CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53454 – HID: multitouch: Correct devm device reference for hidinput input_dev name
https://notcve.org/view.php?id=CVE-2023-53454
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the l... • https://git.kernel.org/stable/c/c08d46aa805ba46d501f610c2448d07bea979780 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53453 – drm/radeon: free iio for atombios when driver shutdown
https://notcve.org/view.php?id=CVE-2023-53453
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/radeon: free iio for atombios when driver shutdown Fix below kmemleak when unload radeon driver: unreferenced object 0xffff9f8608ede200 (size 512): comm "systemd-udevd", pid 326, jiffies 4294682822 (age 716.338s) hex dump (first 32 bytes): 00 00 00 00 c4 aa ec aa 14 ab 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<0000000062fadebe>] kmem_cache_alloc_trace+0x2f1/0x500 [<0... • https://git.kernel.org/stable/c/cb109cedbba11c33473e6780c256d8442a9e4460 •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53452 – wifi: rtw89: fix potential race condition between napi_init and napi_enable
https://notcve.org/view.php?id=CVE-2023-53452
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential race condition between napi_init and napi_enable A race condition can happen if netdev is registered, but NAPI isn't initialized yet, and meanwhile user space starts the netdev that will enable NAPI. Then, it hits BUG_ON(): kernel BUG at net/core/dev.c:6423! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 417 Comm: iwd Not tainted 6.2.7-slab-dirty #3 eb0f5a8a9d91 Hardware name: LENOVO 21DL/LNVNB161216, BIO... • https://git.kernel.org/stable/c/e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53451 – scsi: qla2xxx: Fix potential NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-53451
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate pointer before dereferencing the pointer. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate pointer before dereferencing the pointer. This update provides the initial liv... • https://git.kernel.org/stable/c/02405f4023866ae91a611b5b85cb2e074ec2de5a • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53450 – ext4: remove a BUG_ON in ext4_mb_release_group_pa()
https://notcve.org/view.php?id=CVE-2023-53450
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: remove a BUG_ON in ext4_mb_release_group_pa() If a malicious fuzzer overwrites the ext4 superblock while it is mounted such that the s_first_data_block is set to a very large number, the calculation of the block group can underflow, and trigger a BUG_ON check. Change this to be an ext4_warning so that we don't crash the kernel. In the Linux kernel, the following vulnerability has been resolved: ext4: remove a BUG_ON in ext4_mb_release... • https://git.kernel.org/stable/c/d5bf8f7fb3ee3d99d1303ceb54599ea0599a4a5b •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53449 – s390/dasd: Fix potential memleak in dasd_eckd_init()
https://notcve.org/view.php?id=CVE-2023-53449
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix potential memleak in dasd_eckd_init() `dasd_reserve_req` is allocated before `dasd_vol_info_req`, and it also needs to be freed before the error returns, just like the other cases in this function. In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix potential memleak in dasd_eckd_init() `dasd_reserve_req` is allocated before `dasd_vol_info_req`, and it also needs to be freed before the error ret... • https://git.kernel.org/stable/c/9e12e54c7a8f616190beffb0f7ce778a86aec175 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53448 – fbdev: imxfb: Removed unneeded release_mem_region
https://notcve.org/view.php?id=CVE-2023-53448
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded release_mem_region Remove unnecessary release_mem_region from the error path to prevent mem region from being released twice, which could avoid resource leak or other unexpected issues. In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded release_mem_region Remove unnecessary release_mem_region from the error path to prevent mem region from being released twice, wh... • https://git.kernel.org/stable/c/b083c22d51148f3d3028291343196471be5d9f36 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50443 – drm/rockchip: lvds: fix PM usage counter unbalance in poweron
https://notcve.org/view.php?id=CVE-2022-50443
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix it by replacing it with the newest pm_runtime_resume_and_get to keep usage counter balanced. In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pm_runtime_get_s... • https://git.kernel.org/stable/c/34cc0aa2545603560c79aaea3340d8ff3a71bd10 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-50442 – fs/ntfs3: Validate buffer length while parsing index
https://notcve.org/view.php?id=CVE-2022-50442
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate buffer length while parsing index indx_read is called when we have some NTFS directory operations that need more information from the index buffers. This adds a sanity check to make sure the returned index buffer length is legit, or we may have some out-of-bound memory accesses. [ 560.897595] BUG: KASAN: slab-out-of-bounds in hdr_find_e.isra.0+0x10c/0x320 [ 560.898321] Read of size 2 at addr ffff888009497238 by task exp/2... • https://git.kernel.org/stable/c/4534a70b7056fd4b9a1c6db5a4ce3c98546b291e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50441 – net/mlx5: Lag, fix failure to cancel delayed bond work
https://notcve.org/view.php?id=CVE-2022-50441
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work Commit 0d4e8ed139d8 ("net/mlx5: Lag, avoid lockdep warnings") accidentally removed a call to cancel delayed bond work thus it may cause queued delay to expire and fall on an already destroyed work queue. Fix by restoring the call cancel_delayed_work_sync() before destroying the workqueue. This prevents call trace such as this: [ 329.230417] BUG: kernel NULL pointer dereference, address:... • https://git.kernel.org/stable/c/ff24a802204620214afa75a5e64280f40015e399 •