CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53642 – x86: fix clear_user_rep_good() exception handling annotation
https://notcve.org/view.php?id=CVE-2023-53642
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: x86: fix clear_user_rep_good() exception handling annotation This code no longer exists in mainline, because it was removed in commit d2c95f9d6802 ("x86: don't use REP_GOOD or ERMS for user memory clearing") upstream. However, rather than backport the full range of x86 memory clearing and copying cleanups, fix the exception table annotation placement for the final 'rep movsb' in clear_user_rep_good(): rather than pointing at the actual inst... • https://git.kernel.org/stable/c/0db7058e8e23e6bbab1b4747ecabd1784c34f50b •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53641 – wifi: ath9k: hif_usb: fix memory leak of remain_skbs
https://notcve.org/view.php?id=CVE-2023-53641
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of remain_skbs hif_dev->remain_skb is allocated and used exclusively in ath9k_hif_usb_rx_stream(). It is implied that an allocated remain_skb is processed and subsequently freed (in error paths) only during the next call of ath9k_hif_usb_rx_stream(). So, if the urbs are deallocated between those two calls due to the device deinitialization or suspend, it is possible that ath9k_hif_usb_rx_stream() is not... • https://git.kernel.org/stable/c/fb9987d0f748c983bb795a86f47522313f701a08 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53640 – ASoC: lpass: Fix for KASAN use_after_free out of bounds
https://notcve.org/view.php?id=CVE-2023-53640
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use_after_free out of bounds When we run syzkaller we get below Out of Bounds error. "KASAN: slab-out-of-bounds Read in regcache_flat_read" Below is the backtrace of the issue: BUG: KASAN: slab-out-of-bounds in regcache_flat_read+0x10c/0x110 Read of size 4 at addr ffffff8088fbf714 by task syz-executor.4/14144 CPU: 6 PID: 14144 Comm: syz-executor.4 Tainted: G W Hardware name: Qualcomm Technologies, Inc. sc7280 CRD ... • https://git.kernel.org/stable/c/c39667ddcfc516fee084e449179d54430a558298 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53639 – wifi: ath6kl: reduce WARN to dev_dbg() in callback
https://notcve.org/view.php?id=CVE-2023-53639
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to dev_dbg() in callback The warn is triggered on a known race condition, documented in the code above the test, that is correctly handled. Using WARN() hinders automated testing. Reducing severity. In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to dev_dbg() in callback The warn is triggered on a known race condition, documented in the code above the test, that is corr... • https://git.kernel.org/stable/c/de2070fc4aa7c0205348010f500f5abce012e67b •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53637 – media: i2c: ov772x: Fix memleak in ov772x_probe()
https://notcve.org/view.php?id=CVE-2023-53637
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov772x: Fix memleak in ov772x_probe() A memory leak was reported when testing ov772x with bpf mock device: AssertionError: unreferenced object 0xffff888109afa7a8 (size 8): comm "python3", pid 279, jiffies 4294805921 (age 20.681s) hex dump (first 8 bytes): 80 22 88 15 81 88 ff ff ."...... backtrace: [<000000009990b438>] __kmalloc_node+0x44/0x1b0 [<000000009e32f7d7>] kvmalloc_node+0x34/0x180 [<00000000faf48134>] v4l2_ctrl_handler_... • https://git.kernel.org/stable/c/1112babde21483d86ed3fbad1320b0ddf9ab2ece •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53636 – clk: microchip: fix potential UAF in auxdev release callback
https://notcve.org/view.php?id=CVE-2023-53636
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: microchip: fix potential UAF in auxdev release callback Similar to commit 1c11289b34ab ("peci: cpu: Fix use-after-free in adev_release()"), the auxiliary device is not torn down in the correct order. If auxiliary_device_add() fails, the release callback will be called twice, resulting in a UAF. Due to timing, the auxdev code in this driver "took inspiration" from the aforementioned commit, and thus its bugs too! Moving auxiliary_device... • https://git.kernel.org/stable/c/b56bae2dd6fda6baf3bb74af3812676eebdd52f2 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53635 – netfilter: conntrack: fix wrong ct->timeout value
https://notcve.org/view.php?id=CVE-2023-53635
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct->timeout value (struct nf_conn)->timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that timeout of an unconfirmed conntrack: - Set by calling ctnetlink_change_timeout(). As a result, `nfct_time_stamp` was wrongly added to `ct->timeout` twice. - Get by calling ctnetlink_dump_timeout(). As a result, `nfct_time_stamp` was wrongly subtracted. • https://git.kernel.org/stable/c/a4b4766c3cebb4018167e06b863d8e95b7274757 • CWE-682: Incorrect Calculation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53634 – bpf, arm64: Fixed a BTI error on returning to patched function
https://notcve.org/view.php?id=CVE-2023-53634
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fixed a BTI error on returning to patched function When BPF_TRAMP_F_CALL_ORIG is set, BPF trampoline uses BLR to jump back to the instruction next to call site to call the patched function. For BTI-enabled kernel, the instruction next to call site is usually PACIASP, in this case, it's safe to jump back with BLR. But when the call site is not followed by a PACIASP or bti, a BTI exception is triggered. Here is a fault log: Unhand... • https://git.kernel.org/stable/c/efc9909fdce00a827a37609628223cd45bf95d0b •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53631 – platform/x86: dell-sysman: Fix reference leak
https://notcve.org/view.php?id=CVE-2023-53631
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using kset_find_obj(), a reference to that attribute is returned. This means that we need to dispose it accordingly. Use kobject_put() to dispose the duplicate attribute in such a case. Compile-tested only. In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using kse... • https://git.kernel.org/stable/c/e8a60aa7404bfef37705da5607c97737073ac38d •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53629 – fs: dlm: fix use after free in midcomms commit
https://notcve.org/view.php?id=CVE-2023-53629
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix use after free in midcomms commit While working on processing dlm message in softirq context I experienced the following KASAN use-after-free warning: [ 151.760477] ================================================================== [ 151.761803] BUG: KASAN: use-after-free in dlm_midcomms_commit_mhandle+0x19d/0x4b0 [ 151.763414] Read of size 4 at addr ffff88811a980c60 by task lock_torture/1347 [ 151.765284] CPU: 7 PID: 1347 Comm... • https://git.kernel.org/stable/c/489d8e559c6596eb08e16447d9830bc39afbe54e •