CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53567 – spi: qup: Don't skip cleanup in remove's error path
https://notcve.org/view.php?id=CVE-2023-53567
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: spi: qup: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case the dma resources are not released in the error path. this is never retried later and so this is a permanent leak. To fix this, only skip hardware disabling if waking the device fails. In the Linux kernel, the following vulnerability has been resolved: spi: qup: Don't skip cleanup in remove's error path Returning... • https://git.kernel.org/stable/c/64ff247a978facc437d40f0c9b754675846a98f0 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53564 – ocfs2: fix defrag path triggering jbd2 ASSERT
https://notcve.org/view.php?id=CVE-2023-53564
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di + ocfs2_split_extent //sub-paths call jbd2_journal_restart + ocfs2_journal_dirty //crash by jbs2 ASSERT crash stacks: PID: 11297 TASK: ffff974a676dcd00 CPU: 67 COMMAND: "defragfs.ocfs2" #0 [ffffb25d8dad3900] machine_kexec at ffffffff8386fe01 #1 [ffffb25d8dad3958] __crash_kexec... • https://git.kernel.org/stable/c/5f43d34a51ed30e6a60f7e59d224a63014fe2cd5 •
CVSS: 9.7EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53559 – ip_vti: fix potential slab-use-after-free in decode_session6
https://notcve.org/view.php?id=CVE-2023-53559
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ip_vti device sends IPv6 packets. As commit f855691975bb ("xfrm6: Fix the nexthdr offset in _decode_session6.") showed, xfrm_decode_session was originally intended only for the receive path. IP6CB(skb)->nhoff is not set dur... • https://git.kernel.org/stable/c/f855691975bb06373a98711e4cfe2c224244b536 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53558 – rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()
https://notcve.org/view.php?id=CVE-2023-53558
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic() pr_info() is called with rtp->cbs_gbl_lock spin lock locked. Because pr_info() calls printk() that might sleep, this will result in BUG like below: [ 0.206455] cblist_init_generic: Setting adjustable number of callback queues. [ 0.206463] [ 0.206464] ============================= [ 0.206464] [ BUG: Invalid wait context ] [ 0.206465] 5.19.0-00428-g9de1f9c8ca51 #5 Not tainted ... • https://git.kernel.org/stable/c/9027d69221ff96e1356f070f7feb2ff989ae7388 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53556 – iavf: Fix use-after-free in free_netdev
https://notcve.org/view.php?id=CVE-2023-53556
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: iavf: Fix use-after-free in free_netdev We do netif_napi_add() for all allocated q_vectors[], but potentially do netif_napi_del() for part of them, then kfree q_vectors and leave invalid pointers at dev->napi_list. Reproducer: [root@host ~]# cat repro.sh #!/bin/bash pf_dbsf="0000:41:00.0" vf0_dbsf="0000:41:02.0" g_pids=() function do_set_numvf() { echo 2 >/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs sleep $((RANDOM%3+1)) echo 0 >/sys/bus/pc... • https://git.kernel.org/stable/c/5eae00c57f5e42bf201023471917da213c4946d6 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53548 – net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
https://notcve.org/view.php?id=CVE-2023-53548
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb The syzbot fuzzer identified a problem in the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 754 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504 Modules linked in: CPU: 0 PID: 754 Comm: kworker/0:2 Not tainted 6.4.0-rc7-syzkaller-00014-g692b7dc87ca6 #0 Hardware name: Google Google Compute Engine/Google Compute Eng... • https://git.kernel.org/stable/c/a0715d04cf687a7e21f0d6ac8c1d479294a3f6f8 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53547 – drm/amdgpu: Fix sdma v4 sw fini error
https://notcve.org/view.php?id=CVE-2023-53547
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix sdma v4 sw fini error Fix sdma v4 sw fini error for sdma 4.2.2 to solve the following general protection fault [ +0.108196] general protection fault, probably for non-canonical address 0xd5e5a4ae79d24a32: 0000 [#1] PREEMPT SMP PTI [ +0.000018] RIP: 0010:free_fw_priv+0xd/0x70 [ +0.000022] Call Trace: [ +0.000012]
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53545 – drm/amdgpu: unmap and remove csa_va properly
https://notcve.org/view.php?id=CVE-2023-53545
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: unmap and remove csa_va properly Root PD BO should be reserved before unmap and remove a bo_va from VM otherwise lockdep will complain. v2: check fpriv->csa_va is not NULL instead of amdgpu_mcbp (christian) [14616.936827] WARNING: CPU: 6 PID: 1711 at drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c:1762 amdgpu_vm_bo_del+0x399/0x3f0 [amdgpu] [14616.937096] Call Trace: [14616.937097]
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53544 – cpufreq: davinci: Fix clk use after free
https://notcve.org/view.php?id=CVE-2023-53544
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driver(). If one of the cpufreq callbacks is called just before cpufreq_unregister_driver() is run, the freed clks might be used. In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driv... • https://git.kernel.org/stable/c/6601b8030de3e9c29930684eeac15302a59f991a •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53542 – ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy
https://notcve.org/view.php?id=CVE-2023-53542
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy For some reason, the driver adding support for Exynos5420 MIPI phy back in 2016 wasn't used on Exynos5420, which caused a kernel panic. Add the proper compatible for it. In the Linux kernel, the following vulnerability has been resolved: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy For some reason, the driver adding support for Exynos5420 MIPI phy back ... • https://git.kernel.org/stable/c/c075aa3467a799855a92289a3c619afc0a2ad193 •