CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53323 – ext2/dax: Fix ext2_setsize when len is page aligned
https://notcve.org/view.php?id=CVE-2023-53323
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2_setsize when len is page aligned PAGE_ALIGN(x) macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in dax_zero_range() function, that means the length gets passed as 0 to ->iomap_begin(). In ext2 it then calls ext2_get_blocks -> max_blocks as 0 and hits bug_on here in ext2_get_blocks(). BUG_ON(maxblocks == 0); Instead we should b... • https://git.kernel.org/stable/c/2aa3048e03d38d5358be2553d4b638c1a018498c • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53322 – scsi: qla2xxx: Wait for io return on terminate rport
https://notcve.org/view.php?id=CVE-2023-53322
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Wait for io return on terminate rport System crash due to use after free. Current code allows terminate_rport_io to exit before making sure all IOs has returned. For FCP-2 device, IO's can hang on in HW because driver has not tear down the session in FW at first sign of cable pull. When dev_loss_tmo timer pops, terminate_rport_io is called and upper layer is about to free various resources. Terminate_rport_io trigger qla to d... • https://git.kernel.org/stable/c/715848ca6fffeb6362a50887d9c26245bd5dfba9 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53321 – wifi: mac80211_hwsim: drop short frames
https://notcve.org/view.php?id=CVE-2023-53321
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded through wmediumd or similar userspace, so require the full 3-address header to avoid accessing invalid memory if shorter frames are passed in. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches... • https://git.kernel.org/stable/c/05d610af3e71a782fa28a1351b687da982d208ee • CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53320 – scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info()
https://notcve.org/view.php?id=CVE-2023-53320
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info() The function mpi3mr_get_all_tgt_info() has four issues: 1) It calculates valid entry length in alltgt_info assuming the header part of the struct mpi3mr_device_map_info would equal to sizeof(u32). The correct size is sizeof(u64). 2) When it calculates the valid entry length kern_entrylen, it excludes one entry by subtracting 1 from num_devices. 3) It copies num_device by calling memcpy()... • https://git.kernel.org/stable/c/f5e6d5a343761081317c89d23489c93fbafc69ff • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-53318 – recordmcount: Fix memory leaks in the uwrite function
https://notcve.org/view.php?id=CVE-2023-53318
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: recordmcount: Fix memory leaks in the uwrite function Common realloc mistake: 'file_append' nulled but not freed upon failure • https://git.kernel.org/stable/c/a50bd43935586420fb75f4558369eb08566fac5e • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53317 – ext4: fix WARNING in mb_find_extent
https://notcve.org/view.php?id=CVE-2023-53317
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mb_find_extent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! EXT4-fs (loop0): orphan cleanup on readonly fs ------------[ cut here ]------------ WARNING: CPU: 1 PID: 5067 at fs/ext4/mballoc.c:1869 mb_find_extent+0x8a1/0xe30 Modules linked in: CPU: 1 PID: 5067 Comm: syz-executor307 Not tainted 6.2.0-rc1-syzkall... • https://git.kernel.org/stable/c/abcb2947c91130426539f209f7a473a67a1f6663 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53316 – drm/msm/dp: Free resources after unregistering them
https://notcve.org/view.php?id=CVE-2023-53316
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Free resources after unregistering them The DP component's unbind operation walks through the submodules to unregister and clean things up. But if the unbind happens because the DP controller itself is being removed, all the memory for those submodules has just been freed. Change the order of these operations to avoid the many use-after-free that otherwise happens in this code path. Patchwork: https://patchwork.freedesktop.org/p... • https://git.kernel.org/stable/c/c943b4948b5848fc0e07f875edbd35a973879e22 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53315 – wifi: ath11k: Fix SKB corruption in REO destination ring
https://notcve.org/view.php?id=CVE-2023-53315
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time, randomly an RX descriptor filled with value "0" from REO destination ring is received. This descriptor which is invalid causes the wrong SKB (SKB stored in the IDR lookup with buffer id "0") to be fetched which in turn causes SKB memory corruption issue and the same leads to crash after some time. Changed the start id for idr allocation to "1" a... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53314 – fbdev/ep93xx-fb: Do not assign to struct fb_info.dev
https://notcve.org/view.php?id=CVE-2023-53314
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fb_info.dev Do not assing the Linux device to struct fb_info.dev. The call to register_framebuffer() initializes the field to the fbdev device. Drivers should not override its value. Fixes a bug where the driver incorrectly decreases the hardware device's reference counter and leaks the fbdev device. v2: * add Fixes tag (Dan) This update provides the initial livepatch for this kernel update. This upd... • https://git.kernel.org/stable/c/88017bda96a5fd568a982b01546c8fb1782dda62 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53313 – md/raid10: fix wrong setting of max_corr_read_errors
https://notcve.org/view.php?id=CVE-2023-53313
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of max_corr_read_errors There is no input check when echo md/max_read_errors and overflow might occur. Add check of input number. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. • https://git.kernel.org/stable/c/1e50915fe0bbf7a46db0fa7e1e604d3fc95f057d •