CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53017 – Bluetooth: hci_sync: fix memory leak in hci_update_adv_data()
https://notcve.org/view.php?id=CVE-2023-53017
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix memory leak in hci_update_adv_data() When hci_cmd_sync_queue() failed in hci_update_adv_data(), inst_ptr is not freed, which will cause memory leak, convert to use ERR_PTR/PTR_ERR to pass the instance to callback so no memory needs to be allocated. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix memory leak in hci_update_adv_data() When hci_cmd_sync_queue() ... • https://git.kernel.org/stable/c/651cd3d65b0f76a2198fcf3a80ce5d53dd267717 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53016 – Bluetooth: Fix possible deadlock in rfcomm_sk_state_change
https://notcve.org/view.php?id=CVE-2023-53016
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change syzbot reports a possible deadlock in rfcomm_sk_state_change [1]. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change syzbot reports a possible deadlock in rfcomm_sk_state_change [1]. • https://git.kernel.org/stable/c/1804fdf6e494e5e2938c65d8391690b59bcff897 • CWE-667: Improper Locking •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53015 – HID: betop: check shape of output reports
https://notcve.org/view.php?id=CVE-2023-53015
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopff_init() only checks the total sum of the report counts for each report field to be at least 4, but hid_betopff_play() expects 4 report fields. In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopff_init() only checks the total sum of the report counts for each report field to be at least 4, but hid_betopff_play() exp... • https://git.kernel.org/stable/c/52cd7785f3cdd2724f4efb5b21dbc75d6f9ccef4 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53014 – dmaengine: tegra: Fix memory leak in terminate_all()
https://notcve.org/view.php?id=CVE-2023-53014
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fix memory leak in terminate_all() Terminate vdesc when terminating an ongoing transfer. In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra: Fix memory leak in terminate_all() Terminate vdesc when terminating an ongoing transfer. This will ensure that the vdesc is present in the desc_terminated list The descriptor will be freed later in desc_free_list(). ... A flaw was found ... • https://git.kernel.org/stable/c/ee17028009d49fffed8cc963455d33b1fd3f1d08 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53013 – ptdma: pt_core_execute_cmd() should use spinlock
https://notcve.org/view.php?id=CVE-2023-53013
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: ptdma: pt_core_execute_cmd() should use spinlock The interrupt handler (pt_core_irq_handler()) of the ptdma driver can be called from interrupt context. ... In the Linux kernel, the following vulnerability has been resolved: ptdma: pt_core_execute_cmd() should use spinlock The interrupt handler (pt_core_irq_handler()) of the ptdma driver can be called from interrupt context. • https://git.kernel.org/stable/c/fa5d823b16a9442d609617abeec31da8b6afa224 • CWE-667: Improper Locking •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53012 – thermal: core: call put_device() only after device_register() fails
https://notcve.org/view.php?id=CVE-2023-53012
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: thermal: core: call put_device() only after device_register() fails put_device() shouldn't be called before a prior call to device_register(). ... In the Linux kernel, the following vulnerability has been resolved: thermal: core: call put_device() only after device_register() fails put_device() shouldn't be called before a prior call to device_register(). • https://git.kernel.org/stable/c/5139cbc0c6e4bf2fcffc9a7ed4350bf6985bc561 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53011 – net: stmmac: enable all safety features by default
https://notcve.org/view.php?id=CVE-2023-53011
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: net: stmmac: enable all safety features by default In the original implementation of dwmac5 commit 8bf993a5877e ("net: stmmac: Add support for DWMAC5 and implement Safety Features") all safety features were enabled by default. In the Linux kernel, the following vulnerability has been resolved: net: stmmac: enable all safety features by default In the original implementation of dwmac5 commit 8bf993a5877e ("net: stmmac: Add supp... • https://git.kernel.org/stable/c/5ac712dcdfefb1a783384db85e0507d161e87812 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53010 – bnxt: Do not read past the end of test names
https://notcve.org/view.php?id=CVE-2023-53010
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: bnxt: Do not read past the end of test names Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic: detected buffer overflow in strnlen [...] ... In the Linux kernel, the following vulnerability has been resolved: bnxt: Do not read past the end of test names Test names were being concatenated based on a offset beyond the end of the first name, w... • https://git.kernel.org/stable/c/eb51365846bc418687af4c4f41b68b6e84cdd449 • CWE-125: Out-of-bounds Read •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53009 – drm/amdkfd: Add sync after creating vram bo
https://notcve.org/view.php?id=CVE-2023-53009
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. • https://git.kernel.org/stable/c/42de677f79999791bee4e21be318c32d90ab62c6 •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53008 – cifs: fix potential memory leaks in session setup
https://notcve.org/view.php?id=CVE-2023-53008
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential memory leaks in session setup Make sure to free cifs_ses::auth_key.response before allocating it as we might end up leaking memory in reconnect or mounting. In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential memory leaks in session setup Make sure to free cifs_ses::auth_key.response before allocating it as we might end up leaking memory in reconnect or mounting. • https://git.kernel.org/stable/c/893d45394dbe4b5cbf3723c19e2ccc8b93a6ac9b •