CVSS: 6.6EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53847 – usb-storage: alauda: Fix uninit-value in alauda_check_media()
https://notcve.org/view.php?id=CVE-2023-53847
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alauda_transport+0x462/0x57f0 drivers/usb/storage/alauda.c:1137 CPU: 0 PID: 12279 Comm: usb-storage Not tainted 5.3.0-rc7+ #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/d... • https://git.kernel.org/stable/c/e80b0fade09ef1ee67b0898d480d4c588f124d5f •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53846 – f2fs: fix to do sanity check on direct node in truncate_dnode()
https://notcve.org/view.php?id=CVE-2023-53846
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncate_dnode() syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fs_truncate_data_blocks_range+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by task syz-executor148/5000 CPU: 1 PID: 5000 Comm: syz-executor148 Not tainted 6.4.0-rc7-syzkaller-00041-ge660abd551f1 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023 C... • https://git.kernel.org/stable/c/af0f716ad3b039cab9d426da63a5ee6c88751185 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53845 – nilfs2: fix infinite loop in nilfs_mdt_get_block()
https://notcve.org/view.php?id=CVE-2023-53845
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfs_mdt_get_block() If the disk image that nilfs2 mounts is corrupted and a virtual block address obtained by block lookup for a metadata file is invalid, nilfs_bmap_lookup_at_level() may return the same internal return code as -ENOENT, meaning the block does not exist in the metadata file. This duplication of return codes confuses nilfs_mdt_get_block(), causing it to read and create a metadata block indefinit... • https://git.kernel.org/stable/c/cfb0bb4fbd40c1f06da7e9f88c0a2d46155b90c2 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53844 – drm/ttm: Don't leak a resource on swapout move error
https://notcve.org/view.php?id=CVE-2023-53844
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on swapout move error If moving the bo to system for swapout failed, we were leaking a resource. Fix. In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on swapout move error If moving the bo to system for swapout failed, we were leaking a resource. Fix. • https://git.kernel.org/stable/c/bfa3357ef9abc9d56a2910222d2deeb9f15c91ff •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53843 – net: openvswitch: reject negative ifindex
https://notcve.org/view.php?id=CVE-2023-53843
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) refactored the handling of pre-assigned ifindexes and let syzbot surface a latent problem in ovs. ovs does not validate ifindex, making it possible to create netdev ports with negative ifindex values. It's easy to repro with YNL: $ ./cli.py --spec netlink/specs/ovs_datapath.yaml \ --do new \ --json '{"upcall-pid": 1... • https://git.kernel.org/stable/c/54c4ef34c4b6f9720fded620e2893894f9f2c554 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53842 – ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove
https://notcve.org/view.php?id=CVE-2023-53842
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove The MBHC resources must be released on component probe failure and removal so can not be tied to the lifetime of the component device. This is specifically needed to allow probe deferrals of the sound card which otherwise fails when reprobing the codec component: snd-sc8280xp sound: ASoC: failed to instantiate card -517 genirq: Flags mismatch irq 299. 00002001 (mbhc sw intr) ... • https://git.kernel.org/stable/c/0e5c9e7ff899808afa4e2b08c2e6ccc469bed681 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53841 – devlink: report devlink_port_type_warn source device
https://notcve.org/view.php?id=CVE-2023-53841
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: devlink: report devlink_port_type_warn source device devlink_port_type_warn is scheduled for port devlink and warning when the port type is not set. But from this warning it is not easy found out which device (driver) has no devlink port set. [ 3709.975552] Type was not set for devlink port. [ 3709.975579] WARNING: CPU: 1 PID: 13092 at net/devlink/leftover.c:6775 devlink_port_type_warn+0x11/0x20 [ 3709.993967] Modules linked in: openvswitch... • https://git.kernel.org/stable/c/970c7035f4b03c7be9f49c403ccf6fb0b70039a1 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53840 – usb: early: xhci-dbc: Fix a potential out-of-bound memory access
https://notcve.org/view.php?id=CVE-2023-53840
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbc_bulk_write() fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbc_trace() is called. Reserve an extra byte, which will be zeroed automatically because 'buf' is a static variable, in order to avoid troubles, should it happen. In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: F... • https://git.kernel.org/stable/c/aeb9dd1de98c1a5f2007ea5d2a154c1244caf8a0 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53839 – dccp: fix data-race around dp->dccps_mss_cache
https://notcve.org/view.php?id=CVE-2023-53839
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp->dccps_mss_cache dccp_sendmsg() reads dp->dccps_mss_cache before locking the socket. Same thing in do_dccp_getsockopt(). Add READ_ONCE()/WRITE_ONCE() annotations, and change dccp_sendmsg() to check again dccps_mss_cache after socket is locked. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp->dccps_mss_cache dccp_sendmsg() reads dp->dccps_mss_cache before locking... • https://git.kernel.org/stable/c/7c657876b63cb1d8a2ec06f8fc6c37bb8412e66c •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53838 – f2fs: synchronize atomic write aborts
https://notcve.org/view.php?id=CVE-2023-53838
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic file inode lifetime. In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic fil... • https://git.kernel.org/stable/c/3db1de0e582c358dd013f3703cd55b5fe4076436 •