CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53242 – thermal/drivers/hisi: Drop second sensor hi3660
https://notcve.org/view.php?id=CVE-2023-53242
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: Drop second sensor hi3660 The commit 74c8e6bffbe1 ("driver core: Add __alloc_size hint to devm allocators") exposes a panic "BRK handler: Fatal exception" on the hi3660_thermal_probe funciton. This is because the function allocates memory for only one sensors array entry, but tries to fill up a second one. Fix this by removing the unneeded second access. In the Linux kernel, the following vulnerability has been resolve... • https://git.kernel.org/stable/c/7d3a2a2bbadb4bf5856ed394ba09b8fbb7a80460 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53241 – nfsd: call op_release, even when op_func returns an error
https://notcve.org/view.php?id=CVE-2023-53241
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: nfsd: call op_release, even when op_func returns an error For ops with "trivial" replies, nfsd4_encode_operation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is calling op_release. This could cause a memory leak in the layoutget codepath if there is an error at an inopportune time. Have the compound processing engine always call op_release, even when op_func sets an error in ... • https://git.kernel.org/stable/c/34b1744c91ccd44811005822106945fa80ecbff2 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53239 – drm/msm/mdp5: Add check for kzalloc
https://notcve.org/view.php?id=CVE-2023-53239
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Add check for kzalloc As kzalloc may fail and return NULL pointer, it should be better to check the return value in order to avoid the NULL pointer dereference. Patchwork: https://patchwork.freedesktop.org/patch/514154/ In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Add check for kzalloc As kzalloc may fail and return NULL pointer, it should be better to check the return value in order to avo... • https://git.kernel.org/stable/c/1cff7440a86e04a613665803b42034c467f035fa • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53238 – phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
https://notcve.org/view.php?id=CVE-2023-53238
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() The size of array 'priv->ports[]' is INNO_PHY_PORT_NUM. In the for loop, 'i' is used as the index for array 'priv->ports[]' with a check (i > INNO_PHY_PORT_NUM) which indicates that INNO_PHY_PORT_NUM is allowed value for 'i' in the same loop. This > comparison needs to be changed to >=, otherwise it potentially leads to an out of bounds write on the next iteration through t... • https://git.kernel.org/stable/c/ba8b0ee81fbbc249e60f84bf097bd56e8047c742 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53234 – watchdog: Fix kmemleak in watchdog_cdev_register
https://notcve.org/view.php?id=CVE-2023-53234
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix kmemleak in watchdog_cdev_register kmemleak reports memory leaks in watchdog_dev_register, as follows: unreferenced object 0xffff888116233000 (size 2048): comm ""modprobe"", pid 28147, jiffies 4353426116 (age 61.741s) hex dump (first 32 bytes): 80 fa b9 05 81 88 ff ff 08 30 23 16 81 88 ff ff .........0#..... 08 30 23 16 81 88 ff ff 00 00 00 00 00 00 00 00 .0#............. backtrace: [<000000007f001ffd>] __kmem_cache_alloc_node... • https://git.kernel.org/stable/c/450caf1faa0d7bbbd1da93d3ee8c5edea7bc51a8 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53233 – net/smc: fix deadlock triggered by cancel_delayed_work_syn()
https://notcve.org/view.php?id=CVE-2023-53233
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: net/smc: fix deadlock triggered by cancel_delayed_work_syn() The following LOCKDEP was detected: Workqueue: events smc_lgr_free_work [smc] WARNING: possible circular locking dependency detected 6.1.0-20221027.rc2.git8.56bc5b569087.300.fc36.s390x+debug #1 Not tainted ------------------------------------------------------ kworker/3:0/176251 is trying to acquire lock: 00000000f1467148 ((wq_completion)smc_tx_wq-00000000#2){+.+.}-{0:0}, at: __fl... • https://git.kernel.org/stable/c/a52bcc919b14c9d78f03b2b4ff604e5ca69c7e6d • CWE-667: Improper Locking •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53231 – erofs: Fix detection of atomic context
https://notcve.org/view.php?id=CVE-2023-53231
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: erofs: Fix detection of atomic context Current check for atomic context is not sufficient as z_erofs_decompressqueue_endio can be called under rcu lock from blk_mq_flush_plug_list(). See the stacktrace [1] In such case we should hand off the decompression work for async processing rather than trying to do sync decompression in current context. Patch fixes the detection by checking for rcu_read_lock_any_held() and while at it use more approp... • https://git.kernel.org/stable/c/aea1286dcbbb87cf33595c2ac8b153c29a4611cb •
CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53229 – wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta
https://notcve.org/view.php?id=CVE-2023-53229
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta Avoid potential data corruption issues caused by uninitialized driver private data structures. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta Avoid potential data corruption issues caused by uninitialized driver private data structures. This update provides the initi... • https://git.kernel.org/stable/c/6a9d1b91f34df1935bc0ad98114801a44db0f98c • CWE-908: Use of Uninitialized Resource •
CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53226 – wifi: mwifiex: Fix OOB and integer underflow when rx packets
https://notcve.org/view.php?id=CVE-2023-53226
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiex_process_mgmt_packet, mwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet, mwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet not out-of-bounds access the skb->data buffer. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiex_process_mgmt_packet, mwif... • https://git.kernel.org/stable/c/2dbaf751b1dec3a603130a475f94cc4d3f404362 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-53225 – spi: imx: Don't skip cleanup in remove's error path
https://notcve.org/view.php?id=CVE-2023-53225
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: imx: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case the dma resources are not released in the error path. this is never retried later and so this is a permanent leak. To fix this, only skip hardware disabling if waking the device fails. In the Linux kernel, the following vulnerability has been resolved: spi: imx: Don't skip cleanup in remove's error path Returning... • https://git.kernel.org/stable/c/d593574aff0ab846136190b1729c151c736727ec • CWE-401: Missing Release of Memory after Effective Lifetime •