CVSS: 7.1EPSS: %CPEs: 5EXPL: 0CVE-2023-53171 – vfio/type1: prevent underflow of locked_vm via exec()
https://notcve.org/view.php?id=CVE-2023-53171
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of locked_vm via exec() When a vfio container is preserved across exec, the task does not change, but it gets a new mm with locked_vm=0, and loses the count from existing dma mappings. If the user later unmaps a dma mapping, locked_vm underflows to a large unsigned value, and a subsequent dma map request fails with ENOMEM in __account_locked_vm. To avoid underflow, grab and save the mm at the time a dma is mapp... • https://git.kernel.org/stable/c/73fa0d10d077d9521ee2dace2307ae2c9a965336 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2023-53167 – tracing: Fix null pointer dereference in tracing_err_log_open()
https://notcve.org/view.php?id=CVE-2023-53167
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix null pointer dereference in tracing_err_log_open() Fix an issue in function 'tracing_err_log_open'. The function doesn't call 'seq_open' if the file is opened only with write permissions, which results in 'file->private_data' being left as null. If we then use 'lseek' on that opened file, 'seq_lseek' dereferences 'file->private_data' in 'mutex_lock(&m->lock)', resulting in a kernel panic. Writing to this node requires root priv... • https://git.kernel.org/stable/c/8a062902be725f647dc8da532b04d836546a369a •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2023-53165 – udf: Fix uninitialized array access for some pathnames
https://notcve.org/view.php?id=CVE-2023-53165
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer. The only practical impact is that the name may be prepended a "unification hash" when it is not actually needed but still it is good to fix this. In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitializ... • https://git.kernel.org/stable/c/008ae78d1e12efa904dc819b1ec83e2bca6b2c56 •
CVSS: 7.1EPSS: %CPEs: 6EXPL: 0CVE-2023-53164 – irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
https://notcve.org/view.php?id=CVE-2023-53164
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe of_irq_find_parent() returns a node pointer with refcount increm... • https://git.kernel.org/stable/c/cd844b0715ceda3287d1fa8e5d8e1b25a85c9b0f •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2023-53153 – wifi: cfg80211: Fix use after free for wext
https://notcve.org/view.php?id=CVE-2023-53153
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext Key information in wext.connect is not reset on (re)connect and can hold data from a previous connection. Reset key data to avoid that drivers or mac80211 incorrectly detect a WEP connection request and access the freed or already reused memory. Additionally optimize cfg80211_sme_connect() and avoid an useless schedule of conn_work. In the Linux kernel, the following vulnerability has been resolve... • https://git.kernel.org/stable/c/fffd0934b9390f34bec45762192b7edd3b12b4b5 •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2023-53152 – drm/amdgpu: fix calltrace warning in amddrm_buddy_fini
https://notcve.org/view.php?id=CVE-2023-53152
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrm_buddy_fini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated for psp are not freed until removing. [61811.450562] RIP: 0010:amddrm_buddy_fini.cold+0x29/0x47 [amddrm_buddy] [61811.450577] Call Trace: [61811.450577]
CVSS: 7.8EPSS: %CPEs: 8EXPL: 0CVE-2023-53151 – md/raid10: prevent soft lockup while flush writes
https://notcve.org/view.php?id=CVE-2023-53151
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing writes, raid1 has cond_resched() while raid10 doesn't, and too many writes can cause soft lockup. Follow up soft lockup can be triggered easily with writeback test for raid10 with ramdisks: watchdog: BUG: soft lockup - CPU#10 stuck for 27s! [md0_raid10:1293] Call Trace:
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2023-53150 – scsi: qla2xxx: Pointer may be dereferenced
https://notcve.org/view.php?id=CVE-2023-53150
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be dereferenced. Add a fix to validate rport before dereferencing. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be de... • https://git.kernel.org/stable/c/005961bd8f066fe931104f67c34ebfcc7f240099 •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2023-53149 – ext4: avoid deadlock in fs reclaim with page writeback
https://notcve.org/view.php?id=CVE-2023-53149
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4_writepages() calls to avoid races with switching of journalled data flag or inode format. This lock can however cause a deadlock like: CPU0 CPU1 ext4_writepages() percpu_down_read(sbi->s_writepages_rwsem); ext4_change_inode_journal_flag() percpu_down_write(sbi->s_writepages_rwsem); - blocks, all readers block from now on ext4_do_writepages... • https://git.kernel.org/stable/c/c8585c6fcaf2011de54c3592e80a634a2b9e1a7f •
CVSS: 5.5EPSS: %CPEs: 8EXPL: 0CVE-2023-53148 – igb: Fix igb_down hung on surprise removal
https://notcve.org/view.php?id=CVE-2023-53148
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between the PC and the Thunderbolt hub. This is because the igb_down function is called multiple times when the Thunderbolt hub is unplugged. For example, the igb_io_error_detected triggers the first call, and the igb_remove triggers the secon... • https://git.kernel.org/stable/c/c2312e1d12b1c3ee4100c173131b102e2aed4d04 •