9b1881c33a9c9",
              "versionType": "git"
            },
            {
              "lessThan": "a0ac32cf61e5a76e2429e486925a52ee41dd75e3",
              "status": "affected",
              "version": "8c7dcb84e3b744b2b70baa7a44a9b1881c33a9c9",
              "versionType": "git"
            },
            {
              "lessThan": "f2c67a3e60d1071b65848efaa8c3b66c363dd025",
              "status": "affected",
              "version": "8c7dcb84e3b744b2b70baa7a44a9b1881c33a9c9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/trace/bpf_trace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.45",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.45",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.10",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Disable preemption in bpf_perf_event_output\n\nThe nesting protection in bpf_perf_event_output relies on disabled\npreemption, which is guaranteed for kprobes and tracepoints.\n\nHowever bpf_perf_event_output can be also called from uprobes context\nthrough bpf_prog_run_array_sleepable function which disables migration,\nbut keeps preemption enabled.\n\nThis can cause task to be preempted by another one inside the nesting\nprotection and lead eventually to two tasks using same perf_sample_data\nbuffer and cause crashes like:\n\n  kernel tried to execute NX-protected page - exploit attempt? (uid: 0)\n  BUG: unable to handle page fault for address: ffffffff82be3eea\n  ...\n  Call Trace:\n   ? __die+0x1f/0x70\n   ? page_fault_oops+0x176/0x4d0\n   ? exc_page_fault+0x132/0x230\n   ? asm_exc_page_fault+0x22/0x30\n   ? perf_output_sample+0x12b/0x910\n   ? perf_event_output+0xd0/0x1d0\n   ? bpf_perf_event_output+0x162/0x1d0\n   ? bpf_prog_c6271286d9a4c938_krava1+0x76/0x87\n   ? __uprobe_perf_func+0x12b/0x540\n   ? uprobe_dispatcher+0x2c4/0x430\n   ? uprobe_notify_resume+0x2da/0xce0\n   ? atomic_notifier_call_chain+0x7b/0x110\n   ? exit_to_user_mode_prepare+0x13e/0x290\n   ? irqentry_exit_to_user_mode+0x5/0x30\n   ? asm_exc_int3+0x35/0x40\n\nFixing this by disabling preemption in bpf_perf_event_output."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:37.827Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3654ed5daf492463c3faa434c7000d45c2da2ace"
        },
        {
          "url": "https://git.kernel.org/stable/c/a0ac32cf61e5a76e2429e486925a52ee41dd75e3"
        },
        {
          "url": "https://git.kernel.org/stable/c/f2c67a3e60d1071b65848efaa8c3b66c363dd025"
        }
      ],
      "title": "bpf: Disable preemption in bpf_perf_event_output",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54303",
    "datePublished": "2025-12-30T12:23:37.827Z",
    "dateReserved": "2025-12-30T12:06:44.529Z",
    "dateUpdated": "2025-12-30T12:23:37.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/xfrm/xfrm_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7d16c515059b3746f2d6a24a74c3ba786a68c2a1",
              "status": "affected",
              "version": "919e43fad5163a8ceb39826ecdee897a9f799351",
              "versionType": "git"
            },
            {
              "lessThan": "ec8f32ad9a65a8cbb465b69e154aaec9d2fe45c4",
              "status": "affected",
              "version": "919e43fad5163a8ceb39826ecdee897a9f799351",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/xfrm/xfrm_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "lessThan": "6.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.4",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Fix leak of dev tracker\n\nAt the stage of direction checks, the netdev reference tracker is\nalready initialized, but released with wrong *_put() call."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:16:02.992Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7d16c515059b3746f2d6a24a74c3ba786a68c2a1"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec8f32ad9a65a8cbb465b69e154aaec9d2fe45c4"
        }
      ],
      "title": "xfrm: Fix leak of dev tracker",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54273",
    "datePublished": "2025-12-30T12:16:02.992Z",
    "dateReserved": "2025-12-30T12:06:44.522Z",
    "dateUpdated": "2025-12-30T12:16:02.992Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en_tc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4150441c010dec36abc389828e2e4758bd8ad4b3",
              "status": "affected",
              "version": "6702782845a5bf381a19b204c369e63420041665",
              "versionType": "git"
            },
            {
              "lessThan": "dfa1e46d6093831b9d49f0f350227a1d13644a2f",
              "status": "affected",
              "version": "6702782845a5bf381a19b204c369e63420041665",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en_tc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.6",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "versionStartIncluding": "6.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: TC, Fix using eswitch mapping in nic mode\n\nCited patch is using the eswitch object mapping pool while\nin nic mode where it isn\u0027t initialized. This results in the\ntrace below [0].\n\nFix that by using either nic or eswitch object mapping pool\ndepending if eswitch is enabled or not.\n\n[0]:\n[  826.446057] ==================================================================\n[  826.446729] BUG: KASAN: slab-use-after-free in mlx5_add_flow_rules+0x30/0x490 [mlx5_core]\n[  826.447515] Read of size 8 at addr ffff888194485830 by task tc/6233\n\n[  826.448243] CPU: 16 PID: 6233 Comm: tc Tainted: G        W          6.3.0-rc6+ #1\n[  826.448890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[  826.449785] Call Trace:\n[  826.450052]  \u003cTASK\u003e\n[  826.450302]  dump_stack_lvl+0x33/0x50\n[  826.450650]  print_report+0xc2/0x610\n[  826.450998]  ? __virt_addr_valid+0xb1/0x130\n[  826.451385]  ? mlx5_add_flow_rules+0x30/0x490 [mlx5_core]\n[  826.451935]  kasan_report+0xae/0xe0\n[  826.452276]  ? mlx5_add_flow_rules+0x30/0x490 [mlx5_core]\n[  826.452829]  mlx5_add_flow_rules+0x30/0x490 [mlx5_core]\n[  826.453368]  ? __kmalloc_node+0x5a/0x120\n[  826.453733]  esw_add_restore_rule+0x20f/0x270 [mlx5_core]\n[  826.454288]  ? mlx5_eswitch_add_send_to_vport_meta_rule+0x260/0x260 [mlx5_core]\n[  826.455011]  ? mutex_unlock+0x80/0xd0\n[  826.455361]  ? __mutex_unlock_slowpath.constprop.0+0x210/0x210\n[  826.455862]  ? mapping_add+0x2cb/0x440 [mlx5_core]\n[  826.456425]  mlx5e_tc_action_miss_mapping_get+0x139/0x180 [mlx5_core]\n[  826.457058]  ? mlx5e_tc_update_skb_nic+0xb0/0xb0 [mlx5_core]\n[  826.457636]  ? __kasan_kmalloc+0x77/0x90\n[  826.458000]  ? __kmalloc+0x57/0x120\n[  826.458336]  mlx5_tc_ct_flow_offload+0x325/0xe40 [mlx5_core]\n[  826.458916]  ? ct_kernel_enter.constprop.0+0x48/0xa0\n[  826.459360]  ? mlx5_tc_ct_parse_action+0xf0/0xf0 [mlx5_core]\n[  826.459933]  ? mlx5e_mod_hdr_attach+0x491/0x520 [mlx5_core]\n[  826.460507]  ? mlx5e_mod_hdr_get+0x12/0x20 [mlx5_core]\n[  826.461046]  ? mlx5e_tc_attach_mod_hdr+0x154/0x170 [mlx5_core]\n[  826.461635]  mlx5e_configure_flower+0x969/0x2110 [mlx5_core]\n[  826.462217]  ? _raw_spin_lock_bh+0x85/0xe0\n[  826.462597]  ? __mlx5e_add_fdb_flow+0x750/0x750 [mlx5_core]\n[  826.463163]  ? kasan_save_stack+0x2e/0x40\n[  826.463534]  ? down_read+0x115/0x1b0\n[  826.463878]  ? down_write_killable+0x110/0x110\n[  826.464288]  ? tc_setup_action.part.0+0x9f/0x3b0\n[  826.464701]  ? mlx5e_is_uplink_rep+0x4c/0x90 [mlx5_core]\n[  826.465253]  ? mlx5e_tc_reoffload_flows_work+0x130/0x130 [mlx5_core]\n[  826.465878]  tc_setup_cb_add+0x112/0x250\n[  826.466247]  fl_hw_replace_filter+0x230/0x310 [cls_flower]\n[  826.466724]  ? fl_hw_destroy_filter+0x1a0/0x1a0 [cls_flower]\n[  826.467212]  fl_change+0x14e1/0x2030 [cls_flower]\n[  826.467636]  ? sock_def_readable+0x89/0x120\n[  826.468019]  ? fl_tmplt_create+0x2d0/0x2d0 [cls_flower]\n[  826.468509]  ? kasan_unpoison+0x23/0x50\n[  826.468873]  ? get_random_u16+0x180/0x180\n[  826.469244]  ? __radix_tree_lookup+0x2b/0x130\n[  826.469640]  ? fl_get+0x7b/0x140 [cls_flower]\n[  826.470042]  ? fl_mask_put+0x200/0x200 [cls_flower]\n[  826.470478]  ? __mutex_unlock_slowpath.constprop.0+0x210/0x210\n[  826.470973]  ? fl_tmplt_create+0x2d0/0x2d0 [cls_flower]\n[  826.471427]  tc_new_tfilter+0x644/0x1050\n[  826.471795]  ? tc_get_tfilter+0x860/0x860\n[  826.472170]  ? __thaw_task+0x130/0x130\n[  826.472525]  ? arch_stack_walk+0x98/0xf0\n[  826.472892]  ? cap_capable+0x9f/0xd0\n[  826.473235]  ? security_capable+0x47/0x60\n[  826.473608]  rtnetlink_rcv_msg+0x1d5/0x550\n[  826.473985]  ? rtnl_calcit.isra.0+0x1f0/0x1f0\n[  826.474383]  ? __stack_depot_save+0x35/0x4c0\n[  826.474779]  ? kasan_save_stack+0x2e/0x40\n[  826.475149]  ? kasan_save_stack+0x1e/0x40\n[  826.475518]  ? __kasan_record_aux_stack+0x9f/0xb0\n[  826.475939]  ? task_work_add+0x77/0x1c0\n[  826.476305]  netlink_rcv_skb+0xe0/0x210\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:11:12.730Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4150441c010dec36abc389828e2e4758bd8ad4b3"
        },
        {
          "url": "https://git.kernel.org/stable/c/dfa1e46d6093831b9d49f0f350227a1d13644a2f"
        }
      ],
      "title": "net/mlx5e: TC, Fix using eswitch mapping in nic mode",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54216",
    "datePublished": "2025-12-30T12:11:12.730Z",
    "dateReserved": "2025-12-30T12:06:44.500Z",
    "dateUpdated": "2025-12-30T12:11:12.730Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/m68k/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1a6059f5ed57f48edfe7159404ff7d538d9d405b",
              "status": "affected",
              "version": "f2325ecebc5b7988fd49968bd3a660fd1594dc84",
              "versionType": "git"
            },
            {
              "lessThan": "f55cb52ec98b22125f5bda36391edb8894f7e8cf",
              "status": "affected",
              "version": "f2325ecebc5b7988fd49968bd3a660fd1594dc84",
              "versionType": "git"
            },
            {
              "lessThan": "2100e374251a8fc00cce1916cfc50f3cb652cbe3",
              "status": "affected",
              "version": "f2325ecebc5b7988fd49968bd3a660fd1594dc84",
              "versionType": "git"
            },
            {
              "lessThan": "df1da53a7e98f0b2a0eb2241c154f148f2f2c1d8",
              "status": "affected",
              "version": "f2325ecebc5b7988fd49968bd3a660fd1594dc84",
              "versionType": "git"
            },
            {
              "lessThan": "8bf8d5dade4c5e1d8a2386f29253ed28b5d87735",
              "status": "affected",
              "version": "f2325ecebc5b7988fd49968bd3a660fd1594dc84",
              "versionType": "git"
            },
            {
              "lessThan": "54fa25ffab2b700df5abd58c136d64a912c53953",
              "status": "affected",
              "version": "f2325ecebc5b7988fd49968bd3a660fd1594dc84",
              "versionType": "git"
            },
            {
              "lessThan": "ec15405b80fc15ffc87a23d01378ae061c1aba07",
              "status": "affected",
              "version": "f2325ecebc5b7988fd49968bd3a660fd1594dc84",
              "versionType": "git"
            },
            {
              "lessThan": "e36a82bebbf7da814530d5a179bef9df5934b717",
              "status": "affected",
              "version": "f2325ecebc5b7988fd49968bd3a660fd1594dc84",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/m68k/kernel/traps.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.18"
            },
            {
              "lessThan": "2.6.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.312",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.280",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.240",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.177",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.105",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.22",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.3",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.312",
                  "versionStartIncluding": "2.6.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.280",
                  "versionStartIncluding": "2.6.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.240",
                  "versionStartIncluding": "2.6.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.177",
                  "versionStartIncluding": "2.6.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.105",
                  "versionStartIncluding": "2.6.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.22",
                  "versionStartIncluding": "2.6.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.9",
                  "versionStartIncluding": "2.6.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3",
                  "versionStartIncluding": "2.6.18",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nm68k: Only force 030 bus error if PC not in exception table\n\n__get_kernel_nofault() does copy data in supervisor mode when\nforcing a task backtrace log through /proc/sysrq_trigger.\nThis is expected cause a bus error exception on e.g. NULL\npointer dereferencing when logging a kernel task has no\nworkqueue associated. This bus error ought to be ignored.\n\nOur 030 bus error handler is ill equipped to deal with this:\n\nWhenever ssw indicates a kernel mode access on a data fault,\nwe don\u0027t even attempt to handle the fault and instead always\nsend a SEGV signal (or panic). As a result, the check\nfor exception handling at the fault PC (buried in\nsend_sig_fault() which gets called from do_page_fault()\neventually) is never used.\n\nIn contrast, both 040 and 060 access error handlers do not\ncare whether a fault happened on supervisor mode access,\nand will call do_page_fault() on those, ultimately honoring\nthe exception table.\n\nAdd a check in bus_error030 to call do_page_fault() in case\nwe do have an entry for the fault PC in our exception table.\n\nI had attempted a fix for this earlier in 2019 that did rely\non testing pagefault_disabled() (see link below) to achieve\nthe same thing, but this patch should be more generic.\n\nTested on 030 Atari Falcon."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T11:36:56.359Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1a6059f5ed57f48edfe7159404ff7d538d9d405b"
        },
        {
          "url": "https://git.kernel.org/stable/c/f55cb52ec98b22125f5bda36391edb8894f7e8cf"
        },
        {
          "url": "https://git.kernel.org/stable/c/2100e374251a8fc00cce1916cfc50f3cb652cbe3"
        },
        {
          "url": "https://git.kernel.org/stable/c/df1da53a7e98f0b2a0eb2241c154f148f2f2c1d8"
        },
        {
          "url": "https://git.kernel.org/stable/c/8bf8d5dade4c5e1d8a2386f29253ed28b5d87735"
        },
        {
          "url": "https://git.kernel.org/stable/c/54fa25ffab2b700df5abd58c136d64a912c53953"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec15405b80fc15ffc87a23d01378ae061c1aba07"
        },
        {
          "url": "https://git.kernel.org/stable/c/e36a82bebbf7da814530d5a179bef9df5934b717"
        }
      ],
      "title": "m68k: Only force 030 bus error if PC not in exception table",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54232",
    "datePublished": "2025-12-30T12:11:23.565Z",
    "dateReserved": "2025-12-30T12:06:44.502Z",
    "dateUpdated": "2026-01-05T11:36:56.359Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2025-12-30T14:05:55.844Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54256",
    "datePublished": "2025-12-30T12:15:51.526Z",
    "dateRejected": "2025-12-30T14:05:55.844Z",
    "dateReserved": "2025-12-30T12:06:44.515Z",
    "dateUpdated": "2025-12-30T14:05:55.844Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/mac.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "532f8bac60419eb28158770470b9bb655de207c8",
              "status": "affected",
              "version": "22eeadcdeab63e88983401f699f61a0121c03a0d",
              "versionType": "git"
            },
            {
              "lessThan": "f97832620d7f320bea81707f34631371e87a419b",
              "status": "affected",
              "version": "22eeadcdeab63e88983401f699f61a0121c03a0d",
              "versionType": "git"
            },
            {
              "lessThan": "8d1342108c2bf11aaaf293becfc010ecdb6170d9",
              "status": "affected",
              "version": "22eeadcdeab63e88983401f699f61a0121c03a0d",
              "versionType": "git"
            },
            {
              "lessThan": "32ca096e712a78b2f0d2e48d33dc0caaba9f9866",
              "status": "affected",
              "version": "22eeadcdeab63e88983401f699f61a0121c03a0d",
              "versionType": "git"
            },
            {
              "lessThan": "e2ceb1de2f83aafd8003f0b72dfd4b7441e97d14",
              "status": "affected",
              "version": "22eeadcdeab63e88983401f699f61a0121c03a0d",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/ath/ath11k/mac.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.188",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.150",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.188",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.150",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.42",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.7",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix registration of 6Ghz-only phy without the full channel range\n\nBecause of what seems to be a typo, a 6Ghz-only phy for which the BDF\ndoes not allow the 7115Mhz channel will fail to register:\n\n  WARNING: CPU: 2 PID: 106 at net/wireless/core.c:907 wiphy_register+0x914/0x954\n  Modules linked in: ath11k_pci sbsa_gwdt\n  CPU: 2 PID: 106 Comm: kworker/u8:5 Not tainted 6.3.0-rc7-next-20230418-00549-g1e096a17625a-dirty #9\n  Hardware name: Freebox V7R Board (DT)\n  Workqueue: ath11k_qmi_driver_event ath11k_qmi_driver_event_work\n  pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n  pc : wiphy_register+0x914/0x954\n  lr : ieee80211_register_hw+0x67c/0xc10\n  sp : ffffff800b123aa0\n  x29: ffffff800b123aa0 x28: 0000000000000000 x27: 0000000000000000\n  x26: 0000000000000000 x25: 0000000000000006 x24: ffffffc008d51418\n  x23: ffffffc008cb0838 x22: ffffff80176c2460 x21: 0000000000000168\n  x20: ffffff80176c0000 x19: ffffff80176c03e0 x18: 0000000000000014\n  x17: 00000000cbef338c x16: 00000000d2a26f21 x15: 00000000ad6bb85f\n  x14: 0000000000000020 x13: 0000000000000020 x12: 00000000ffffffbd\n  x11: 0000000000000208 x10: 00000000fffffdf7 x9 : ffffffc009394718\n  x8 : ffffff80176c0528 x7 : 000000007fffffff x6 : 0000000000000006\n  x5 : 0000000000000005 x4 : ffffff800b304284 x3 : ffffff800b304284\n  x2 : ffffff800b304d98 x1 : 0000000000000000 x0 : 0000000000000000\n  Call trace:\n   wiphy_register+0x914/0x954\n   ieee80211_register_hw+0x67c/0xc10\n   ath11k_mac_register+0x7c4/0xe10\n   ath11k_core_qmi_firmware_ready+0x1f4/0x570\n   ath11k_qmi_driver_event_work+0x198/0x590\n   process_one_work+0x1b8/0x328\n   worker_thread+0x6c/0x414\n   kthread+0x100/0x104\n   ret_from_fork+0x10/0x20\n  ---[ end trace 0000000000000000 ]---\n  ath11k_pci 0002:01:00.0: ieee80211 registration failed: -22\n  ath11k_pci 0002:01:00.0: failed register the radio with mac80211: -22\n  ath11k_pci 0002:01:00.0: failed to create pdev core: -22"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T11:36:55.183Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/532f8bac60419eb28158770470b9bb655de207c8"
        },
        {
          "url": "https://git.kernel.org/stable/c/f97832620d7f320bea81707f34631371e87a419b"
        },
        {
          "url": "https://git.kernel.org/stable/c/8d1342108c2bf11aaaf293becfc010ecdb6170d9"
        },
        {
          "url": "https://git.kernel.org/stable/c/32ca096e712a78b2f0d2e48d33dc0caaba9f9866"
        },
        {
          "url": "https://git.kernel.org/stable/c/e2ceb1de2f83aafd8003f0b72dfd4b7441e97d14"
        }
      ],
      "title": "wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54229",
    "datePublished": "2025-12-30T12:11:21.549Z",
    "dateReserved": "2025-12-30T12:06:44.502Z",
    "dateUpdated": "2026-01-05T11:36:55.183Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/dsa/tag_8021q.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "09f30f394e832ed09859b6a80fdd20668a9104ff",
              "status": "affected",
              "version": "328621f6131f667c5c328bb72d45442fd76efb81",
              "versionType": "git"
            },
            {
              "lessThan": "39691d51af99f80efb9e365f94b8e0c791fa1a2f",
              "status": "affected",
              "version": "328621f6131f667c5c328bb72d45442fd76efb81",
              "versionType": "git"
            },
            {
              "lessThan": "14ed46a13aba42a6ddd85de6f6274090df3586a5",
              "status": "affected",
              "version": "328621f6131f667c5c328bb72d45442fd76efb81",
              "versionType": "git"
            },
            {
              "lessThan": "e095493091e850d5292ad01d8fbf5cde1d89ac53",
              "status": "affected",
              "version": "328621f6131f667c5c328bb72d45442fd76efb81",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/dsa/tag_8021q.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.15"
            },
            {
              "lessThan": "5.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.86",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.86",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.16",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.2",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path\n\nIf dsa_tag_8021q_setup() fails, for example due to the inability of the\ndevice to install a VLAN, the tag_8021q context of the switch will leak.\nMake sure it is freed on the error path."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:10:57.049Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/09f30f394e832ed09859b6a80fdd20668a9104ff"
        },
        {
          "url": "https://git.kernel.org/stable/c/39691d51af99f80efb9e365f94b8e0c791fa1a2f"
        },
        {
          "url": "https://git.kernel.org/stable/c/14ed46a13aba42a6ddd85de6f6274090df3586a5"
        },
        {
          "url": "https://git.kernel.org/stable/c/e095493091e850d5292ad01d8fbf5cde1d89ac53"
        }
      ],
      "title": "net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50837",
    "datePublished": "2025-12-30T12:10:57.049Z",
    "dateReserved": "2025-12-30T12:06:07.133Z",
    "dateUpdated": "2025-12-30T12:10:57.049Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/remoteproc/qcom_sysmon.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "27441fab2651cd909d8a5440ca079bc50245f427",
              "status": "affected",
              "version": "027045a6e2b7cd81216e8a559534a30fb0782702",
              "versionType": "git"
            },
            {
              "lessThan": "e4539eb5c0c342567183fe386d0699c8dab49490",
              "status": "affected",
              "version": "027045a6e2b7cd81216e8a559534a30fb0782702",
              "versionType": "git"
            },
            {
              "lessThan": "131c0a3ead78d45f0f39ddb42cf1bd9be26239b0",
              "status": "affected",
              "version": "027045a6e2b7cd81216e8a559534a30fb0782702",
              "versionType": "git"
            },
            {
              "lessThan": "1a62bebe0705556d37cfa8409ddc759b11d404f6",
              "status": "affected",
              "version": "027045a6e2b7cd81216e8a559534a30fb0782702",
              "versionType": "git"
            },
            {
              "lessThan": "ec97e9a5c2f25d2f9f9d7005e9ac67f23cc751cd",
              "status": "affected",
              "version": "027045a6e2b7cd81216e8a559534a30fb0782702",
              "versionType": "git"
            },
            {
              "lessThan": "e01ce676aaef3b13d02343d7e70f9637d93a3367",
              "status": "affected",
              "version": "027045a6e2b7cd81216e8a559534a30fb0782702",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/remoteproc/qcom_sysmon.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.1"
            },
            {
              "lessThan": "5.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.229",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.163",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.86",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.229",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.163",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.86",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.16",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.2",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()\n\nThe kfree() should be called when of_irq_get_byname() fails or\ndevm_request_threaded_irq() fails in qcom_add_sysmon_subdev(),\notherwise there will be a memory leak, so add kfree() to fix it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:10:56.394Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/27441fab2651cd909d8a5440ca079bc50245f427"
        },
        {
          "url": "https://git.kernel.org/stable/c/e4539eb5c0c342567183fe386d0699c8dab49490"
        },
        {
          "url": "https://git.kernel.org/stable/c/131c0a3ead78d45f0f39ddb42cf1bd9be26239b0"
        },
        {
          "url": "https://git.kernel.org/stable/c/1a62bebe0705556d37cfa8409ddc759b11d404f6"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec97e9a5c2f25d2f9f9d7005e9ac67f23cc751cd"
        },
        {
          "url": "https://git.kernel.org/stable/c/e01ce676aaef3b13d02343d7e70f9637d93a3367"
        }
      ],
      "title": "remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50836",
    "datePublished": "2025-12-30T12:10:56.394Z",
    "dateReserved": "2025-12-30T12:06:07.132Z",
    "dateUpdated": "2025-12-30T12:10:56.394Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/dio/dio.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "affe3cea6b3148fa66796a48640664822ceccd48",
              "status": "affected",
              "version": "2e4c77bea3d8b17d94f8ee382411f359b708560f",
              "versionType": "git"
            },
            {
              "lessThan": "4b68caa95064ac464f1b261d08ac677e753d1088",
              "status": "affected",
              "version": "2e4c77bea3d8b17d94f8ee382411f359b708560f",
              "versionType": "git"
            },
            {
              "lessThan": "a524e7fed696a4dfef671e0fda3511bfd2dca0cf",
              "status": "affected",
              "version": "2e4c77bea3d8b17d94f8ee382411f359b708560f",
              "versionType": "git"
            },
            {
              "lessThan": "da64e01da40c6b71a54144126da53cc3b27201ac",
              "status": "affected",
              "version": "2e4c77bea3d8b17d94f8ee382411f359b708560f",
              "versionType": "git"
            },
            {
              "lessThan": "fce9890e1be4c0460dad850cc8c00414a9d25f0f",
              "status": "affected",
              "version": "2e4c77bea3d8b17d94f8ee382411f359b708560f",
              "versionType": "git"
            },
            {
              "lessThan": "a0ead7e8da84f4c3759417b8e928b65e0207c646",
              "status": "affected",
              "version": "2e4c77bea3d8b17d94f8ee382411f359b708560f",
              "versionType": "git"
            },
            {
              "lessThan": "8e002b9fe831b27d4506df6fa60cb33ba0730ac3",
              "status": "affected",
              "version": "2e4c77bea3d8b17d94f8ee382411f359b708560f",
              "versionType": "git"
            },
            {
              "lessThan": "78fddc0ff971f9874d53c854818cc4aafa144114",
              "status": "affected",
              "version": "2e4c77bea3d8b17d94f8ee382411f359b708560f",
              "versionType": "git"
            },
            {
              "lessThan": "e63e99397b2613d50a5f4f02ed07307e67a190f1",
              "status": "affected",
              "version": "2e4c77bea3d8b17d94f8ee382411f359b708560f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/dio/dio.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.29"
            },
            {
              "lessThan": "2.6.29",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.337",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.303",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.270",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.229",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.163",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.86",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.337",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.303",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.270",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.229",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.163",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.86",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.16",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.2",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: dio: fix possible memory leak in dio_init()\n\nIf device_register() returns error, the \u0027dev\u0027 and name needs be\nfreed. Add a release function, and then call put_device() in the\nerror path, so the name is freed in kobject_cleanup() and to the\n\u0027dev\u0027 is freed in release function."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:15:25.776Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/affe3cea6b3148fa66796a48640664822ceccd48"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b68caa95064ac464f1b261d08ac677e753d1088"
        },
        {
          "url": "https://git.kernel.org/stable/c/a524e7fed696a4dfef671e0fda3511bfd2dca0cf"
        },
        {
          "url": "https://git.kernel.org/stable/c/da64e01da40c6b71a54144126da53cc3b27201ac"
        },
        {
          "url": "https://git.kernel.org/stable/c/fce9890e1be4c0460dad850cc8c00414a9d25f0f"
        },
        {
          "url": "https://git.kernel.org/stable/c/a0ead7e8da84f4c3759417b8e928b65e0207c646"
        },
        {
          "url": "https://git.kernel.org/stable/c/8e002b9fe831b27d4506df6fa60cb33ba0730ac3"
        },
        {
          "url": "https://git.kernel.org/stable/c/78fddc0ff971f9874d53c854818cc4aafa144114"
        },
        {
          "url": "https://git.kernel.org/stable/c/e63e99397b2613d50a5f4f02ed07307e67a190f1"
        }
      ],
      "title": "drivers: dio: fix possible memory leak in dio_init()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50848",
    "datePublished": "2025-12-30T12:15:25.776Z",
    "dateReserved": "2025-12-30T12:06:07.134Z",
    "dateUpdated": "2025-12-30T12:15:25.776Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/delayed-inode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "779c3cf2749c7a7bad6f839cb2954a25ba92f4d6",
              "status": "affected",
              "version": "506650dcb3a716ad98681f7091ba2f8e748c04b8",
              "versionType": "git"
            },
            {
              "lessThan": "32247b9526bfdaeef85f7339d9b4f913c7370f92",
              "status": "affected",
              "version": "506650dcb3a716ad98681f7091ba2f8e748c04b8",
              "versionType": "git"
            },
            {
              "lessThan": "36d918da3f1bf749178c7daf471a3be1730ed3ca",
              "status": "affected",
              "version": "506650dcb3a716ad98681f7091ba2f8e748c04b8",
              "versionType": "git"
            },
            {
              "lessThan": "e110f8911ddb93e6f55da14ccbbe705397b30d0b",
              "status": "affected",
              "version": "506650dcb3a716ad98681f7091ba2f8e748c04b8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/delayed-inode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.15"
            },
            {
              "lessThan": "5.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.133",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.55",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.133",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.55",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.5",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix lockdep splat and potential deadlock after failure running delayed items\n\nWhen running delayed items we are holding a delayed node\u0027s mutex and then\nwe will attempt to modify a subvolume btree to insert/update/delete the\ndelayed items. However if have an error during the insertions for example,\nbtrfs_insert_delayed_items() may return with a path that has locked extent\nbuffers (a leaf at the very least), and then we attempt to release the\ndelayed node at __btrfs_run_delayed_items(), which requires taking the\ndelayed node\u0027s mutex, causing an ABBA type of deadlock. This was reported\nby syzbot and the lockdep splat is the following:\n\n  WARNING: possible circular locking dependency detected\n  6.5.0-rc7-syzkaller-00024-g93f5de5f648d #0 Not tainted\n  ------------------------------------------------------\n  syz-executor.2/13257 is trying to acquire lock:\n  ffff88801835c0c0 (\u0026delayed_node-\u003emutex){+.+.}-{3:3}, at: __btrfs_release_delayed_node+0x9a/0xaa0 fs/btrfs/delayed-inode.c:256\n\n  but task is already holding lock:\n  ffff88802a5ab8e8 (btrfs-tree-00){++++}-{3:3}, at: __btrfs_tree_lock+0x3c/0x2a0 fs/btrfs/locking.c:198\n\n  which lock already depends on the new lock.\n\n  the existing dependency chain (in reverse order) is:\n\n  -\u003e #1 (btrfs-tree-00){++++}-{3:3}:\n         __lock_release kernel/locking/lockdep.c:5475 [inline]\n         lock_release+0x36f/0x9d0 kernel/locking/lockdep.c:5781\n         up_write+0x79/0x580 kernel/locking/rwsem.c:1625\n         btrfs_tree_unlock_rw fs/btrfs/locking.h:189 [inline]\n         btrfs_unlock_up_safe+0x179/0x3b0 fs/btrfs/locking.c:239\n         search_leaf fs/btrfs/ctree.c:1986 [inline]\n         btrfs_search_slot+0x2511/0x2f80 fs/btrfs/ctree.c:2230\n         btrfs_insert_empty_items+0x9c/0x180 fs/btrfs/ctree.c:4376\n         btrfs_insert_delayed_item fs/btrfs/delayed-inode.c:746 [inline]\n         btrfs_insert_delayed_items fs/btrfs/delayed-inode.c:824 [inline]\n         __btrfs_commit_inode_delayed_items+0xd24/0x2410 fs/btrfs/delayed-inode.c:1111\n         __btrfs_run_delayed_items+0x1db/0x430 fs/btrfs/delayed-inode.c:1153\n         flush_space+0x269/0xe70 fs/btrfs/space-info.c:723\n         btrfs_async_reclaim_metadata_space+0x106/0x350 fs/btrfs/space-info.c:1078\n         process_one_work+0x92c/0x12c0 kernel/workqueue.c:2600\n         worker_thread+0xa63/0x1210 kernel/workqueue.c:2751\n         kthread+0x2b8/0x350 kernel/kthread.c:389\n         ret_from_fork+0x2e/0x60 arch/x86/kernel/process.c:145\n         ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\n  -\u003e #0 (\u0026delayed_node-\u003emutex){+.+.}-{3:3}:\n         check_prev_add kernel/locking/lockdep.c:3142 [inline]\n         check_prevs_add kernel/locking/lockdep.c:3261 [inline]\n         validate_chain kernel/locking/lockdep.c:3876 [inline]\n         __lock_acquire+0x39ff/0x7f70 kernel/locking/lockdep.c:5144\n         lock_acquire+0x1e3/0x520 kernel/locking/lockdep.c:5761\n         __mutex_lock_common+0x1d8/0x2530 kernel/locking/mutex.c:603\n         __mutex_lock kernel/locking/mutex.c:747 [inline]\n         mutex_lock_nested+0x1b/0x20 kernel/locking/mutex.c:799\n         __btrfs_release_delayed_node+0x9a/0xaa0 fs/btrfs/delayed-inode.c:256\n         btrfs_release_delayed_node fs/btrfs/delayed-inode.c:281 [inline]\n         __btrfs_run_delayed_items+0x2b5/0x430 fs/btrfs/delayed-inode.c:1156\n         btrfs_commit_transaction+0x859/0x2ff0 fs/btrfs/transaction.c:2276\n         btrfs_sync_file+0xf56/0x1330 fs/btrfs/file.c:1988\n         vfs_fsync_range fs/sync.c:188 [inline]\n         vfs_fsync fs/sync.c:202 [inline]\n         do_fsync fs/sync.c:212 [inline]\n         __do_sys_fsync fs/sync.c:220 [inline]\n         __se_sys_fsync fs/sync.c:218 [inline]\n         __x64_sys_fsync+0x196/0x1e0 fs/sync.c:218\n         do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n         do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n         entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\n  other info that\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T11:36:52.704Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/779c3cf2749c7a7bad6f839cb2954a25ba92f4d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/32247b9526bfdaeef85f7339d9b4f913c7370f92"
        },
        {
          "url": "https://git.kernel.org/stable/c/36d918da3f1bf749178c7daf471a3be1730ed3ca"
        },
        {
          "url": "https://git.kernel.org/stable/c/e110f8911ddb93e6f55da14ccbbe705397b30d0b"
        }
      ],
      "title": "btrfs: fix lockdep splat and potential deadlock after failure running delayed items",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54224",
    "datePublished": "2025-12-30T12:11:18.076Z",
    "dateReserved": "2025-12-30T12:06:44.501Z",
    "dateUpdated": "2026-01-05T11:36:52.704Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/sh/drivers/dma/dma-sh.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "bca700b48c72f4ffeee977a2ed0eb4a6b4b7b8ad",
              "status": "affected",
              "version": "7f47c7189b3e8f19a589f77a3ad169d7b691b582",
              "versionType": "git"
            },
            {
              "lessThan": "479380acfa63247b5ac62476138f847aefc62692",
              "status": "affected",
              "version": "7f47c7189b3e8f19a589f77a3ad169d7b691b582",
              "versionType": "git"
            },
            {
              "lessThan": "4989627157735c1f1619f08e5bc1592418e7c878",
              "status": "affected",
              "version": "7f47c7189b3e8f19a589f77a3ad169d7b691b582",
              "versionType": "git"
            },
            {
              "lessThan": "d1c946552af299f4fa85bf7da15e328123771128",
              "status": "affected",
              "version": "7f47c7189b3e8f19a589f77a3ad169d7b691b582",
              "versionType": "git"
            },
            {
              "lessThan": "196f6c71905aa384c0177acf194a1144d480333b",
              "status": "affected",
              "version": "7f47c7189b3e8f19a589f77a3ad169d7b691b582",
              "versionType": "git"
            },
            {
              "lessThan": "8fb11fa4805699c6b73a9c8a9d45807f9874abe3",
              "status": "affected",
              "version": "7f47c7189b3e8f19a589f77a3ad169d7b691b582",
              "versionType": "git"
            },
            {
              "lessThan": "e9e33faea104381bac80ac79328f0540fc2969f2",
              "status": "affected",
              "version": "7f47c7189b3e8f19a589f77a3ad169d7b691b582",
              "versionType": "git"
            },
            {
              "lessThan": "e82e47584847129a20b8c9f4a1dcde09374fb0e0",
              "status": "affected",
              "version": "7f47c7189b3e8f19a589f77a3ad169d7b691b582",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/sh/drivers/dma/dma-sh.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.5"
            },
            {
              "lessThan": "3.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.322",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.291",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.251",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.188",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.121",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.39",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.322",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.291",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.251",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.188",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.121",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.39",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.4",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "3.5",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsh: dma: Fix DMA channel offset calculation\n\nVarious SoCs of the SH3, SH4 and SH4A family, which use this driver,\nfeature a differing number of DMA channels, which can be distributed\nbetween up to two DMAC modules. The existing implementation fails to\ncorrectly accommodate for all those variations, resulting in wrong\nchannel offset calculations and leading to kernel panics.\n\nRewrite dma_base_addr() in order to properly calculate channel offsets\nin a DMAC module. Fix dmaor_read_reg() and dmaor_write_reg(), so that\nthe correct DMAC module base is selected for the DMAOR register."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:15:50.822Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/bca700b48c72f4ffeee977a2ed0eb4a6b4b7b8ad"
        },
        {
          "url": "https://git.kernel.org/stable/c/479380acfa63247b5ac62476138f847aefc62692"
        },
        {
          "url": "https://git.kernel.org/stable/c/4989627157735c1f1619f08e5bc1592418e7c878"
        },
        {
          "url": "https://git.kernel.org/stable/c/d1c946552af299f4fa85bf7da15e328123771128"
        },
        {
          "url": "https://git.kernel.org/stable/c/196f6c71905aa384c0177acf194a1144d480333b"
        },
        {
          "url": "https://git.kernel.org/stable/c/8fb11fa4805699c6b73a9c8a9d45807f9874abe3"
        },
        {
          "url": "https://git.kernel.org/stable/c/e9e33faea104381bac80ac79328f0540fc2969f2"
        },
        {
          "url": "https://git.kernel.org/stable/c/e82e47584847129a20b8c9f4a1dcde09374fb0e0"
        }
      ],
      "title": "sh: dma: Fix DMA channel offset calculation",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54255",
    "datePublished": "2025-12-30T12:15:50.822Z",
    "dateReserved": "2025-12-30T12:06:44.515Z",
    "dateUpdated": "2025-12-30T12:15:50.822Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/crypto/qat/qat_common/qat_algs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7697139d5dfd491f4c495a914a1dd68f6e827a0f",
              "status": "affected",
              "version": "67916c9516893528ecce060ada1f58af0ce33d93",
              "versionType": "git"
            },
            {
              "lessThan": "dc3809f390357c8992f0a23083da934a20fef9af",
              "status": "affected",
              "version": "67916c9516893528ecce060ada1f58af0ce33d93",
              "versionType": "git"
            },
            {
              "lessThan": "2b1501f058245573a3aa6bf234d205dde1196184",
              "status": "affected",
              "version": "67916c9516893528ecce060ada1f58af0ce33d93",
              "versionType": "git"
            },
            {
              "lessThan": "f6044cc3030e139f60c281386f28bda6e3049d66",
              "status": "affected",
              "version": "67916c9516893528ecce060ada1f58af0ce33d93",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/crypto/qat/qat_common/qat_algs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.99",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.3",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.99",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.16",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.3",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - fix out-of-bounds read\n\nWhen preparing an AER-CTR request, the driver copies the key provided by\nthe user into a data structure that is accessible by the firmware.\nIf the target device is QAT GEN4, the key size is rounded up by 16 since\na rounded up size is expected by the device.\nIf the key size is rounded up before the copy, the size used for copying\nthe key might be bigger than the size of the region containing the key,\ncausing an out-of-bounds read.\n\nFix by doing the copy first and then update the keylen.\n\nThis is to fix the following warning reported by KASAN:\n\n\t[  138.150574] BUG: KASAN: global-out-of-bounds in qat_alg_skcipher_init_com.isra.0+0x197/0x250 [intel_qat]\n\t[  138.150641] Read of size 32 at addr ffffffff88c402c0 by task cryptomgr_test/2340\n\n\t[  138.150651] CPU: 15 PID: 2340 Comm: cryptomgr_test Not tainted 6.2.0-rc1+ #45\n\t[  138.150659] Hardware name: Intel Corporation ArcherCity/ArcherCity, BIOS EGSDCRB1.86B.0087.D13.2208261706 08/26/2022\n\t[  138.150663] Call Trace:\n\t[  138.150668]  \u003cTASK\u003e\n\t[  138.150922]  kasan_check_range+0x13a/0x1c0\n\t[  138.150931]  memcpy+0x1f/0x60\n\t[  138.150940]  qat_alg_skcipher_init_com.isra.0+0x197/0x250 [intel_qat]\n\t[  138.151006]  qat_alg_skcipher_init_sessions+0xc1/0x240 [intel_qat]\n\t[  138.151073]  crypto_skcipher_setkey+0x82/0x160\n\t[  138.151085]  ? prepare_keybuf+0xa2/0xd0\n\t[  138.151095]  test_skcipher_vec_cfg+0x2b8/0x800"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:37:09.015Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7697139d5dfd491f4c495a914a1dd68f6e827a0f"
        },
        {
          "url": "https://git.kernel.org/stable/c/dc3809f390357c8992f0a23083da934a20fef9af"
        },
        {
          "url": "https://git.kernel.org/stable/c/2b1501f058245573a3aa6bf234d205dde1196184"
        },
        {
          "url": "https://git.kernel.org/stable/c/f6044cc3030e139f60c281386f28bda6e3049d66"
        }
      ],
      "title": "crypto: qat - fix out-of-bounds read",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54325",
    "datePublished": "2025-12-30T12:37:09.015Z",
    "dateReserved": "2025-12-30T12:35:56.209Z",
    "dateUpdated": "2025-12-30T12:37:09.015Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ntfs3/frecord.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "20f9bfc664d6a478f9a5bbc0c380f80f7a1a06c6",
              "status": "affected",
              "version": "4342306f0f0d5ff4315a204d315c1b51b914fca5",
              "versionType": "git"
            },
            {
              "lessThan": "39c6312009574ca73865354133ca222e7753a71b",
              "status": "affected",
              "version": "4342306f0f0d5ff4315a204d315c1b51b914fca5",
              "versionType": "git"
            },
            {
              "lessThan": "e7675f85a92233136c630000a0b7cf97826705da",
              "status": "affected",
              "version": "4342306f0f0d5ff4315a204d315c1b51b914fca5",
              "versionType": "git"
            },
            {
              "lessThan": "ec275bf9693d19cc0fdce8436f4c425ced86f6e7",
              "status": "affected",
              "version": "4342306f0f0d5ff4315a204d315c1b51b914fca5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ntfs3/frecord.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.15"
            },
            {
              "lessThan": "5.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.113",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.81",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.113",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.81",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.4",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "versionStartIncluding": "5.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix a possible null-pointer dereference in ni_clear()\n\nIn a previous commit c1006bd13146, ni-\u003emi.mrec in ni_write_inode()\ncould be NULL, and thus a NULL check is added for this variable.\n\nHowever, in the same call stack, ni-\u003emi.mrec can be also dereferenced\nin ni_clear():\n\nntfs_evict_inode(inode)\n  ni_write_inode(inode, ...)\n    ni = ntfs_i(inode);\n    is_rec_inuse(ni-\u003emi.mrec) -\u003e Add a NULL check by previous commit\n  ni_clear(ntfs_i(inode))\n    is_rec_inuse(ni-\u003emi.mrec) -\u003e No check\n\nThus, a possible null-pointer dereference may exist in ni_clear().\nTo fix it, a NULL check is added in this function."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T11:37:11.539Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/20f9bfc664d6a478f9a5bbc0c380f80f7a1a06c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/39c6312009574ca73865354133ca222e7753a71b"
        },
        {
          "url": "https://git.kernel.org/stable/c/e7675f85a92233136c630000a0b7cf97826705da"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec275bf9693d19cc0fdce8436f4c425ced86f6e7"
        }
      ],
      "title": "fs/ntfs3: Fix a possible null-pointer dereference in ni_clear()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54272",
    "datePublished": "2025-12-30T12:16:02.335Z",
    "dateReserved": "2025-12-30T12:06:44.522Z",
    "dateUpdated": "2026-01-05T11:37:11.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/include/asm/lppaca.h",
            "arch/powerpc/platforms/pseries/lpar.c",
            "arch/powerpc/platforms/pseries/lparcfg.c",
            "arch/powerpc/platforms/pseries/setup.c",
            "drivers/cpuidle/cpuidle-pseries.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "953c54dfdc5d3eb7243ed902b50acb5ea1db4355",
              "status": "affected",
              "version": "f13c13a005127b5dc5daaca190277a062d946e63",
              "versionType": "git"
            },
            {
              "lessThan": "2935443dc9c28499223d8c881474259e4b998f2a",
              "status": "affected",
              "version": "f13c13a005127b5dc5daaca190277a062d946e63",
              "versionType": "git"
            },
            {
              "lessThan": "4c8568cf4c45b415854195c8832b557cdefba57a",
              "status": "affected",
              "version": "f13c13a005127b5dc5daaca190277a062d946e63",
              "versionType": "git"
            },
            {
              "lessThan": "3c5e8e666794d7dde6d14ea846c6c04f2bb34900",
              "status": "affected",
              "version": "f13c13a005127b5dc5daaca190277a062d946e63",
              "versionType": "git"
            },
            {
              "lessThan": "f45ee5c074013a0fbfce77a5af5efddb01f5d4f4",
              "status": "affected",
              "version": "f13c13a005127b5dc5daaca190277a062d946e63",
              "versionType": "git"
            },
            {
              "lessThan": "eac030b22ea12cdfcbb2e941c21c03964403c63f",
              "status": "affected",
              "version": "f13c13a005127b5dc5daaca190277a062d946e63",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/include/asm/lppaca.h",
            "arch/powerpc/platforms/pseries/lpar.c",
            "arch/powerpc/platforms/pseries/lparcfg.c",
            "arch/powerpc/platforms/pseries/setup.c",
            "drivers/cpuidle/cpuidle-pseries.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.12"
            },
            {
              "lessThan": "3.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.195",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.132",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.195",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.132",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.53",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.16",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.3",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "3.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT\n\nlppaca_shared_proc() takes a pointer to the lppaca which is typically\naccessed through get_lppaca().  With DEBUG_PREEMPT enabled, this leads\nto checking if preemption is enabled, for example:\n\n  BUG: using smp_processor_id() in preemptible [00000000] code: grep/10693\n  caller is lparcfg_data+0x408/0x19a0\n  CPU: 4 PID: 10693 Comm: grep Not tainted 6.5.0-rc3 #2\n  Call Trace:\n    dump_stack_lvl+0x154/0x200 (unreliable)\n    check_preemption_disabled+0x214/0x220\n    lparcfg_data+0x408/0x19a0\n    ...\n\nThis isn\u0027t actually a problem however, as it does not matter which\nlppaca is accessed, the shared proc state will be the same.\nvcpudispatch_stats_procfs_init() already works around this by disabling\npreemption, but the lparcfg code does not, erroring any time\n/proc/powerpc/lparcfg is accessed with DEBUG_PREEMPT enabled.\n\nInstead of disabling preemption on the caller side, rework\nlppaca_shared_proc() to not take a pointer and instead directly access\nthe lppaca, bypassing any potential preemption checks.\n\n[mpe: Rework to avoid needing a definition in paca.h and lppaca.h]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:15:58.914Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/953c54dfdc5d3eb7243ed902b50acb5ea1db4355"
        },
        {
          "url": "https://git.kernel.org/stable/c/2935443dc9c28499223d8c881474259e4b998f2a"
        },
        {
          "url": "https://git.kernel.org/stable/c/4c8568cf4c45b415854195c8832b557cdefba57a"
        },
        {
          "url": "https://git.kernel.org/stable/c/3c5e8e666794d7dde6d14ea846c6c04f2bb34900"
        },
        {
          "url": "https://git.kernel.org/stable/c/f45ee5c074013a0fbfce77a5af5efddb01f5d4f4"
        },
        {
          "url": "https://git.kernel.org/stable/c/eac030b22ea12cdfcbb2e941c21c03964403c63f"
        }
      ],
      "title": "powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54267",
    "datePublished": "2025-12-30T12:15:58.914Z",
    "dateReserved": "2025-12-30T12:06:44.518Z",
    "dateUpdated": "2025-12-30T12:15:58.914Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/arm64/include/asm/exception.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c71d6934c6ac40a97146a410e0320768c7b1bb3c",
              "status": "affected",
              "version": "9a5ad7d0e3e1c6c0c11df89fbc5376f8aaf7a90f",
              "versionType": "git"
            },
            {
              "lessThan": "0bd309f22663f3ee749bea0b6d70642c31a1c0a5",
              "status": "affected",
              "version": "9a5ad7d0e3e1c6c0c11df89fbc5376f8aaf7a90f",
              "versionType": "git"
            },
            {
              "lessThan": "d3b219e504fc5c5a25fa7c04c8589ff34baef9a8",
              "status": "affected",
              "version": "9a5ad7d0e3e1c6c0c11df89fbc5376f8aaf7a90f",
              "versionType": "git"
            },
            {
              "lessThan": "f6794950f0e5ba37e3bbedda4d6ab0aad7395dd3",
              "status": "affected",
              "version": "9a5ad7d0e3e1c6c0c11df89fbc5376f8aaf7a90f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/arm64/include/asm/exception.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "lessThan": "4.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.188",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.150",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.188",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.150",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.7",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: set __exception_irq_entry with __irq_entry as a default\n\nfilter_irq_stacks() is supposed to cut entries which are related irq entries\nfrom its call stack.\nAnd in_irqentry_text() which is called by filter_irq_stacks()\nuses __irqentry_text_start/end symbol to find irq entries in callstack.\n\nBut it doesn\u0027t work correctly as without \"CONFIG_FUNCTION_GRAPH_TRACER\",\narm64 kernel doesn\u0027t include gic_handle_irq which is entry point of arm64 irq\nbetween __irqentry_text_start and __irqentry_text_end as we discussed in below link.\nhttps://lore.kernel.org/all/CACT4Y+aReMGLYua2rCLHgFpS9io5cZC04Q8GLs-uNmrn1ezxYQ@mail.gmail.com/#t\n\nThis problem can makes unintentional deep call stack entries especially\nin KASAN enabled situation as below.\n\n[ 2479.383395]I[0:launcher-loader: 1719] Stack depot reached limit capacity\n[ 2479.383538]I[0:launcher-loader: 1719] WARNING: CPU: 0 PID: 1719 at lib/stackdepot.c:129 __stack_depot_save+0x464/0x46c\n[ 2479.385693]I[0:launcher-loader: 1719] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--)\n[ 2479.385724]I[0:launcher-loader: 1719] pc : __stack_depot_save+0x464/0x46c\n[ 2479.385751]I[0:launcher-loader: 1719] lr : __stack_depot_save+0x460/0x46c\n[ 2479.385774]I[0:launcher-loader: 1719] sp : ffffffc0080073c0\n[ 2479.385793]I[0:launcher-loader: 1719] x29: ffffffc0080073e0 x28: ffffffd00b78a000 x27: 0000000000000000\n[ 2479.385839]I[0:launcher-loader: 1719] x26: 000000000004d1dd x25: ffffff891474f000 x24: 00000000ca64d1dd\n[ 2479.385882]I[0:launcher-loader: 1719] x23: 0000000000000200 x22: 0000000000000220 x21: 0000000000000040\n[ 2479.385925]I[0:launcher-loader: 1719] x20: ffffffc008007440 x19: 0000000000000000 x18: 0000000000000000\n[ 2479.385969]I[0:launcher-loader: 1719] x17: 2065726568207475 x16: 000000000000005e x15: 2d2d2d2d2d2d2d20\n[ 2479.386013]I[0:launcher-loader: 1719] x14: 5d39313731203a72 x13: 00000000002f6b30 x12: 00000000002f6af8\n[ 2479.386057]I[0:launcher-loader: 1719] x11: 00000000ffffffff x10: ffffffb90aacf000 x9 : e8a74a6c16008800\n[ 2479.386101]I[0:launcher-loader: 1719] x8 : e8a74a6c16008800 x7 : 00000000002f6b30 x6 : 00000000002f6af8\n[ 2479.386145]I[0:launcher-loader: 1719] x5 : ffffffc0080070c8 x4 : ffffffd00b192380 x3 : ffffffd0092b313c\n[ 2479.386189]I[0:launcher-loader: 1719] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000022\n[ 2479.386231]I[0:launcher-loader: 1719] Call trace:\n[ 2479.386248]I[0:launcher-loader: 1719]  __stack_depot_save+0x464/0x46c\n[ 2479.386273]I[0:launcher-loader: 1719]  kasan_save_stack+0x58/0x70\n[ 2479.386303]I[0:launcher-loader: 1719]  save_stack_info+0x34/0x138\n[ 2479.386331]I[0:launcher-loader: 1719]  kasan_save_free_info+0x18/0x24\n[ 2479.386358]I[0:launcher-loader: 1719]  ____kasan_slab_free+0x16c/0x170\n[ 2479.386385]I[0:launcher-loader: 1719]  __kasan_slab_free+0x10/0x20\n[ 2479.386410]I[0:launcher-loader: 1719]  kmem_cache_free+0x238/0x53c\n[ 2479.386435]I[0:launcher-loader: 1719]  mempool_free_slab+0x1c/0x28\n[ 2479.386460]I[0:launcher-loader: 1719]  mempool_free+0x7c/0x1a0\n[ 2479.386484]I[0:launcher-loader: 1719]  bvec_free+0x34/0x80\n[ 2479.386514]I[0:launcher-loader: 1719]  bio_free+0x60/0x98\n[ 2479.386540]I[0:launcher-loader: 1719]  bio_put+0x50/0x21c\n[ 2479.386567]I[0:launcher-loader: 1719]  f2fs_write_end_io+0x4ac/0x4d0\n[ 2479.386594]I[0:launcher-loader: 1719]  bio_endio+0x2dc/0x300\n[ 2479.386622]I[0:launcher-loader: 1719]  __dm_io_complete+0x324/0x37c\n[ 2479.386650]I[0:launcher-loader: 1719]  dm_io_dec_pending+0x60/0xa4\n[ 2479.386676]I[0:launcher-loader: 1719]  clone_endio+0xf8/0x2f0\n[ 2479.386700]I[0:launcher-loader: 1719]  bio_endio+0x2dc/0x300\n[ 2479.386727]I[0:launcher-loader: 1719]  blk_update_request+0x258/0x63c\n[ 2479.386754]I[0:launcher-loader: 1719]  scsi_end_request+0x50/0x304\n[ 2479.386782]I[0:launcher-loader: 1719]  scsi_io_completion+0x88/0x160\n[ 2479.386808]I[0:launcher-loader: 1719]  scsi_finish_command+0x17c/0x194\n[ 2479.386833]I\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T11:37:26.117Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c71d6934c6ac40a97146a410e0320768c7b1bb3c"
        },
        {
          "url": "https://git.kernel.org/stable/c/0bd309f22663f3ee749bea0b6d70642c31a1c0a5"
        },
        {
          "url": "https://git.kernel.org/stable/c/d3b219e504fc5c5a25fa7c04c8589ff34baef9a8"
        },
        {
          "url": "https://git.kernel.org/stable/c/f6794950f0e5ba37e3bbedda4d6ab0aad7395dd3"
        }
      ],
      "title": "arm64: set __exception_irq_entry with __irq_entry as a default",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54322",
    "datePublished": "2025-12-30T12:34:15.446Z",
    "dateReserved": "2025-12-30T12:28:53.860Z",
    "dateUpdated": "2026-01-05T11:37:26.117Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/trace/bpf_trace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3048cb0dc0cc9dc74ed93690dffef00733bcad5b",
              "status": "affected",
              "version": "2a916f2f546ca1c1e3323e2a4269307f6d9890eb",
              "versionType": "git"
            },
            {
              "lessThan": "c81bdf8f9f2b002d217c3d5357cdea9f2b82ff90",
              "status": "affected",
              "version": "2a916f2f546ca1c1e3323e2a4269307f6d9890eb",
              "versionType": "git"
            },
            {
              "lessThan": "36dd8ca330b76585640ed32255a3c99f901e1502",
              "status": "affected",
              "version": "2a916f2f546ca1c1e3323e2a4269307f6d9890eb",
              "versionType": "git"
            },
            {
              "lessThan": "063c9ce8e74e07bf94f99cd13146f42867875e8b",
              "status": "affected",
              "version": "2a916f2f546ca1c1e3323e2a4269307f6d9890eb",
              "versionType": "git"
            },
            {
              "lessThan": "d62cc390c2e99ae267ffe4b8d7e2e08b6c758c32",
              "status": "affected",
              "version": "2a916f2f546ca1c1e3323e2a4269307f6d9890eb",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/trace/bpf_trace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.190",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.126",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.45",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.190",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.126",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.45",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.10",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Disable preemption in bpf_event_output\n\nWe received report [1] of kernel crash, which is caused by\nusing nesting protection without disabled preemption.\n\nThe bpf_event_output can be called by programs executed by\nbpf_prog_run_array_cg function that disabled migration but\nkeeps preemption enabled.\n\nThis can cause task to be preempted by another one inside the\nnesting protection and lead eventually to two tasks using same\nperf_sample_data buffer and cause crashes like:\n\n  BUG: kernel NULL pointer dereference, address: 0000000000000001\n  #PF: supervisor instruction fetch in kernel mode\n  #PF: error_code(0x0010) - not-present page\n  ...\n  ? perf_output_sample+0x12a/0x9a0\n  ? finish_task_switch.isra.0+0x81/0x280\n  ? perf_event_output+0x66/0xa0\n  ? bpf_event_output+0x13a/0x190\n  ? bpf_event_output_data+0x22/0x40\n  ? bpf_prog_dfc84bbde731b257_cil_sock4_connect+0x40a/0xacb\n  ? xa_load+0x87/0xe0\n  ? __cgroup_bpf_run_filter_sock_addr+0xc1/0x1a0\n  ? release_sock+0x3e/0x90\n  ? sk_setsockopt+0x1a1/0x12f0\n  ? udp_pre_connect+0x36/0x50\n  ? inet_dgram_connect+0x93/0xa0\n  ? __sys_connect+0xb4/0xe0\n  ? udp_setsockopt+0x27/0x40\n  ? __pfx_udp_push_pending_frames+0x10/0x10\n  ? __sys_setsockopt+0xdf/0x1a0\n  ? __x64_sys_connect+0xf/0x20\n  ? do_syscall_64+0x3a/0x90\n  ? entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\nFixing this by disabling preemption in bpf_event_output.\n\n[1] https://github.com/cilium/cilium/issues/26756"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:08:46.842Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3048cb0dc0cc9dc74ed93690dffef00733bcad5b"
        },
        {
          "url": "https://git.kernel.org/stable/c/c81bdf8f9f2b002d217c3d5357cdea9f2b82ff90"
        },
        {
          "url": "https://git.kernel.org/stable/c/36dd8ca330b76585640ed32255a3c99f901e1502"
        },
        {
          "url": "https://git.kernel.org/stable/c/063c9ce8e74e07bf94f99cd13146f42867875e8b"
        },
        {
          "url": "https://git.kernel.org/stable/c/d62cc390c2e99ae267ffe4b8d7e2e08b6c758c32"
        }
      ],
      "title": "bpf: Disable preemption in bpf_event_output",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54173",
    "datePublished": "2025-12-30T12:08:46.842Z",
    "dateReserved": "2025-12-30T12:06:44.496Z",
    "dateUpdated": "2025-12-30T12:08:46.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/syscall.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "82b39df5ddb298daaf6dc504032ff7eb027fa106",
              "status": "affected",
              "version": "69fd337a975c7e690dfe49d9cb4fe5ba1e6db44e",
              "versionType": "git"
            },
            {
              "lessThan": "6a1504dd36cd9a0a69250d61da8bdb17b29f1fe8",
              "status": "affected",
              "version": "69fd337a975c7e690dfe49d9cb4fe5ba1e6db44e",
              "versionType": "git"
            },
            {
              "lessThan": "e89f3edffb860a0f54a9ed16deadb7a4a1fa3862",
              "status": "affected",
              "version": "69fd337a975c7e690dfe49d9cb4fe5ba1e6db44e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/syscall.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.16",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.2",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: prevent leak of lsm program after failed attach\n\nIn [0], we added the ability to bpf_prog_attach LSM programs to cgroups,\nbut in our validation to make sure the prog is meant to be attached to\nBPF_LSM_CGROUP, we return too early if the check fails. This results in\nlack of decrementing prog\u0027s refcnt (through bpf_prog_put)\nleaving the LSM program alive past the point of the expected lifecycle.\nThis fix allows for the decrement to take place.\n\n[0] https://lore.kernel.org/all/20220628174314.1216643-4-sdf@google.com/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:15:30.481Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/82b39df5ddb298daaf6dc504032ff7eb027fa106"
        },
        {
          "url": "https://git.kernel.org/stable/c/6a1504dd36cd9a0a69250d61da8bdb17b29f1fe8"
        },
        {
          "url": "https://git.kernel.org/stable/c/e89f3edffb860a0f54a9ed16deadb7a4a1fa3862"
        }
      ],
      "title": "bpf: prevent leak of lsm program after failed attach",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50855",
    "datePublished": "2025-12-30T12:15:30.481Z",
    "dateReserved": "2025-12-30T12:06:07.135Z",
    "dateUpdated": "2025-12-30T12:15:30.481Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/dvb-usb/m920x.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "809623fedc31f4e74039d93bb75a8993635d7534",
              "status": "affected",
              "version": "82ce3084892c0c0e006ec61f6144f2cc4e5ece88",
              "versionType": "git"
            },
            {
              "lessThan": "c0178e938f110cdf6937f26975c0c951dbb1d9db",
              "status": "affected",
              "version": "7dca4428d7eb33c89979e620228fe557593fde66",
              "versionType": "git"
            },
            {
              "lessThan": "75d6ef197c488cd852493b4a419274e3489da79d",
              "status": "affected",
              "version": "fe791612afabaeee9b911bd7b955985bcf5ff314",
              "versionType": "git"
            },
            {
              "lessThan": "d13a84874a2e0236c9325b3adc8e126d0888ad6b",
              "status": "affected",
              "version": "830e5d1b4344c2575020ee4bdf63fb48e2b56ce3",
              "versionType": "git"
            },
            {
              "lessThan": "7ca7cd02114ac8caa6b0a64734b9af6be1559353",
              "status": "affected",
              "version": "0c044e39d52abfbb4cb43dbc5a09c1dc1ed24648",
              "versionType": "git"
            },
            {
              "lessThan": "2b6e20ef0585a467c24c7e4fde28518e5b33225a",
              "status": "affected",
              "version": "a2ab06d7c4d6bfd0b545a768247a70463e977e27",
              "versionType": "git"
            },
            {
              "lessThan": "4feed3dfca722c6d74865a37cab853c58e6aa190",
              "status": "affected",
              "version": "a2ab06d7c4d6bfd0b545a768247a70463e977e27",
              "versionType": "git"
            },
            {
              "lessThan": "2cc9f11aeae2887a4db25c27323fc445f4b49e86",
              "status": "affected",
              "version": "a2ab06d7c4d6bfd0b545a768247a70463e977e27",
              "versionType": "git"
            },
            {
              "lessThan": "ea9ef6c2e001c5dc94bee35ebd1c8a98621cf7b8",
              "status": "affected",
              "version": "a2ab06d7c4d6bfd0b545a768247a70463e977e27",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "08cb4f0da9926277101d18d817048e1328ac2563",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "273cac7a89712ba6b898214af150b71dc33abe0c",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "b7e221dc8f23727e00a7fb6709b3318547a7c4d8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/dvb-usb/m920x.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.17"
            },
            {
              "lessThan": "5.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.326",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.295",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.257",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.195",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.132",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.326",
                  "versionStartIncluding": "4.14.263",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.295",
                  "versionStartIncluding": "4.19.226",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.257",
                  "versionStartIncluding": "5.4.174",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.195",
                  "versionStartIncluding": "5.10.94",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.132",
                  "versionStartIncluding": "5.15.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.53",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.16",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.3",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "5.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.4.300",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.9.298",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.16.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()\n\n\u0027read\u0027 is freed when it is known to be NULL, but not when a read error\noccurs.\n\nRevert the logic to avoid a small leak, should a m920x_read() call fail."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:15:58.235Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/809623fedc31f4e74039d93bb75a8993635d7534"
        },
        {
          "url": "https://git.kernel.org/stable/c/c0178e938f110cdf6937f26975c0c951dbb1d9db"
        },
        {
          "url": "https://git.kernel.org/stable/c/75d6ef197c488cd852493b4a419274e3489da79d"
        },
        {
          "url": "https://git.kernel.org/stable/c/d13a84874a2e0236c9325b3adc8e126d0888ad6b"
        },
        {
          "url": "https://git.kernel.org/stable/c/7ca7cd02114ac8caa6b0a64734b9af6be1559353"
        },
        {
          "url": "https://git.kernel.org/stable/c/2b6e20ef0585a467c24c7e4fde28518e5b33225a"
        },
        {
          "url": "https://git.kernel.org/stable/c/4feed3dfca722c6d74865a37cab853c58e6aa190"
        },
        {
          "url": "https://git.kernel.org/stable/c/2cc9f11aeae2887a4db25c27323fc445f4b49e86"
        },
        {
          "url": "https://git.kernel.org/stable/c/ea9ef6c2e001c5dc94bee35ebd1c8a98621cf7b8"
        }
      ],
      "title": "media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54266",
    "datePublished": "2025-12-30T12:15:58.235Z",
    "dateReserved": "2025-12-30T12:06:44.518Z",
    "dateUpdated": "2025-12-30T12:15:58.235Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "block/blk-mq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c0ef7493e68b8896806a2f598fcffbaa97333405",
              "status": "affected",
              "version": "a846a8e6c9a5949582c5a6a8bbc83a7d27fd891e",
              "versionType": "git"
            },
            {
              "lessThan": "e1dd7bc93029024af5688253b0c05181d6e01f8e",
              "status": "affected",
              "version": "a846a8e6c9a5949582c5a6a8bbc83a7d27fd891e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "block/blk-mq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.16"
            },
            {
              "lessThan": "5.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.5",
                  "versionStartIncluding": "5.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "5.16",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix tags leak when shrink nr_hw_queues\n\nAlthough we don\u0027t need to realloc set-\u003etags[] when shrink nr_hw_queues,\nwe need to free them. Or these tags will be leaked.\n\nHow to reproduce:\n1. mount -t configfs configfs /mnt\n2. modprobe null_blk nr_devices=0 submit_queues=8\n3. mkdir /mnt/nullb/nullb0\n4. echo 1 \u003e /mnt/nullb/nullb0/power\n5. echo 4 \u003e /mnt/nullb/nullb0/submit_queues\n6. rmdir /mnt/nullb/nullb0\n\nIn step 4, will alloc 9 tags (8 submit queues and 1 poll queue), then\nin step 5, new_nr_hw_queues = 5 (4 submit queues and 1 poll queue).\nAt last in step 6, only these 5 tags are freed, the other 4 tags leaked."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T11:36:53.997Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c0ef7493e68b8896806a2f598fcffbaa97333405"
        },
        {
          "url": "https://git.kernel.org/stable/c/e1dd7bc93029024af5688253b0c05181d6e01f8e"
        }
      ],
      "title": "blk-mq: fix tags leak when shrink nr_hw_queues",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54227",
    "datePublished": "2025-12-30T12:11:20.207Z",
    "dateReserved": "2025-12-30T12:06:44.502Z",
    "dateUpdated": "2026-01-05T11:36:53.997Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/misc/pci_endpoint_test.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "fb7f8bdb886f2ebf35ee5edaf2bf5f02b063ddb7",
              "status": "affected",
              "version": "e03327122e2c8e6ae4565ef5b3d3cbe4364546a1",
              "versionType": "git"
            },
            {
              "lessThan": "dd2210379205fcd23a9d8869b0cef90e3770577c",
              "status": "affected",
              "version": "e03327122e2c8e6ae4565ef5b3d3cbe4364546a1",
              "versionType": "git"
            },
            {
              "lessThan": "cdf9a7e2cdc7a5464e3cc6d0b715ba2b1d215521",
              "status": "affected",
              "version": "e03327122e2c8e6ae4565ef5b3d3cbe4364546a1",
              "versionType": "git"
            },
            {
              "lessThan": "14bdee38e96c7d37ca15e7bea50411eee25fe315",
              "status": "affected",
              "version": "e03327122e2c8e6ae4565ef5b3d3cbe4364546a1",
              "versionType": "git"
            },
            {
              "lessThan": "c2dba13bc0c62b79a3cbe4bfe5faa32231bf9b55",
              "status": "affected",
              "version": "e03327122e2c8e6ae4565ef5b3d3cbe4364546a1",
              "versionType": "git"
            },
            {
              "lessThan": "38d12bcf4e2ce3d285eb29644a79a54f42040fab",
              "status": "affected",
              "version": "e03327122e2c8e6ae4565ef5b3d3cbe4364546a1",
              "versionType": "git"
            },
            {
              "lessThan": "f61b7634a3249d12b9daa36ffbdb9965b6f24c6c",
              "status": "affected",
              "version": "e03327122e2c8e6ae4565ef5b3d3cbe4364546a1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/misc/pci_endpoint_test.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.19"
            },
            {
              "lessThan": "4.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.291",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.251",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.188",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.121",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.40",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.291",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.251",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.188",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.121",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.40",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.5",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "4.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Free IRQs before removing the device\n\nIn pci_endpoint_test_remove(), freeing the IRQs after removing the device\ncreates a small race window for IRQs to be received with the test device\nmemory already released, causing the IRQ handler to access invalid memory,\nresulting in an oops.\n\nFree the device IRQs before removing the device to avoid this issue."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:37:09.698Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/fb7f8bdb886f2ebf35ee5edaf2bf5f02b063ddb7"
        },
        {
          "url": "https://git.kernel.org/stable/c/dd2210379205fcd23a9d8869b0cef90e3770577c"
        },
        {
          "url": "https://git.kernel.org/stable/c/cdf9a7e2cdc7a5464e3cc6d0b715ba2b1d215521"
        },
        {
          "url": "https://git.kernel.org/stable/c/14bdee38e96c7d37ca15e7bea50411eee25fe315"
        },
        {
          "url": "https://git.kernel.org/stable/c/c2dba13bc0c62b79a3cbe4bfe5faa32231bf9b55"
        },
        {
          "url": "https://git.kernel.org/stable/c/38d12bcf4e2ce3d285eb29644a79a54f42040fab"
        },
        {
          "url": "https://git.kernel.org/stable/c/f61b7634a3249d12b9daa36ffbdb9965b6f24c6c"
        }
      ],
      "title": "misc: pci_endpoint_test: Free IRQs before removing the device",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54326",
    "datePublished": "2025-12-30T12:37:09.698Z",
    "dateReserved": "2025-12-30T12:35:56.209Z",
    "dateUpdated": "2025-12-30T12:37:09.698Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/broadcom/bcm4908_enet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c9589e18a60c55c76772a38117ef9a16b942e56b",
              "status": "affected",
              "version": "4feffeadbcb2e5b11cbbf191a33c245b74a5837b",
              "versionType": "git"
            },
            {
              "lessThan": "2adedc80faec243ede55355e57142110d6f46e08",
              "status": "affected",
              "version": "4feffeadbcb2e5b11cbbf191a33c245b74a5837b",
              "versionType": "git"
            },
            {
              "lessThan": "ef3556ee16c68735ec69bd08df41d1cd83b14ad3",
              "status": "affected",
              "version": "4feffeadbcb2e5b11cbbf191a33c245b74a5837b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/broadcom/bcm4908_enet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.77",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.7",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: broadcom: bcm4908_enet: update TX stats after actual transmission\n\nQueueing packets doesn\u0027t guarantee their transmission. Update TX stats\nafter hardware confirms consuming submitted data.\n\nThis also fixes a possible race and NULL dereference.\nbcm4908_enet_start_xmit() could try to access skb after freeing it in\nthe bcm4908_enet_poll_tx()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:17.466Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c9589e18a60c55c76772a38117ef9a16b942e56b"
        },
        {
          "url": "https://git.kernel.org/stable/c/2adedc80faec243ede55355e57142110d6f46e08"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef3556ee16c68735ec69bd08df41d1cd83b14ad3"
        }
      ],
      "title": "net: broadcom: bcm4908_enet: update TX stats after actual transmission",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50877",
    "datePublished": "2025-12-30T12:23:17.466Z",
    "dateReserved": "2025-12-30T12:06:07.137Z",
    "dateUpdated": "2025-12-30T12:23:17.466Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "sound/soc/codecs/lpass-tx-macro.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "da35a4e6eee5d73886312e85322a6e97df901987",
              "status": "affected",
              "version": "d207bdea0ca9efde321ff142e9b9f2ef73f9cdf5",
              "versionType": "git"
            },
            {
              "lessThan": "57f9a9a232bde7abfe49c3072b29a255da9ba891",
              "status": "affected",
              "version": "d207bdea0ca9efde321ff142e9b9f2ef73f9cdf5",
              "versionType": "git"
            },
            {
              "lessThan": "b0cd740a31412340fead50e69e4fe9bc3781c754",
              "status": "affected",
              "version": "d207bdea0ca9efde321ff142e9b9f2ef73f9cdf5",
              "versionType": "git"
            },
            {
              "lessThan": "e5e7e398f6bb7918dab0612eb6991f7bae95520d",
              "status": "affected",
              "version": "d207bdea0ca9efde321ff142e9b9f2ef73f9cdf5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "sound/soc/codecs/lpass-tx-macro.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.106",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.3",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.106",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.23",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.10",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds\n\nWhen we run syzkaller we get below Out of Bound.\n    \"KASAN: slab-out-of-bounds Read in regcache_flat_read\"\n\n    Below is the backtrace of the issue:\n\n    dump_backtrace+0x0/0x4c8\n    show_stack+0x34/0x44\n    dump_stack_lvl+0xd8/0x118\n    print_address_description+0x30/0x2d8\n    kasan_report+0x158/0x198\n    __asan_report_load4_noabort+0x44/0x50\n    regcache_flat_read+0x10c/0x110\n    regcache_read+0xf4/0x180\n    _regmap_read+0xc4/0x278\n    _regmap_update_bits+0x130/0x290\n    regmap_update_bits_base+0xc0/0x15c\n    snd_soc_component_update_bits+0xa8/0x22c\n    snd_soc_component_write_field+0x68/0xd4\n    tx_macro_digital_mute+0xec/0x140\n\n    Actually There is no need to have decimator with 32 bits.\n    By limiting the variable with short type u8 issue is resolved."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T11:37:01.001Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/da35a4e6eee5d73886312e85322a6e97df901987"
        },
        {
          "url": "https://git.kernel.org/stable/c/57f9a9a232bde7abfe49c3072b29a255da9ba891"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0cd740a31412340fead50e69e4fe9bc3781c754"
        },
        {
          "url": "https://git.kernel.org/stable/c/e5e7e398f6bb7918dab0612eb6991f7bae95520d"
        }
      ],
      "title": "ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54245",
    "datePublished": "2025-12-30T12:15:44.060Z",
    "dateReserved": "2025-12-30T12:06:44.513Z",
    "dateUpdated": "2026-01-05T11:37:01.001Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/tcp_ipv4.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9d04b4d0feee12bce6bfe37f30d8e953d3c30368",
              "status": "affected",
              "version": "c9c3321257e1b95be9b375f811fb250162af8d39",
              "versionType": "git"
            },
            {
              "lessThan": "4f23cb2be530785db284a685d1b1c30224d8a538",
              "status": "affected",
              "version": "c9c3321257e1b95be9b375f811fb250162af8d39",
              "versionType": "git"
            },
            {
              "lessThan": "a85d39f14aa8a71e29cfb5eb5de02878a8779898",
              "status": "affected",
              "version": "c9c3321257e1b95be9b375f811fb250162af8d39",
              "versionType": "git"
            },
            {
              "lessThan": "28addf029417d53b1df062b4c87feb7bc033cb5f",
              "status": "affected",
              "version": "c9c3321257e1b95be9b375f811fb250162af8d39",
              "versionType": "git"
            },
            {
              "lessThan": "ec791d8149ff60c40ad2074af3b92a39c916a03f",
              "status": "affected",
              "version": "c9c3321257e1b95be9b375f811fb250162af8d39",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/tcp_ipv4.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.9"
            },
            {
              "lessThan": "4.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.278",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.278",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.153",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.77",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.7",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix a signed-integer-overflow bug in tcp_add_backlog()\n\nThe type of sk_rcvbuf and sk_sndbuf in struct sock is int, and\nin tcp_add_backlog(), the variable limit is caculated by adding\nsk_rcvbuf, sk_sndbuf and 64 * 1024, it may exceed the max value\nof int and overflow. This patch reduces the limit budget by\nhalving the sndbuf to solve this issue since ACK packets are much\nsmaller than the payload."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:15:37.150Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9d04b4d0feee12bce6bfe37f30d8e953d3c30368"
        },
        {
          "url": "https://git.kernel.org/stable/c/4f23cb2be530785db284a685d1b1c30224d8a538"
        },
        {
          "url": "https://git.kernel.org/stable/c/a85d39f14aa8a71e29cfb5eb5de02878a8779898"
        },
        {
          "url": "https://git.kernel.org/stable/c/28addf029417d53b1df062b4c87feb7bc033cb5f"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec791d8149ff60c40ad2074af3b92a39c916a03f"
        }
      ],
      "title": "tcp: fix a signed-integer-overflow bug in tcp_add_backlog()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50865",
    "datePublished": "2025-12-30T12:15:37.150Z",
    "dateReserved": "2025-12-30T12:06:07.136Z",
    "dateUpdated": "2025-12-30T12:15:37.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/remoteproc/qcom_q6v5_wcss.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "098ebb9089c4eedea09333f912d105fa63377496",
              "status": "affected",
              "version": "0af65b9b915e52019aee91db3e1f8b39a7ec8d08",
              "versionType": "git"
            },
            {
              "lessThan": "3afa88ae9911b65702a3aca9d92ea23fe496e56f",
              "status": "affected",
              "version": "0af65b9b915e52019aee91db3e1f8b39a7ec8d08",
              "versionType": "git"
            },
            {
              "lessThan": "0903a87490a9ed456ac765a84dcc484c1ee42c32",
              "status": "affected",
              "version": "0af65b9b915e52019aee91db3e1f8b39a7ec8d08",
              "versionType": "git"
            },
            {
              "lessThan": "f360e2b275efbb745ba0af8b47d9ef44221be586",
              "status": "affected",
              "version": "0af65b9b915e52019aee91db3e1f8b39a7ec8d08",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/remoteproc/qcom_q6v5_wcss.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.86",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.86",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.16",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.2",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio()\n\nq6v5_wcss_init_mmio() will call platform_get_resource_byname() that may\nfail and return NULL. devm_ioremap() will use res-\u003estart as input, which\nmay causes null-ptr-deref. Check the ret value of\nplatform_get_resource_byname() to avoid the null-ptr-deref."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:37:06.269Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/098ebb9089c4eedea09333f912d105fa63377496"
        },
        {
          "url": "https://git.kernel.org/stable/c/3afa88ae9911b65702a3aca9d92ea23fe496e56f"
        },
        {
          "url": "https://git.kernel.org/stable/c/0903a87490a9ed456ac765a84dcc484c1ee42c32"
        },
        {
          "url": "https://git.kernel.org/stable/c/f360e2b275efbb745ba0af8b47d9ef44221be586"
        }
      ],
      "title": "remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50888",
    "datePublished": "2025-12-30T12:37:06.269Z",
    "dateReserved": "2025-12-30T12:35:41.595Z",
    "dateUpdated": "2025-12-30T12:37:06.269Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/pstore/ram_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1579bed1613802a323a1e14567faa95c149e105e",
              "status": "affected",
              "version": "404a6043385de17273624b076599669db5ad891f",
              "versionType": "git"
            },
            {
              "lessThan": "fdebcc33b663d2e8da937653ddfbfc1315047eaa",
              "status": "affected",
              "version": "404a6043385de17273624b076599669db5ad891f",
              "versionType": "git"
            },
            {
              "lessThan": "6d9460214e363e1f3d0756ee5d947e76e3e6f86c",
              "status": "affected",
              "version": "404a6043385de17273624b076599669db5ad891f",
              "versionType": "git"
            },
            {
              "lessThan": "4d3126f242a0090342ffe925c35fb4f4252b7562",
              "status": "affected",
              "version": "404a6043385de17273624b076599669db5ad891f",
              "versionType": "git"
            },
            {
              "lessThan": "295f59cd2cdeed841850d02dddde3a122cbf6fc6",
              "status": "affected",
              "version": "404a6043385de17273624b076599669db5ad891f",
              "versionType": "git"
            },
            {
              "lessThan": "ebc73c4f266281e2cad1a372ecd81572d95375b6",
              "status": "affected",
              "version": "404a6043385de17273624b076599669db5ad891f",
              "versionType": "git"
            },
            {
              "lessThan": "69dbff7d2681c55a4d979fd9b75576303e69979f",
              "status": "affected",
              "version": "404a6043385de17273624b076599669db5ad891f",
              "versionType": "git"
            },
            {
              "lessThan": "2f82381d0681b10f9ddd27be98c27363b5a3cd1c",
              "status": "affected",
              "version": "404a6043385de17273624b076599669db5ad891f",
              "versionType": "git"
            },
            {
              "lessThan": "e6b842741b4f39007215fd7e545cb55aa3d358a2",
              "status": "affected",
              "version": "404a6043385de17273624b076599669db5ad891f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/pstore/ram_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.4"
            },
            {
              "lessThan": "3.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.337",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.303",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.270",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.229",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.163",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.86",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.337",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.303",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.270",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.229",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.163",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.86",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.16",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.2",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "3.4",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore: Avoid kcore oops by vmap()ing with VM_IOREMAP\n\nAn oops can be induced by running \u0027cat /proc/kcore \u003e /dev/null\u0027 on\ndevices using pstore with the ram backend because kmap_atomic() assumes\nlowmem pages are accessible with __va().\n\n Unable to handle kernel paging request at virtual address ffffff807ff2b000\n Mem abort info:\n ESR = 0x96000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\n swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000081d87000\n [ffffff807ff2b000] pgd=180000017fe18003, p4d=180000017fe18003, pud=180000017fe18003, pmd=0000000000000000\n Internal error: Oops: 96000006 [#1] PREEMPT SMP\n Modules linked in: dm_integrity\n CPU: 7 PID: 21179 Comm: perf Not tainted 5.15.67-10882-ge4eb2eb988cd #1 baa443fb8e8477896a370b31a821eb2009f9bfba\n Hardware name: Google Lazor (rev3 - 8) (DT)\n pstate: a0400009 (NzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __memcpy+0x110/0x260\n lr : vread+0x194/0x294\n sp : ffffffc013ee39d0\n x29: ffffffc013ee39f0 x28: 0000000000001000 x27: ffffff807ff2b000\n x26: 0000000000001000 x25: ffffffc0085a2000 x24: ffffff802d4b3000\n x23: ffffff80f8a60000 x22: ffffff802d4b3000 x21: ffffffc0085a2000\n x20: ffffff8080b7bc68 x19: 0000000000001000 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: ffffffd3073f2e60\n x14: ffffffffad588000 x13: 0000000000000000 x12: 0000000000000001\n x11: 00000000000001a2 x10: 00680000fff2bf0b x9 : 03fffffff807ff2b\n x8 : 0000000000000001 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : ffffff802d4b4000 x4 : ffffff807ff2c000 x3 : ffffffc013ee3a78\n x2 : 0000000000001000 x1 : ffffff807ff2b000 x0 : ffffff802d4b3000\n Call trace:\n __memcpy+0x110/0x260\n read_kcore+0x584/0x778\n proc_reg_read+0xb4/0xe4\n\nDuring early boot, memblock reserves the pages for the ramoops reserved\nmemory node in DT that would otherwise be part of the direct lowmem\nmapping. Pstore\u0027s ram backend reuses those reserved pages to change the\nmemory type (writeback or non-cached) by passing the pages to vmap()\n(see pfn_to_page() usage in persistent_ram_vmap() for more details) with\nspecific flags. When read_kcore() starts iterating over the vmalloc\nregion, it runs over the virtual address that vmap() returned for\nramoops. In aligned_vread() the virtual address is passed to\nvmalloc_to_page() which returns the page struct for the reserved lowmem\narea. That lowmem page is passed to kmap_atomic(), which effectively\ncalls page_to_virt() that assumes a lowmem page struct must be directly\naccessible with __va() and friends. These pages are mapped via vmap()\nthough, and the lowmem mapping was never made, so accessing them via the\nlowmem virtual address oopses like above.\n\nLet\u0027s side-step this problem by passing VM_IOREMAP to vmap(). This will\ntell vread() to not include the ramoops region in the kcore. Instead the\narea will look like a bunch of zeros. The alternative is to teach kmap()\nabout vmalloc areas that intersect with lowmem. Presumably such a change\nisn\u0027t a one-liner, and there isn\u0027t much interest in inspecting the\nramoops region in kcore files anyway, so the most expedient route is\ntaken for now."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:15:26.431Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1579bed1613802a323a1e14567faa95c149e105e"
        },
        {
          "url": "https://git.kernel.org/stable/c/fdebcc33b663d2e8da937653ddfbfc1315047eaa"
        },
        {
          "url": "https://git.kernel.org/stable/c/6d9460214e363e1f3d0756ee5d947e76e3e6f86c"
        },
        {
          "url": "https://git.kernel.org/stable/c/4d3126f242a0090342ffe925c35fb4f4252b7562"
        },
        {
          "url": "https://git.kernel.org/stable/c/295f59cd2cdeed841850d02dddde3a122cbf6fc6"
        },
        {
          "url": "https://git.kernel.org/stable/c/ebc73c4f266281e2cad1a372ecd81572d95375b6"
        },
        {
          "url": "https://git.kernel.org/stable/c/69dbff7d2681c55a4d979fd9b75576303e69979f"
        },
        {
          "url": "https://git.kernel.org/stable/c/2f82381d0681b10f9ddd27be98c27363b5a3cd1c"
        },
        {
          "url": "https://git.kernel.org/stable/c/e6b842741b4f39007215fd7e545cb55aa3d358a2"
        }
      ],
      "title": "pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50849",
    "datePublished": "2025-12-30T12:15:26.431Z",
    "dateReserved": "2025-12-30T12:06:07.134Z",
    "dateUpdated": "2025-12-30T12:15:26.431Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/platforms/powernv/pci-sriov.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "07c19c0ad4b07f4b598da369714de028f6a6a323",
              "status": "affected",
              "version": "052da31d45fc71238ea8bed7e9a84648a1ee0bf3",
              "versionType": "git"
            },
            {
              "lessThan": "d3a0d96c16e5f8d55e2c70163abda3c7c8328106",
              "status": "affected",
              "version": "052da31d45fc71238ea8bed7e9a84648a1ee0bf3",
              "versionType": "git"
            },
            {
              "lessThan": "d9a1aaea856002cb58dfb7c8d8770400fa1a0299",
              "status": "affected",
              "version": "052da31d45fc71238ea8bed7e9a84648a1ee0bf3",
              "versionType": "git"
            },
            {
              "lessThan": "6314465b88072a6b6f3b3c12a7898abe09095f95",
              "status": "affected",
              "version": "052da31d45fc71238ea8bed7e9a84648a1ee0bf3",
              "versionType": "git"
            },
            {
              "lessThan": "72990144e17e5e2cb378f1d9b10530b85b9bc382",
              "status": "affected",
              "version": "052da31d45fc71238ea8bed7e9a84648a1ee0bf3",
              "versionType": "git"
            },
            {
              "lessThan": "f4f913c980bc6abe0ccfe88fe3909c125afe4a2d",
              "status": "affected",
              "version": "052da31d45fc71238ea8bed7e9a84648a1ee0bf3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/powerpc/platforms/powernv/pci-sriov.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.188",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.121",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.39",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.188",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.121",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.39",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.13",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.4",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv/sriov: perform null check on iov before dereferencing iov\n\nCurrently pointer iov is being dereferenced before the null check of iov\nwhich can lead to null pointer dereference errors. Fix this by moving the\niov null check before the dereferencing.\n\nDetected using cppcheck static analysis:\nlinux/arch/powerpc/platforms/powernv/pci-sriov.c:597:12: warning: Either\nthe condition \u0027!iov\u0027 is redundant or there is possible null pointer\ndereference: iov. [nullPointerRedundantCheck]\n num_vfs = iov-\u003enum_vfs;\n           ^"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:45.858Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/07c19c0ad4b07f4b598da369714de028f6a6a323"
        },
        {
          "url": "https://git.kernel.org/stable/c/d3a0d96c16e5f8d55e2c70163abda3c7c8328106"
        },
        {
          "url": "https://git.kernel.org/stable/c/d9a1aaea856002cb58dfb7c8d8770400fa1a0299"
        },
        {
          "url": "https://git.kernel.org/stable/c/6314465b88072a6b6f3b3c12a7898abe09095f95"
        },
        {
          "url": "https://git.kernel.org/stable/c/72990144e17e5e2cb378f1d9b10530b85b9bc382"
        },
        {
          "url": "https://git.kernel.org/stable/c/f4f913c980bc6abe0ccfe88fe3909c125afe4a2d"
        }
      ],
      "title": "powerpc/powernv/sriov: perform null check on iov before dereferencing iov",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54315",
    "datePublished": "2025-12-30T12:23:45.858Z",
    "dateReserved": "2025-12-30T12:06:44.531Z",
    "dateUpdated": "2025-12-30T12:23:45.858Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "tools/objtool/check.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "418ef921cce2d7415fab7e3e93529227f239e4bb",
              "status": "affected",
              "version": "13810435b9a7014fb92eb715f77da488f3b65b99",
              "versionType": "git"
            },
            {
              "lessThan": "0af0e115ff59d638f45416a004cdd8edb38db40c",
              "status": "affected",
              "version": "13810435b9a7014fb92eb715f77da488f3b65b99",
              "versionType": "git"
            },
            {
              "lessThan": "23a249b1185cdd5bfb6971d1608ba49e589f2288",
              "status": "affected",
              "version": "13810435b9a7014fb92eb715f77da488f3b65b99",
              "versionType": "git"
            },
            {
              "lessThan": "38b9415abbd703438ebbc6fb74990bd0fbddc5b9",
              "status": "affected",
              "version": "13810435b9a7014fb92eb715f77da488f3b65b99",
              "versionType": "git"
            },
            {
              "lessThan": "fcee8a2d4db404a93e690d79e7273b6ef9d33575",
              "status": "affected",
              "version": "13810435b9a7014fb92eb715f77da488f3b65b99",
              "versionType": "git"
            },
            {
              "lessThan": "efb11fdb3e1a9f694fa12b70b21e69e55ec59c36",
              "status": "affected",
              "version": "13810435b9a7014fb92eb715f77da488f3b65b99",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "1f7f88aa4df593db34dd1d6345213f20888687fb",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "1bea53df12c47517b6e487e6fed34d0c05d42905",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "c6f589eed3b5a9b73b3be76a719917cc905bab0e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "tools/objtool/check.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.17"
            },
            {
              "lessThan": "4.17",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.229",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.163",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.87",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.17",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.229",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.163",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.87",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.17",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.3",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "4.17",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.9.106",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.14.48",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.16.14",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool: Fix SEGFAULT\n\nfind_insn() will return NULL in case of failure. Check insn in order\nto avoid a kernel Oops for NULL pointer dereference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-02T15:05:13.391Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/418ef921cce2d7415fab7e3e93529227f239e4bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/0af0e115ff59d638f45416a004cdd8edb38db40c"
        },
        {
          "url": "https://git.kernel.org/stable/c/23a249b1185cdd5bfb6971d1608ba49e589f2288"
        },
        {
          "url": "https://git.kernel.org/stable/c/38b9415abbd703438ebbc6fb74990bd0fbddc5b9"
        },
        {
          "url": "https://git.kernel.org/stable/c/fcee8a2d4db404a93e690d79e7273b6ef9d33575"
        },
        {
          "url": "https://git.kernel.org/stable/c/efb11fdb3e1a9f694fa12b70b21e69e55ec59c36"
        }
      ],
      "title": "objtool: Fix SEGFAULT",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50879",
    "datePublished": "2025-12-30T12:23:18.858Z",
    "dateReserved": "2025-12-30T12:06:07.137Z",
    "dateUpdated": "2026-01-02T15:05:13.391Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/verifier.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c96c67991aac6401b4c6996093bccb704bb2ea4b",
              "status": "affected",
              "version": "2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366",
              "versionType": "git"
            },
            {
              "lessThan": "5927f0172d2809d8fc09c1ba667280b0387e9f73",
              "status": "affected",
              "version": "2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366",
              "versionType": "git"
            },
            {
              "lessThan": "acfdc8b77016c8e648aadc283177546c88083dd3",
              "status": "affected",
              "version": "2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366",
              "versionType": "git"
            },
            {
              "lessThan": "d75e30dddf73449bc2d10bb8e2f1a2c446bc67a2",
              "status": "affected",
              "version": "2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/verifier.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.53",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.16",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.3",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix issue in verifying allow_ptr_leaks\n\nAfter we converted the capabilities of our networking-bpf program from\ncap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program\nfailed to start. Because it failed the bpf verifier, and the error log\nis \"R3 pointer comparison prohibited\".\n\nA simple reproducer as follows,\n\nSEC(\"cls-ingress\")\nint ingress(struct __sk_buff *skb)\n{\n\tstruct iphdr *iph = (void *)(long)skb-\u003edata + sizeof(struct ethhdr);\n\n\tif ((long)(iph + 1) \u003e (long)skb-\u003edata_end)\n\t\treturn TC_ACT_STOLEN;\n\treturn TC_ACT_OK;\n}\n\nPer discussion with Yonghong and Alexei [1], comparison of two packet\npointers is not a pointer leak. This patch fixes it.\n\nOur local kernel is 6.1.y and we expect this fix to be backported to\n6.1.y, so stable is CCed.\n\n[1]. https://lore.kernel.org/bpf/CAADnVQ+Nmspr7Si+pxWn8zkE7hX-7s93ugwC+94aXSy4uQ9vBg@mail.gmail.com/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T10:51:18.210Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c96c67991aac6401b4c6996093bccb704bb2ea4b"
        },
        {
          "url": "https://git.kernel.org/stable/c/5927f0172d2809d8fc09c1ba667280b0387e9f73"
        },
        {
          "url": "https://git.kernel.org/stable/c/acfdc8b77016c8e648aadc283177546c88083dd3"
        },
        {
          "url": "https://git.kernel.org/stable/c/d75e30dddf73449bc2d10bb8e2f1a2c446bc67a2"
        }
      ],
      "title": "bpf: Fix issue in verifying allow_ptr_leaks",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54181",
    "datePublished": "2025-12-30T12:08:52.376Z",
    "dateReserved": "2025-12-30T12:06:44.497Z",
    "dateUpdated": "2026-01-05T10:51:18.210Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/smc/smc_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d1c6c93c27a4bf48006ab16cd9b38d85559d7645",
              "status": "affected",
              "version": "1f90a05d9ff907c70456e7c9d7058372679a88c6",
              "versionType": "git"
            },
            {
              "lessThan": "06b4934ab2b534bb92935c7601852066ebb9eab8",
              "status": "affected",
              "version": "1f90a05d9ff907c70456e7c9d7058372679a88c6",
              "versionType": "git"
            },
            {
              "lessThan": "70c8d17007dc4a07156b7da44509527990e569b3",
              "status": "affected",
              "version": "1f90a05d9ff907c70456e7c9d7058372679a88c6",
              "versionType": "git"
            },
            {
              "lessThan": "b717463610a27fc0b58484cfead7a623d5913e61",
              "status": "affected",
              "version": "1f90a05d9ff907c70456e7c9d7058372679a88c6",
              "versionType": "git"
            },
            {
              "lessThan": "f5146e3ef0a9eea405874b36178c19a4863b8989",
              "status": "affected",
              "version": "1f90a05d9ff907c70456e7c9d7058372679a88c6",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/smc/smc_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.195",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.132",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.54",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.195",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.132",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.54",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.4",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add\n\nWhile doing smcr_port_add, there maybe linkgroup add into or delete\nfrom smc_lgr_list.list at the same time, which may result kernel crash.\nSo, use smc_lgr_list.lock to protect smc_lgr_list.list iterate in\nsmcr_port_add.\n\nThe crash calltrace show below:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0000 [#1] SMP NOPTI\nCPU: 0 PID: 559726 Comm: kworker/0:92 Kdump: loaded Tainted: G\nHardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 449e491 04/01/2014\nWorkqueue: events smc_ib_port_event_work [smc]\nRIP: 0010:smcr_port_add+0xa6/0xf0 [smc]\nRSP: 0000:ffffa5a2c8f67de0 EFLAGS: 00010297\nRAX: 0000000000000001 RBX: ffff9935e0650000 RCX: 0000000000000000\nRDX: 0000000000000010 RSI: ffff9935e0654290 RDI: ffff9935c8560000\nRBP: 0000000000000000 R08: 0000000000000000 R09: ffff9934c0401918\nR10: 0000000000000000 R11: ffffffffb4a5c278 R12: ffff99364029aae4\nR13: ffff99364029aa00 R14: 00000000ffffffed R15: ffff99364029ab08\nFS:  0000000000000000(0000) GS:ffff994380600000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 0000000f06a10003 CR4: 0000000002770ef0\nPKRU: 55555554\nCall Trace:\n smc_ib_port_event_work+0x18f/0x380 [smc]\n process_one_work+0x19b/0x340\n worker_thread+0x30/0x370\n ? process_one_work+0x340/0x340\n kthread+0x114/0x130\n ? __kthread_cancel_work+0x50/0x50\n ret_from_fork+0x1f/0x30"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:48.134Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d1c6c93c27a4bf48006ab16cd9b38d85559d7645"
        },
        {
          "url": "https://git.kernel.org/stable/c/06b4934ab2b534bb92935c7601852066ebb9eab8"
        },
        {
          "url": "https://git.kernel.org/stable/c/70c8d17007dc4a07156b7da44509527990e569b3"
        },
        {
          "url": "https://git.kernel.org/stable/c/b717463610a27fc0b58484cfead7a623d5913e61"
        },
        {
          "url": "https://git.kernel.org/stable/c/f5146e3ef0a9eea405874b36178c19a4863b8989"
        }
      ],
      "title": "net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54318",
    "datePublished": "2025-12-30T12:23:48.134Z",
    "dateReserved": "2025-12-30T12:06:44.531Z",
    "dateUpdated": "2025-12-30T12:23:48.134Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/ip6_output.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "165370522cc48127da564a08584a7391e6341908",
              "status": "affected",
              "version": "14878f75abd5bf1d38becb405801cd491ee215dc",
              "versionType": "git"
            },
            {
              "lessThan": "f394f690a30a5ec0413c62777a058eaf3d6e10d5",
              "status": "affected",
              "version": "14878f75abd5bf1d38becb405801cd491ee215dc",
              "versionType": "git"
            },
            {
              "lessThan": "0cf600ca1bdf1d52df977516ee6cee0cadb1f6b1",
              "status": "affected",
              "version": "14878f75abd5bf1d38becb405801cd491ee215dc",
              "versionType": "git"
            },
            {
              "lessThan": "605b056d63302ae84eb136e88d4df49124bd5e0d",
              "status": "affected",
              "version": "14878f75abd5bf1d38becb405801cd491ee215dc",
              "versionType": "git"
            },
            {
              "lessThan": "d65ff2fe877c471aa6e79efa7bd8ff66e147c317",
              "status": "affected",
              "version": "14878f75abd5bf1d38becb405801cd491ee215dc",
              "versionType": "git"
            },
            {
              "lessThan": "2c9cefc142c1dc2759e19a92d3b2b3715e985beb",
              "status": "affected",
              "version": "14878f75abd5bf1d38becb405801cd491ee215dc",
              "versionType": "git"
            },
            {
              "lessThan": "02ed5700f40445af02d1c97db25ffc2d04971d9f",
              "status": "affected",
              "version": "14878f75abd5bf1d38becb405801cd491ee215dc",
              "versionType": "git"
            },
            {
              "lessThan": "ea30388baebcce37fd594d425a65037ca35e59e8",
              "status": "affected",
              "version": "14878f75abd5bf1d38becb405801cd491ee215dc",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/ip6_output.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.24"
            },
            {
              "lessThan": "2.6.24",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.313",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.281",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.241",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.178",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.107",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.3",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.313",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.281",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.241",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.178",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.107",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.24",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.11",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix an uninit variable access bug in __ip6_make_skb()\n\nSyzbot reported a bug as following:\n\n=====================================================\nBUG: KMSAN: uninit-value in arch_atomic64_inc arch/x86/include/asm/atomic64_64.h:88 [inline]\nBUG: KMSAN: uninit-value in arch_atomic_long_inc include/linux/atomic/atomic-long.h:161 [inline]\nBUG: KMSAN: uninit-value in atomic_long_inc include/linux/atomic/atomic-instrumented.h:1429 [inline]\nBUG: KMSAN: uninit-value in __ip6_make_skb+0x2f37/0x30f0 net/ipv6/ip6_output.c:1956\n arch_atomic64_inc arch/x86/include/asm/atomic64_64.h:88 [inline]\n arch_atomic_long_inc include/linux/atomic/atomic-long.h:161 [inline]\n atomic_long_inc include/linux/atomic/atomic-instrumented.h:1429 [inline]\n __ip6_make_skb+0x2f37/0x30f0 net/ipv6/ip6_output.c:1956\n ip6_finish_skb include/net/ipv6.h:1122 [inline]\n ip6_push_pending_frames+0x10e/0x550 net/ipv6/ip6_output.c:1987\n rawv6_push_pending_frames+0xb12/0xb90 net/ipv6/raw.c:579\n rawv6_sendmsg+0x297e/0x2e60 net/ipv6/raw.c:922\n inet_sendmsg+0x101/0x180 net/ipv4/af_inet.c:827\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg net/socket.c:734 [inline]\n ____sys_sendmsg+0xa8e/0xe70 net/socket.c:2476\n ___sys_sendmsg+0x2a1/0x3f0 net/socket.c:2530\n __sys_sendmsg net/socket.c:2559 [inline]\n __do_sys_sendmsg net/socket.c:2568 [inline]\n __se_sys_sendmsg net/socket.c:2566 [inline]\n __x64_sys_sendmsg+0x367/0x540 net/socket.c:2566\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:766 [inline]\n slab_alloc_node mm/slub.c:3452 [inline]\n __kmem_cache_alloc_node+0x71f/0xce0 mm/slub.c:3491\n __do_kmalloc_node mm/slab_common.c:967 [inline]\n __kmalloc_node_track_caller+0x114/0x3b0 mm/slab_common.c:988\n kmalloc_reserve net/core/skbuff.c:492 [inline]\n __alloc_skb+0x3af/0x8f0 net/core/skbuff.c:565\n alloc_skb include/linux/skbuff.h:1270 [inline]\n __ip6_append_data+0x51c1/0x6bb0 net/ipv6/ip6_output.c:1684\n ip6_append_data+0x411/0x580 net/ipv6/ip6_output.c:1854\n rawv6_sendmsg+0x2882/0x2e60 net/ipv6/raw.c:915\n inet_sendmsg+0x101/0x180 net/ipv4/af_inet.c:827\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg net/socket.c:734 [inline]\n ____sys_sendmsg+0xa8e/0xe70 net/socket.c:2476\n ___sys_sendmsg+0x2a1/0x3f0 net/socket.c:2530\n __sys_sendmsg net/socket.c:2559 [inline]\n __do_sys_sendmsg net/socket.c:2568 [inline]\n __se_sys_sendmsg net/socket.c:2566 [inline]\n __x64_sys_sendmsg+0x367/0x540 net/socket.c:2566\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nIt is because icmp6hdr does not in skb linear region under the scenario\nof SOCK_RAW socket. Access icmp6_hdr(skb)-\u003eicmp6_type directly will\ntrigger the uninit variable access bug.\n\nUse a local variable icmp6_type to carry the correct value in different\nscenarios."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:15:57.557Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/165370522cc48127da564a08584a7391e6341908"
        },
        {
          "url": "https://git.kernel.org/stable/c/f394f690a30a5ec0413c62777a058eaf3d6e10d5"
        },
        {
          "url": "https://git.kernel.org/stable/c/0cf600ca1bdf1d52df977516ee6cee0cadb1f6b1"
        },
        {
          "url": "https://git.kernel.org/stable/c/605b056d63302ae84eb136e88d4df49124bd5e0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/d65ff2fe877c471aa6e79efa7bd8ff66e147c317"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c9cefc142c1dc2759e19a92d3b2b3715e985beb"
        },
        {
          "url": "https://git.kernel.org/stable/c/02ed5700f40445af02d1c97db25ffc2d04971d9f"
        },
        {
          "url": "https://git.kernel.org/stable/c/ea30388baebcce37fd594d425a65037ca35e59e8"
        }
      ],
      "title": "ipv6: Fix an uninit variable access bug in __ip6_make_skb()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54265",
    "datePublished": "2025-12-30T12:15:57.557Z",
    "dateReserved": "2025-12-30T12:06:44.517Z",
    "dateUpdated": "2025-12-30T12:15:57.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ksmbd/server.c",
            "fs/ksmbd/smb2pdu.c",
            "fs/ksmbd/smb_common.c",
            "fs/ksmbd/smb_common.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "921536046bd165efeb07beef5630aff35cd6a489",
              "status": "affected",
              "version": "51a8534c0f35c0401e45f1055f914729cad98bf9",
              "versionType": "git"
            },
            {
              "lessThan": "a8334a0c535d0f0b4d64926c8fe0922ed98f7d43",
              "status": "affected",
              "version": "0b3ec5671ac06829ccebdaeec05acedfec327f42",
              "versionType": "git"
            },
            {
              "lessThan": "99a51c673b1d2d0b5a972353401b77612d9cc713",
              "status": "affected",
              "version": "cc32cd98a0aee4cc3eb611cbce11795b1aaa738a",
              "versionType": "git"
            },
            {
              "lessThan": "dc8289f912387c3bcfbc5d2db29c8947fa207c11",
              "status": "affected",
              "version": "39b291b86b5988bf8753c3874d5c773399d09b96",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ksmbd/server.c",
            "fs/ksmbd/smb2pdu.c",
            "fs/ksmbd/smb_common.c",
            "fs/ksmbd/smb_common.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5.15.145",
              "status": "affected",
              "version": "5.15.105",
              "versionType": "semver"
            },
            {
              "lessThan": "6.1.24",
              "status": "affected",
              "version": "6.1.22",
              "versionType": "semver"
            },
            {
              "lessThan": "6.2.11",
              "status": "affected",
              "version": "6.2.9",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.145",
                  "versionStartIncluding": "5.15.105",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.24",
                  "versionStartIncluding": "6.1.22",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.11",
                  "versionStartIncluding": "6.2.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr\n\nWhen smb1 mount fails, KASAN detect slab-out-of-bounds in\ninit_smb2_rsp_hdr like the following one.\nFor smb1 negotiate(56bytes) , init_smb2_rsp_hdr() for smb2 is called.\nThe issue occurs while handling smb1 negotiate as smb2 server operations.\nAdd smb server operations for smb1 (get_cmd_val, init_rsp_hdr,\nallocate_rsp_buf, check_user_session) to handle smb1 negotiate so that\nsmb2 server operation does not handle it.\n\n[  411.400423] CIFS: VFS: Use of the less secure dialect vers=1.0 is\nnot recommended unless required for access to very old servers\n[  411.400452] CIFS: Attempting to mount \\\\192.168.45.139\\homes\n[  411.479312] ksmbd: init_smb2_rsp_hdr : 492\n[  411.479323] ==================================================================\n[  411.479327] BUG: KASAN: slab-out-of-bounds in\ninit_smb2_rsp_hdr+0x1e2/0x1f4 [ksmbd]\n[  411.479369] Read of size 16 at addr ffff888488ed0734 by task kworker/14:1/199\n\n[  411.479379] CPU: 14 PID: 199 Comm: kworker/14:1 Tainted: G\n OE      6.1.21 #3\n[  411.479386] Hardware name: ASUSTeK COMPUTER INC. Z10PA-D8\nSeries/Z10PA-D8 Series, BIOS 3801 08/23/2019\n[  411.479390] Workqueue: ksmbd-io handle_ksmbd_work [ksmbd]\n[  411.479425] Call Trace:\n[  411.479428]  \u003cTASK\u003e\n[  411.479432]  dump_stack_lvl+0x49/0x63\n[  411.479444]  print_report+0x171/0x4a8\n[  411.479452]  ? kasan_complete_mode_report_info+0x3c/0x200\n[  411.479463]  ? init_smb2_rsp_hdr+0x1e2/0x1f4 [ksmbd]\n[  411.479497]  kasan_report+0xb4/0x130\n[  411.479503]  ? init_smb2_rsp_hdr+0x1e2/0x1f4 [ksmbd]\n[  411.479537]  kasan_check_range+0x149/0x1e0\n[  411.479543]  memcpy+0x24/0x70\n[  411.479550]  init_smb2_rsp_hdr+0x1e2/0x1f4 [ksmbd]\n[  411.479585]  handle_ksmbd_work+0x109/0x760 [ksmbd]\n[  411.479616]  ? _raw_spin_unlock_irqrestore+0x50/0x50\n[  411.479624]  ? smb3_encrypt_resp+0x340/0x340 [ksmbd]\n[  411.479656]  process_one_work+0x49c/0x790\n[  411.479667]  worker_thread+0x2b1/0x6e0\n[  411.479674]  ? process_one_work+0x790/0x790\n[  411.479680]  kthread+0x177/0x1b0\n[  411.479686]  ? kthread_complete_and_exit+0x30/0x30\n[  411.479692]  ret_from_fork+0x22/0x30\n[  411.479702]  \u003c/TASK\u003e"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:09:07.538Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/921536046bd165efeb07beef5630aff35cd6a489"
        },
        {
          "url": "https://git.kernel.org/stable/c/a8334a0c535d0f0b4d64926c8fe0922ed98f7d43"
        },
        {
          "url": "https://git.kernel.org/stable/c/99a51c673b1d2d0b5a972353401b77612d9cc713"
        },
        {
          "url": "https://git.kernel.org/stable/c/dc8289f912387c3bcfbc5d2db29c8947fa207c11"
        }
      ],
      "title": "ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54203",
    "datePublished": "2025-12-30T12:09:07.538Z",
    "dateReserved": "2025-12-30T12:06:44.499Z",
    "dateUpdated": "2025-12-30T12:09:07.538Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v11.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "399b73d6b7720a9eae68a333193b53ed4f432fe5",
              "status": "affected",
              "version": "2f77b9a242a2e01822efc80c8b63eaa31df0f8b4",
              "versionType": "git"
            },
            {
              "lessThan": "e9dca969b2426702a73719ab9207e43c6d80b581",
              "status": "affected",
              "version": "2f77b9a242a2e01822efc80c8b63eaa31df0f8b4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v11.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.4",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Add missing gfx11 MQD manager callbacks\n\nmqd_stride function was introduced in commit 2f77b9a242a2\n(\"drm/amdkfd: Update MQD management on multi XCC setup\")\nbut not assigned for gfx11. Fixes a NULL dereference in debugfs."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T11:37:08.116Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/399b73d6b7720a9eae68a333193b53ed4f432fe5"
        },
        {
          "url": "https://git.kernel.org/stable/c/e9dca969b2426702a73719ab9207e43c6d80b581"
        }
      ],
      "title": "drm/amdkfd: Add missing gfx11 MQD manager callbacks",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54261",
    "datePublished": "2025-12-30T12:15:54.870Z",
    "dateReserved": "2025-12-30T12:06:44.516Z",
    "dateUpdated": "2026-01-05T11:37:08.116Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}