CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53718 – ring-buffer: Do not swap cpu_buffer during resize process
https://notcve.org/view.php?id=CVE-2023-53718
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in the wrong state will result in oops. This issue can be easily reproduced using the following two scripts: /tmp # cat test1.sh //#! /bin/sh for i in `seq 0 100000` do echo 2000 > /sys/kernel/debug/tracing/buffer_size_kb sleep 0.5 echo... • https://git.kernel.org/stable/c/66a3b2a121386702663065d5c9e5a33c03d3f4a2 •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53715 – wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
https://notcve.org/view.php?id=CVE-2023-53715
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in binary all along, so use that and avoid the hexification. OpenBSD has been doing it like this from the beginning, so this should work on all chips. Also clear the structure before setting the PMK. • https://git.kernel.org/stable/c/1687845eb8f37360a9ee849a3587ab659b090773 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53714 – drm/stm: ltdc: fix late dereference check
https://notcve.org/view.php?id=CVE-2023-53714
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a container_of() before the pointer check. This could cause a kernel panic. Fix this smatch warning: drivers/gpu/drm/stm/ltdc.c:1124 ltdc_crtc_set_crc_source() warn: variable dereferenced before check 'crtc' (see line 1119) In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check I... • https://git.kernel.org/stable/c/340dba127bbed51e8425cd8e097aacfadd175462 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53712 – ARM: 9317/1: kexec: Make smp stop calls asynchronous
https://notcve.org/view.php?id=CVE-2023-53712
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdcb8039c ("smp: Warn on function calls from softirq context") this call should not be made synchronous with disabled interrupts: softdog: Initiating panic Kernel panic - not syncing: Software Watchdog Timer expired WARNING: CPU: 1 PID: 0 at kernel/smp.c:753 smp... • https://git.kernel.org/stable/c/46870eea5496ff277e86187a49ac5a667cfe60c4 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53708 – ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects
https://notcve.org/view.php?id=CVE-2023-53708
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explicitly guard against this. In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects whil... • https://git.kernel.org/stable/c/7b7964cd9db30bc84808a40d13a0633b4313f149 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53707 – drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1
https://notcve.org/view.php?id=CVE-2023-53707
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an ... • https://git.kernel.org/stable/c/9f55d300541cb5b435984d269087810581580b00 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53695 – udf: Detect system inodes linked into directory hierarchy
https://notcve.org/view.php?id=CVE-2023-53695
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the filesystem and kernel confusion as noticed by syzbot fuzzed images. Refuse to access system inodes linked into directory hierarchy and vice versa. In the Linux kernel, the following vulnerability has been resolved: udf: Detect system i... • https://git.kernel.org/stable/c/1dc71eeb198a8daa17d0c995998a53b0b749a158 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50582 – regulator: core: Prevent integer underflow
https://notcve.org/view.php?id=CVE-2022-50582
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to poll_enabled_time that is not integer time_remaining underflows and does not exit the loop as expected. As delay could be derived from DT and poll_enabled_time is defined in the driver this can easily happen. Use a signed iterator to make sure that the loop exits once the remaining time is negative. In the Linux kernel, the following vulnerability has been resolved: reg... • https://git.kernel.org/stable/c/b051d9bf98bd9cea312b228e264eb6542a9beb67 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50581 – hfs: fix OOB Read in __hfs_brec_find
https://notcve.org/view.php?id=CVE-2022-50581
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in __hfs_brec_find Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_strcmp+0x117/0x190 fs/hfs/string.c:84 Read of size 1 at addr ffff88807eb62c4e by task kworker/u4:1/11 CPU: 1 PID: 11 Comm: kworker/u4:1 Not tainted 6.1.0-rc6-syzkaller-00308-g644e9524388a #0 Workqueue: writeback wb_workfn (flush-7:0) Call Trace:
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50580 – blk-throttle: prevent overflow while calculating wait time
https://notcve.org/view.php?id=CVE-2022-50580
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that 'bps_limit * jiffy_elapsed_rnd' might overflow. Fix the problem by calling mul_u64_u64_div_u64() instead. In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that 'bps_limit... • https://git.kernel.org/stable/c/19c010ae44f0ce52b5436080492a61a092ee0cf4 •