CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53296 – sctp: check send stream number after wait_for_sndbuf
https://notcve.org/view.php?id=CVE-2023-53296
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after wait_for_sndbuf This patch fixes a corner case where the asoc out stream count may change after wait_for_sndbuf. When the main thread in the client starts a connection, if its out stream count is set to N while the in stream count in the server is set to N - 2, another thread in the client keeps sending the msgs with stream number N - 1, and waits for sndbuf before processing INIT_ACK. However, after pro... • https://git.kernel.org/stable/c/5bbbbe32a43199c2b9ea5ea66fab6241c64beb51 • CWE-476: NULL Pointer Dereference •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53295 – udf: Do not update file length for failed writes to inline files
https://notcve.org/view.php?id=CVE-2023-53295
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline data to happen only if the write succeeds. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/5621f7a8139053d0c3c47fb68ee9f602139eb40a •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53294 – fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup()
https://notcve.org/view.php?id=CVE-2023-53294
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup() Syzbot reported a null-ptr-deref bug: ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) ntfs3: loop0: Mark volume as dirty due to NTFS errors general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] RIP: 0010:d_flags_for_inode fs/dca... • https://git.kernel.org/stable/c/4342306f0f0d5ff4315a204d315c1b51b914fca5 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53292 – blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none
https://notcve.org/view.php?id=CVE-2023-53292
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none After grabbing q->sysfs_lock, q->elevator may become NULL because of elevator switch. Fix the NULL dereference on q->elevator by checking it with lock. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/3e977386521b71471e66ec2ba82efdfcc456adf2 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53291 – rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
https://notcve.org/view.php?id=CVE-2023-53291
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale Running the 'kfree_rcu_test' test case [1] results in a splat [2]. The root cause is the kfree_scale_thread thread(s) continue running after unloading the rcuscale module. This commit fixes that isue by invoking kfree_scale_cleanup() from rcu_scale_cleanup() when removing the rcuscale module. [1] modprobe rcuscale kfree_rcu_test=1 // After some time rmmod rcuscale rmmo... • https://git.kernel.org/stable/c/e6e78b004fa7e0ab455d46d27f218bf6ce178a18 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53290 – samples/bpf: Fix fout leak in hbm's run_bpf_prog
https://notcve.org/view.php?id=CVE-2023-53290
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's run_bpf_prog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope. In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's run_bpf_prog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope. • https://git.kernel.org/stable/c/a1270fe95b74eb3195b107c494ed1f11b932a278 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53289 – media: bdisp: Add missing check for create_workqueue
https://notcve.org/view.php?id=CVE-2023-53289
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: bdisp: Add missing check for create_workqueue Add the check for the return value of the create_workqueue in order to avoid NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: media: bdisp: Add missing check for create_workqueue Add the check for the return value of the create_workqueue in order to avoid NULL pointer dereference. • https://git.kernel.org/stable/c/28ffeebbb7bdc0dd7899286b63f3c359d43d0a1a •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53288 – drm/client: Fix memory leak in drm_client_modeset_probe
https://notcve.org/view.php?id=CVE-2023-53288
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm] drm_client_modeset_probe+0x944/0xf50 [drm] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper] drm_client_register+0x169/0x240 [drm] ast_pci_probe+0x142/0x190 [as... • https://git.kernel.org/stable/c/5d580017bdb9b3e930b6009e467e5e1589f8ca8a • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53287 – usb: cdns3: Put the cdns set active part outside the spin lock
https://notcve.org/view.php?id=CVE-2023-53287
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pm_runtime_set_active will resume suppliers, put set active outside the spin lock, which is only used to protect the struct cdns data structure, otherwise the kernel will report the following warning: BUG: sleeping function called from invalid context at drivers/base/power/ru... • https://git.kernel.org/stable/c/7733f6c32e36ff9d7adadf40001039bf219b1cbe •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53286 – RDMA/mlx5: Return the firmware result upon destroying QP/RQ
https://notcve.org/view.php?id=CVE-2023-53286
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. Which in turn could lead to various problems since when upper layer isn't aware of the failure it continues its operation thinking that the related QP/RQ was successfully destroyed while it actually wasn't, which could lead to the belo... • https://git.kernel.org/stable/c/73311dd831858d797cf8ebe140654ed519b41c36 •