CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53683 – fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
https://notcve.org/view.php?id=CVE-2023-53683
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() syzbot is hitting WARN_ON() in hfsplus_cat_{read,write}_inode(), for crafted filesystem image can contain bogus length. There conditions are not kernel bugs that can justify kernel to panic. In the Linux kernel, the following vulnerability has been resolved: fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() syzbot is hitting WARN_ON() in hfsplus_cat_{read,... • https://git.kernel.org/stable/c/61af77acd039ffd221bf7adf0dc95d0a4d377505 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53682 – hwmon: (xgene) Fix ioremap and memremap leak
https://notcve.org/view.php?id=CVE-2023-53682
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (xgene) Fix ioremap and memremap leak Smatch reports: drivers/hwmon/xgene-hwmon.c:757 xgene_hwmon_probe() warn: 'ctx->pcc_comm_addr' from ioremap() not released on line: 757. This is because in drivers/hwmon/xgene-hwmon.c:701 xgene_hwmon_probe(), ioremap and memremap is not released, which may cause a leak. To fix this, ioremap and memremap is modified to devm_ioremap and devm_memremap. [groeck: Fixed formatting and subject] In the L... • https://git.kernel.org/stable/c/9d482a09acd3d5f61a56aefc125d32c81994707b •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53681 – bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
https://notcve.org/view.php?id=CVE-2023-53681
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent In some specific situations, the return value of __bch_btree_node_alloc may be NULL. This may lead to a potential NULL pointer dereference in caller function like a calling chain : btree_split->bch_btree_node_alloc->__bch_btree_node_alloc. Fix it by initializing the return value in __bch_btree_node_alloc. In the Linux kernel, the following vulnerability has been reso... • https://git.kernel.org/stable/c/cafe563591446cf80bfbc2fe3bc72a2e36cf1060 •
CVSS: 7.7EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53680 – NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
https://notcve.org/view.php?id=CVE-2023-53680
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL OPDESC() simply indexes into nfsd4_ops[] by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds opnum value. nfsd4_decode_compound() is not so careful, and can invoke OPDESC() with opnum set to OP_ILLEGAL, which is 10044 -- well beyond the end of nfsd4_ops[]. In the Linux kernel, the following vulnera... • https://git.kernel.org/stable/c/f4f9ef4a1b0a1ca80b152e28e176d69515bdf7e8 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53679 – wifi: mt7601u: fix an integer underflow
https://notcve.org/view.php?id=CVE-2023-53679
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer dereference in 'mt7601u_rx_skb_from_seg()'. The variable 'dma_len' in the URB packet could be manipulated, which could trigger an integer underflow of 'seg_len' in 'mt7601u_rx_process_seg()'. This underflow subsequently causes the 'bad_frame' checks in 'mt7601u_rx_skb_from_seg()' to be bypassed, eventually leading to a dereference of the pointer 'p... • https://git.kernel.org/stable/c/67e4519afba215199b6dfa39ce5d7ea673ee4138 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53678 – drm/i915: Fix system suspend without fbdev being initialized
https://notcve.org/view.php?id=CVE-2023-53678
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix system suspend without fbdev being initialized If fbdev is not initialized for some reason - in practice on platforms without display - suspending fbdev should be skipped during system suspend, fix this up. While at it add an assert that suspending fbdev only happens with the display present. This fixes the following: [ 91.227923] PM: suspend entry (s2idle) [ 91.254598] Filesystems sync: 0.025 seconds [ 91.270518] Freezing use... • https://git.kernel.org/stable/c/f8cc091e05305231c8f747ca253a90ff0cea60b9 •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53677 – drm/i915: Fix memory leaks in i915 selftests
https://notcve.org/view.php?id=CVE-2023-53677
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix memory leaks in i915 selftests This patch fixes memory leaks on error escapes in function fake_get_pages (cherry picked from commit 8bfbdadce85c4c51689da10f39c805a7106d4567) • https://git.kernel.org/stable/c/c3bfba9a222550406082c92bbabc9c8b1355d8b8 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53676 – scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()
https://notcve.org/view.php?id=CVE-2023-53676
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking for the buffer length. With enough iSCSI connections it's possible to overflow the buffer provided by configfs and corrupt the memory. This patch replaces sprintf() with sysfs_emit_at() that checks for buffer boundries. In the Linux... • https://git.kernel.org/stable/c/df349e84c2cb0dd05d98c8e1189c26ab4b116083 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53675 – scsi: ses: Fix possible desc_ptr out-of-bounds accesses
https://notcve.org/view.php?id=CVE-2023-53675
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible desc_ptr out-of-bounds accesses Sanitize possible desc_ptr out-of-bounds accesses in ses_enclosure_data_process(). In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible desc_ptr out-of-bounds accesses Sanitize possible desc_ptr out-of-bounds accesses in ses_enclosure_data_process(). • https://git.kernel.org/stable/c/72021ae61a2bc6ca73cd593e255a10ed5f5dc5e7 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53674 – clk: Fix memory leak in devm_clk_notifier_register()
https://notcve.org/view.php?id=CVE-2023-53674
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devm_clk_notifier_register() devm_clk_notifier_register() allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on device detach and the allocated resource was leaked. Fix the issue by registering the resource through devres_add(). This issue was found with kmemleak on a Chromebook. In the Linux kernel, the following vulnerability has been resolve... • https://git.kernel.org/stable/c/6d30d50d037dfa092f9d5d1fffa348ab4abb7163 •