CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53286 – RDMA/mlx5: Return the firmware result upon destroying QP/RQ
https://notcve.org/view.php?id=CVE-2023-53286
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. Which in turn could lead to various problems since when upper layer isn't aware of the failure it continues its operation thinking that the related QP/RQ was successfully destroyed while it actually wasn't, which could lead to the belo... • https://git.kernel.org/stable/c/73311dd831858d797cf8ebe140654ed519b41c36 •
CVSS: 6.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53285 – ext4: add bounds checking in get_max_inline_xattr_value_size()
https://notcve.org/view.php?id=CVE-2023-53285
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in get_max_inline_xattr_value_size() Normally the extended attributes in the inode body would have been checked when the inode is first opened, but if someone is writing to the block device while the file system is mounted, it's possible for the inode table to get corrupted. Add bounds checking to avoid reading beyond the end of allocated memory if this happens. • https://git.kernel.org/stable/c/5a229d21b98d132673096710e8281ef522dab1d1 • CWE-125: Out-of-bounds Read •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53284 – drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init()
https://notcve.org/view.php?id=CVE-2023-53284
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init() Because of the possilble failure of devm_kzalloc(), dpu_wb_conn might be NULL and will cause null pointer dereference later. Therefore, it might be better to check it and directly return -ENOMEM. Patchwork: https://patchwork.freedesktop.org/patch/512277/ [DB: fixed typo in commit message] This update provides the initial livepatch for this kernel update. This updat... • https://git.kernel.org/stable/c/77b001acdcfeb892842caac49fb7f0d286b29c43 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53282 – scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write
https://notcve.org/view.php?id=CVE-2023-53282
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-free read warning is logged from the lpfc_wr_object() routine: BUG: KFENCE: use-after-free read in lpfc_wr_object+0x235/0x310 [lpfc] Use-after-free read at 0x0000000000cf164d (in kfence-#111): lpfc_wr_object+0x235/0x310 [lpfc] lpfc_write_firmware.cold+0x206/0x30d [lpfc] lpfc_sli4_request_firmware_update+0xa6/0x100... • https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53281 – drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler()
https://notcve.org/view.php?id=CVE-2023-53281
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Commit 041879b12ddb ("drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle()") besides fixing the deadlock also modified _rtw_join_timeout_handler() to use spin_[un]lock_irq() instead of spin_[un]lock_bh(). _rtw_join_timeout_handler() calls rtw_do_join() which takes pmlmepriv->scanned_queue.lock using spin_[un]lock_bh(). This spin_unlock_bh() call re... • https://git.kernel.org/stable/c/ae60744d5fad840b9d056d35b4b652d95e755846 •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53280 – scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
https://notcve.org/view.php?id=CVE-2023-53280
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up gets called for uninitialized wait queue sp->nvme_ls_waitq. qla2xxx [0000:37:00.1]-2121:5: Returning existing qpair of ffff8ae2c0513400 for idx=0 qla2xxx [0000:37:00.1]-700e:5: qla2x00_start_sp failed = 11 BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 0 P4D 0 Oops: 0000 [#1] SMP NO... • https://git.kernel.org/stable/c/5621b0dd74532c09965264c14958de3f85b498a6 • CWE-824: Access of Uninitialized Pointer •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53279 – misc: vmw_balloon: fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-53279
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: misc: vmw_balloon: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. • https://git.kernel.org/stable/c/b94b39bf3d545671f210a2257d18e33c8b874699 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53278 – ubifs: Fix memory leak in ubifs_sysfs_init()
https://notcve.org/view.php?id=CVE-2023-53278
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifs_sysfs_init() When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff88817fb1a780 (size 8): comm "insmod", pid 25265, jiffies 4295239702 (age 100.130s) hex dump (first 8 bytes): 75 62 69 66 73 00 ff ff ubifs... backtrace: [
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53277 – wifi: iwl3945: Add missing check for create_singlethread_workqueue
https://notcve.org/view.php?id=CVE-2023-53277
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_workqueue in order to avoid NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_workqueue in order to avoid NULL pointer dereference. This updat... • https://git.kernel.org/stable/c/b481de9ca074528fe8c429604e2777db8b89806a •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53276 – ubifs: Free memory for tmpfile name
https://notcve.org/view.php?id=CVE-2023-53276
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after the name has been copied to the directory entry inode, the memory is not freed. When running kmemleak on it we see that it is registered as a leak. The report below is triggered by a simple program 'tmpfile' just opening a tmpfile: unr... • https://git.kernel.org/stable/c/8ad8c67a897e68426e85990ebfe0a7d1f71fc79f •