CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53446 – PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
https://notcve.org/view.php?id=CVE-2023-53446
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcie_link_state->downstream is a pointer to the pci_dev of function 0. Previously we retained that pointer when removing function 0, and subsequent ASPM policy changes dereferenced it, resulting in a use-after-free warning from KASAN, e.g.: # echo 1 > /sys/bus/pci/devices/0000:03:00.0/remove # echo powersave > /sys/module/pcie_aspm/parameters/policy BUG: KASAN: sl... • https://git.kernel.org/stable/c/b5a0a9b59c8185aebcd9a717e2e6258b58c72c06 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53445 – net: qrtr: Fix a refcount bug in qrtr_recvmsg()
https://notcve.org/view.php?id=CVE-2023-53445
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix a refcount bug in qrtr_recvmsg() Syzbot reported a bug as following: refcount_t: addition on 0; use-after-free. ... RIP: 0010:refcount_warn_saturate+0x17c/0x1f0 lib/refcount.c:25 ... Call Trace:
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53443 – mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak
https://notcve.org/view.php?id=CVE-2023-53443
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak In arizona_clk32k_enable(), we should use pm_runtime_resume_and_get() as pm_runtime_get_sync() will increase the refcnt even when it returns an error. In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak In arizona_clk32k_enable(), we should use pm_runtime_resume_and_get() as pm_runtime_get... • https://git.kernel.org/stable/c/247fa1920deeb1064e36c0a34410f4d63503b3d4 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53441 – bpf: cpumap: Fix memory leak in cpu_map_update_elem
https://notcve.org/view.php?id=CVE-2023-53441
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpu_map_update_elem Syzkaller reported a memory leak as follows: BUG: memory leak unreferenced object 0xff110001198ef748 (size 192): comm "syz-executor.3", pid 17672, jiffies 4298118891 (age 9.906s) hex dump (first 32 bytes): 00 00 00 00 4a 19 00 00 80 ad e3 e4 fe ff c0 00 ....J........... 00 b2 d3 0c 01 00 11 ff 28 f5 8e 19 01 00 11 ff ........(....... backtrace: [
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53440 – nilfs2: fix sysfs interface lifetime
https://notcve.org/view.php?id=CVE-2023-53440
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing of creation and deletion of sysfs entries, potentially leading to null pointer dereferences, use-after-free, and lockdep warnings. Some of the sysfs attributes for nilfs2 per-filesystem instance refer to metadata file "cpfile", "sufile", or "dat", but nilfs_sysfs_create_device_group that creates those attributes is executed before the inodes for... • https://git.kernel.org/stable/c/dd70edbde2627f47df118d899de6bbb55abcfdbf • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53438 – x86/MCE: Always save CS register on AMD Zen IF Poison errors
https://notcve.org/view.php?id=CVE-2023-53438
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch (IF) units on current AMD Zen-based systems do not guarantee a synchronous #MC is delivered for poison consumption errors. Therefore, MCG_STATUS[EIPV|RIPV] will not be set. However, the microarchitecture does guarantee that the exception is delivered within the same context. In other words, the exact rIP is not known, but the context is known to not have chan... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-53437 – media: uvcvideo: Handle cameras with invalid descriptors
https://notcve.org/view.php?id=CVE-2023-53437
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/6d30cf81ee3c0368175f76c03120af5d81e0c639 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53436 – scsi: snic: Fix possible memory leak if device_add() fails
https://notcve.org/view.php?id=CVE-2023-53436
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to give up the reference in the error path. So fix this by calling put_device(), then the name can be freed in kobject_cleanp(). In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if... • https://git.kernel.org/stable/c/c8806b6c9e824f47726f2a9b7fbbe7ebf19306fa • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53435 – cassini: Fix a memory leak in the error handling path of cas_init_one()
https://notcve.org/view.php?id=CVE-2023-53435
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: cassini: Fix a memory leak in the error handling path of cas_init_one() cas_saturn_firmware_init() allocates some memory using vmalloc(). This memory is freed in the .remove() function but not it the error handling path of the probe. Add the missing vfree() to avoid a memory leak, should an error occur. In the Linux kernel, the following vulnerability has been resolved: cassini: Fix a memory leak in the error handling path of cas_init_one()... • https://git.kernel.org/stable/c/fcaa40669cd798ca2ac0d15441e8a1d1145f2b16 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-53433 – net: add vlan_get_protocol_and_depth() helper
https://notcve.org/view.php?id=CVE-2023-53433
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: net: add vlan_get_protocol_and_depth() helper Before blamed commit, pskb_may_pull() was used instead of skb_header_pointer() in __vlan_get_protocol() and friends. Few callers depended on skb->head being populated with MAC header, syzbot caught one of them (skb_mac_gso_segment()) Add vlan_get_protocol_and_depth() to make the intent clearer and use it where sensible. This is a more generic fix than commit e9d3f80935b6 ("net/af_packet: make su... • https://git.kernel.org/stable/c/30d015f5ecd9ce5706ad18a4a0649f364e3e6f7b • CWE-125: Out-of-bounds Read •