CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53759 – HID: hidraw: fix data race on device refcount
https://notcve.org/view.php?id=CVE-2023-53759
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidraw_open() function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently opening a device. The race is a regression introduced by commit 8590222e4b02 ("HID: hidraw: Replace hidraw device table mutex with a rwsem"). While minors_rwsem is intended to protect the hidraw_table itself, by in... • https://git.kernel.org/stable/c/8590222e4b021054a7167a4dd35b152a8ed7018e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53758 – spi: atmel-quadspi: Free resources even if runtime resume failed in .remove()
https://notcve.org/view.php?id=CVE-2023-53758
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove() An early error exit in atmel_qspi_remove() doesn't prevent the device unbind. So this results in an spi controller with an unbound parent and unmapped register space (because devm_ioremap_resource() is undone). So using the remaining spi controller probably results in an oops. Instead unregister the controller unconditionally and only skip hardware access and clk ... • https://git.kernel.org/stable/c/4a2f83b7f78092a6d9e98fb5573d8f4b79c56336 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53757 – irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
https://notcve.org/view.php?id=CVE-2023-53757
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe of_irq_find_parent() returns a node pointer with refcount incremented, W... • https://git.kernel.org/stable/c/a68a63cb4dfc30e8a79b444aabc7747bb7621acf •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53756 – KVM: VMX: Fix crash due to uninitialized current_vmcs
https://notcve.org/view.php?id=CVE-2023-53756
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current_vmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcs_touch_msr_bitmap function uses current_vmcs per-cpu variable to mark that the msr bitmap was changed. vmx_vcpu_create() modifies the msr bitmap via vmx_disable_intercept_for_msr -> vmx_msr_bitmap_l01_changed which in the end calls this funct... • https://git.kernel.org/stable/c/ceef7d10dfb6284d512c499292e6daa35ea83f90 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53755 – dmaengine: ptdma: check for null desc before calling pt_cmd_callback
https://notcve.org/view.php?id=CVE-2023-53755
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling pt_cmd_callback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exercised. The issue was the pt_issue_pending() function is mistakenly assuming that there will be at least one descriptor in the Submitted queue when the function is called. However, it is possible that both the Submitted and Issued queues could be empty, which ... • https://git.kernel.org/stable/c/6fa7e0e836e23e2c758ac3930b040c8abbbf8a6f •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53754 – scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
https://notcve.org/view.php?id=CVE-2023-53754
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() When if_type equals zero and pci_resource_start(pdev, PCI_64BIT_BAR4) returns false, drbl_regs_memmap_p is not remapped. This passes a NULL pointer to iounmap(), which can trigger a WARN() on certain arches. When if_type equals six and pci_resource_start(pdev, PCI_64BIT_BAR4) returns true, drbl_regs_memmap_p may has been remapped and ctrl_regs_memmap_p is not remapped. This is a re... • https://git.kernel.org/stable/c/1351e69fc6db30e186295f1c9495d03cef6a01a2 •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53753 – drm/amd/display: fix mapping to non-allocated address
https://notcve.org/view.php?id=CVE-2023-53753
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address [Why] There is an issue mapping non-allocated location of memory. It would allocate gpio registers from an array out of bounds. [How] Patch correct numbers of bounds for using. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address [Why] There is an issue mapping non-allocated location of memory. It would allocate gpio re... • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53752 – net: deal with integer overflows in kmalloc_reserve()
https://notcve.org/view.php?id=CVE-2023-53752
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmalloc_reserve() Blamed commit changed: ptr = kmalloc(size); if (ptr) size = ksize(ptr); size = kmalloc_size_roundup(size); ptr = kmalloc(size); This allowed various crash as reported by syzbot [1] and Kyle Zeng. Problem is that if @size is bigger than 0x80000001, kmalloc_size_roundup(size) returns 2^32. kmalloc_reserve() uses a 32bit variable (obj_size), so 2^32 is truncated to 0. kmalloc(0) returns ZER... • https://git.kernel.org/stable/c/0dbc898f5917c5a3bec6be19d9f5469cbc351a7d •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53751 – cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname
https://notcve.org/view.php?id=CVE-2023-53751
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential use-after-free bugs. In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many t... • https://git.kernel.org/stable/c/93d5cb517db39e8af8d1292f9e785e4983b7f708 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53750 – pinctrl: freescale: Fix a memory out of bounds when num_configs is 1
https://notcve.org/view.php?id=CVE-2023-53750
08 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when num_configs is 1 The config passed in by pad wakeup is 1, when num_configs is 1, Configuration [1] should not be fetched, which will be detected by KASAN as a memory out of bounds condition. Modify to get configs[1] when num_configs is 2. In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when num_configs is 1 The config passe... • https://git.kernel.org/stable/c/f60c9eac54af28d7b5651fe49944bfd5098550e6 •