CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52942 – cgroup/cpuset: Fix wrong check in update_parent_subparts_cpumask()
https://notcve.org/view.php?id=CVE-2023-52942
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Fix wrong check in update_parent_subparts_cpumask() It was found that the check to see if a partition could use up all the cpus from the parent cpuset in update_parent_subparts_cpumask() was incorrect. As a result, it is possible to leave parent with no effective cpu left even if there are tasks in the parent cpuset. This can lead to system panic as reported in [1]. Fix this probem by updating the check to fail the enabling t... • https://git.kernel.org/stable/c/f0af1bfc27b52a4d42510051154c61bd176a8f06 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52941 – can: isotp: split tx timer into transmission and timeout
https://notcve.org/view.php?id=CVE-2023-52941
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: can: isotp: split tx timer into transmission and timeout The timer for the transmission of isotp PDUs formerly had two functions: 1. send two consecutive frames with a given time gap 2. monitor the timeouts for flow control frames and the echo frames This led to larger txstate checks and potentially to a problem discovered by syzbot which enabled the panic_on_warn feature while testing. The former 'txtimer' function is split into 'txfrtimer... • https://git.kernel.org/stable/c/866337865f3747c68a3e7bb837611e39cec1ecd6 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52940 – mm: multi-gen LRU: fix crash during cgroup migration
https://notcve.org/view.php?id=CVE-2023-52940
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: mm: multi-gen LRU: fix crash during cgroup migration lru_gen_migrate_mm() assumes lru_gen_add_mm() runs prior to itself. This isn't true for the following scenario: CPU 1 CPU 2 clone() cgroup_can_fork() cgroup_procs_write() cgroup_post_fork() task_lock() lru_gen_migrate_mm() task_unlock() task_lock() lru_gen_add_mm() task_unlock() And when the above happens, kernel crashes because of linked list corruption (mm_struct->lru_gen.list). In the ... • https://git.kernel.org/stable/c/bd74fdaea146029e4fa12c6de89adbe0779348a9 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52939 – mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath()
https://notcve.org/view.php?id=CVE-2023-52939
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath() As commit 18365225f044 ("hwpoison, memcg: forcibly uncharge LRU pages"), hwpoison will forcibly uncharg a LRU hwpoisoned page, the folio_memcg could be NULl, then, mem_cgroup_track_foreign_dirty_slowpath() could occurs a NULL pointer dereference, let's do not record the foreign writebacks for folio memcg is null in mem_cgroup_track_foreign_dirty() to fix it. In the Lin... • https://git.kernel.org/stable/c/97b27821b4854ca744946dae32a3f2fd55bcd5bc •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52938 – usb: typec: ucsi: Don't attempt to resume the ports before they exist
https://notcve.org/view.php?id=CVE-2023-52938
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Don't attempt to resume the ports before they exist This will fix null pointer dereference that was caused by the driver attempting to resume ports that were not yet registered. In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Don't attempt to resume the ports before they exist This will fix null pointer dereference that was caused by the driver attempting to resume ports that were not ... • https://git.kernel.org/stable/c/9222912924fcf56e2d166a503eddbdb5ffd2005f •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52937 – HV: hv_balloon: fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-52937
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: HV: hv_balloon: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. In the Linux kernel, the following vulnerability has been resolved: HV: hv_balloon: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() th... • https://git.kernel.org/stable/c/d180e0a1be6cea2b7436fadbd1c96aecdf3c46c7 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52936 – kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-52936
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. In the Linux kernel, the following vulnerability has been resolved: kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup() When calling deb... • https://git.kernel.org/stable/c/066ecbf1a53eb0b92b10c8df7808666be6ea5681 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52935 – mm/khugepaged: fix ->anon_vma race
https://notcve.org/view.php?id=CVE-2023-52935
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix ->anon_vma race If an ->anon_vma is attached to the VMA, collapse_and_free_pmd() requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anon_vma lock (if the VMA is associated with an anon_vma), and the mapping lock (if the VMA is associated with a mapping); and so to be able to remove page tables, we must hold all three of them. retract_page_tables() bails out if an ->anon_vma is at... • https://git.kernel.org/stable/c/f3f0e1d2150b2b99da2cbdfaad000089efe9bf30 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52934 – mm/MADV_COLLAPSE: catch !none !huge !bad pmd lookups
https://notcve.org/view.php?id=CVE-2023-52934
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/MADV_COLLAPSE: catch !none !huge !bad pmd lookups In commit 34488399fa08 ("mm/madvise: add file and shmem support to MADV_COLLAPSE") we make the following change to find_pmd_or_thp_or_none(): - if (!pmd_present(pmde)) - return SCAN_PMD_NULL; + if (pmd_none(pmde)) + return SCAN_PMD_NONE; This was for-use by MADV_COLLAPSE file/shmem codepaths, where MADV_COLLAPSE might identify a pte-mapped hugepage, only to have khugepaged race-in, free t... • https://git.kernel.org/stable/c/34488399fa08faaf664743fa54b271eb6f9e1321 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52933 – Squashfs: fix handling and sanity checking of xattr_ids count
https://notcve.org/view.php?id=CVE-2023-52933
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattr_ids count A Sysbot [1] corrupted filesystem exposes two flaws in the handling and sanity checking of the xattr_ids count in the filesystem. Both of these flaws cause computation overflow due to incorrect typing. In the corrupted filesystem the xattr_ids value is 4294967071, which stored in a signed variable becomes the negative number -225. Flaw 1 (64-bit systems only): The signed integer ... • https://git.kernel.org/stable/c/ff49cace7b8cf00d27665f7536a863d406963d06 •