CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53026 – RDMA/core: Fix ib block iterator counter overflow
https://notcve.org/view.php?id=CVE-2023-53026
27 Mar 2025 — Backtrace: [ 192.374329] efa_reg_user_mr_dmabuf [ 192.376783] efa_register_mr [ 192.382579] pgsz_bitmap 0xfffff000 rounddown 0x80000000 [ 192.386423] pg_sz [0x80000000] umem_length[0xc0000000] [ 192.392657] start 0x0 length 0xc0000000 params.page_shift 31 params.page_num 3 [ 192.399559] hp_cnt[3], pages_in_hp[524288] [ 192.403690] umem->sgt_append.sgt.nents[1] [ 192.407905] number entries: [1], pg_bit: [31] [ 192.411397] biter->__sg_nents [1] biter->__sg [0000000008b0c5d8] [ 192.415601] biter->__sg_advance ... • https://git.kernel.org/stable/c/a808273a495c657e33281b181fd7fcc2bb28f662 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53024 – bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation
https://notcve.org/view.php?id=CVE-2023-53024
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, 2039f26f3aca ("bpf: Fix leakage due to insufficient speculative store bypass mitigation") inserts lfence instructions after 1) initializing a stack slot and 2) spilling a pointer to the stack. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass ... • https://git.kernel.org/stable/c/872968502114d68c21419cf7eb5ab97717e7b803 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53023 – net: nfc: Fix use-after-free in local_cleanup()
https://notcve.org/view.php?id=CVE-2023-53023
27 Mar 2025 — BUG: KASAN: use-after-free in kfree_skb() Call Trace: dump_stack_lvl (lib/dump_stack.c:106) print_address_description.constprop.0.cold (mm/kasan/report.c:306) kasan_check_range (mm/kasan/generic.c:189) kfree_skb (net/core/skbuff.c:955) local_cleanup (net/nfc/llcp_core.c:159) nfc_llcp_local_put.part.0 (net/nfc/llcp_core.c:172) nfc_llcp_local_put (net/nfc/llcp_core.c:181) llcp_sock_destruct (net/nfc/llcp_sock.c:959) __sk_destruct (net/core/sock.c:2133) sk_destruct (net/core/sock.c:2181) __sk_free (net/core/so... • https://git.kernel.org/stable/c/3536da06db0baa675f32de608c0a4c0f5ef0e9ff • CWE-416: Use After Free •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53022 – net: enetc: avoid deadlock in enetc_tx_onestep_tstamp()
https://notcve.org/view.php?id=CVE-2023-53022
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid deadlock in enetc_tx_onestep_tstamp() This lockdep splat says it better than I could: ================================ WARNING: inconsistent lock state 6.2.0-rc2-07010-ga9b9500ffaac-dirty #967 Not tainted -------------------------------- inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage. In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid deadlock in enetc_tx_onestep_tstamp... • https://git.kernel.org/stable/c/7294380c5211687aa4d66166984b152ee84caf5f •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53021 – net/sched: sch_taprio: fix possible use-after-free
https://notcve.org/view.php?id=CVE-2023-53021
27 Mar 2025 — [1] BUG: KMSAN: uninit-value in queued_spin_trylock include/asm-generic/qspinlock.h:94 [inline] BUG: KMSAN: uninit-value in do_raw_spin_trylock include/linux/spinlock.h:191 [inline] BUG: KMSAN: uninit-value in __raw_spin_trylock include/linux/spinlock_api_smp.h:89 [inline] BUG: KMSAN: uninit-value in _raw_spin_trylock+0x92/0xa0 kernel/locking/spinlock.c:138 queued_spin_trylock include/asm-generic/qspinlock.h:94 [inline] do_raw_spin_trylock include/linux/spinlock.h:191 [inline] __raw_spi... • https://git.kernel.org/stable/c/5a781ccbd19e4664babcbe4b4ead7aa2b9283d22 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53020 – l2tp: close all race conditions in l2tp_tunnel_register()
https://notcve.org/view.php?id=CVE-2023-53020
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tp_tunnel_register() The code in l2tp_tunnel_register() is racy in several ways: 1. ... In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tp_tunnel_register() The code in l2tp_tunnel_register() is racy in several ways: 1. • https://git.kernel.org/stable/c/37159ef2c1ae1e696b24b260b241209a19f92c60 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53019 – net: mdio: validate parameter addr in mdiobus_get_phy()
https://notcve.org/view.php?id=CVE-2023-53019
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobus_get_phy() The caller may pass any value as addr, what may result in an out-of-bounds access to array mdio_map. In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobus_get_phy() The caller may pass any value as addr, what may result in an out-of-bounds access to array mdio_map. ... • https://git.kernel.org/stable/c/7f854420fbfe9d49afe2ffb1df052cfe8e215541 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53018 – Bluetooth: hci_conn: Fix memory leaks
https://notcve.org/view.php?id=CVE-2023-53018
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix memory leaks When hci_cmd_sync_queue() failed in hci_le_terminate_big() or hci_le_big_terminate(), the memory pointed by variable d is not freed, which will cause memory leak. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix memory leaks When hci_cmd_sync_queue() failed in hci_le_terminate_big() or hci_le_big_terminate(), the memory pointed by variable d is n... • https://git.kernel.org/stable/c/eca0ae4aea66914515e5e3098ea051b518ee5316 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53017 – Bluetooth: hci_sync: fix memory leak in hci_update_adv_data()
https://notcve.org/view.php?id=CVE-2023-53017
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix memory leak in hci_update_adv_data() When hci_cmd_sync_queue() failed in hci_update_adv_data(), inst_ptr is not freed, which will cause memory leak, convert to use ERR_PTR/PTR_ERR to pass the instance to callback so no memory needs to be allocated. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix memory leak in hci_update_adv_data() When hci_cmd_sync_queue() ... • https://git.kernel.org/stable/c/651cd3d65b0f76a2198fcf3a80ce5d53dd267717 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53016 – Bluetooth: Fix possible deadlock in rfcomm_sk_state_change
https://notcve.org/view.php?id=CVE-2023-53016
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change syzbot reports a possible deadlock in rfcomm_sk_state_change [1]. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change syzbot reports a possible deadlock in rfcomm_sk_state_change [1]. • https://git.kernel.org/stable/c/1804fdf6e494e5e2938c65d8391690b59bcff897 • CWE-667: Improper Locking •