CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2023-53293 – Bluetooth: btrtl: check for NULL in btrtl_set_quirks()
https://notcve.org/view.php?id=CVE-2023-53293
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_set_quirks() The btrtl_set_quirks() has accessed btrtl_dev->ic_info->lmp_subver since b8e482d02513. However, if installing a Realtek Bluetooth controller without the driver supported, it will hit the NULL point accessed. Add a check for NULL to avoid the Kernel Oops. • https://git.kernel.org/stable/c/ea160ece08668a30ce69f92cc08e87da54a64a9c •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2023-53292 – blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none
https://notcve.org/view.php?id=CVE-2023-53292
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none After grabbing q->sysfs_lock, q->elevator may become NULL because of elevator switch. Fix the NULL dereference on q->elevator by checking it with lock. • https://git.kernel.org/stable/c/3e977386521b71471e66ec2ba82efdfcc456adf2 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2023-53291 – rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
https://notcve.org/view.php?id=CVE-2023-53291
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale Running the 'kfree_rcu_test' test case [1] results in a splat [2]. The root cause is the kfree_scale_thread thread(s) continue running after unloading the rcuscale module. This commit fixes that isue by invoking kfree_scale_cleanup() from rcu_scale_cleanup() when removing the rcuscale module. [1] modprobe rcuscale kfree_rcu_test=1 // After some time rmmod rcuscale rmmo... • https://git.kernel.org/stable/c/e6e78b004fa7e0ab455d46d27f218bf6ce178a18 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2023-53290 – samples/bpf: Fix fout leak in hbm's run_bpf_prog
https://notcve.org/view.php?id=CVE-2023-53290
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's run_bpf_prog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope. • https://git.kernel.org/stable/c/a7ec2f424f6edad34651137783a0a59eca9aa37e •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2023-53289 – media: bdisp: Add missing check for create_workqueue
https://notcve.org/view.php?id=CVE-2023-53289
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: media: bdisp: Add missing check for create_workqueue Add the check for the return value of the create_workqueue in order to avoid NULL pointer dereference. • https://git.kernel.org/stable/c/28ffeebbb7bdc0dd7899286b63f3c359d43d0a1a •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2023-53288 – drm/client: Fix memory leak in drm_client_modeset_probe
https://notcve.org/view.php?id=CVE-2023-53288
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm] drm_client_modeset_probe+0x944/0xf50 [drm] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper] drm_client_register+0x169/0x240 [drm] ast_pci_probe+0x142/0x190 [as... • https://git.kernel.org/stable/c/5d580017bdb9b3e930b6009e467e5e1589f8ca8a •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2023-53287 – usb: cdns3: Put the cdns set active part outside the spin lock
https://notcve.org/view.php?id=CVE-2023-53287
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pm_runtime_set_active will resume suppliers, put set active outside the spin lock, which is only used to protect the struct cdns data structure, otherwise the kernel will report the following warning: BUG: sleeping function called from invalid context at drivers/base/power/ru... • https://git.kernel.org/stable/c/c861a61be6d30538ebcf7fcab1d43f244e298840 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2023-53286 – RDMA/mlx5: Return the firmware result upon destroying QP/RQ
https://notcve.org/view.php?id=CVE-2023-53286
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. Which in turn could lead to various problems since when upper layer isn't aware of the failure it continues its operation thinking that the related QP/RQ was successfully destroyed while it actually wasn't, which could lead to the belo... • https://git.kernel.org/stable/c/73311dd831858d797cf8ebe140654ed519b41c36 •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2023-53285 – ext4: add bounds checking in get_max_inline_xattr_value_size()
https://notcve.org/view.php?id=CVE-2023-53285
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in get_max_inline_xattr_value_size() Normally the extended attributes in the inode body would have been checked when the inode is first opened, but if someone is writing to the block device while the file system is mounted, it's possible for the inode table to get corrupted. Add bounds checking to avoid reading beyond the end of allocated memory if this happens. • https://git.kernel.org/stable/c/5a229d21b98d132673096710e8281ef522dab1d1 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2023-53284 – drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init()
https://notcve.org/view.php?id=CVE-2023-53284
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init() Because of the possilble failure of devm_kzalloc(), dpu_wb_conn might be NULL and will cause null pointer dereference later. Therefore, it might be better to check it and directly return -ENOMEM. Patchwork: https://patchwork.freedesktop.org/patch/512277/ [DB: fixed typo in commit message] • https://git.kernel.org/stable/c/77b001acdcfeb892842caac49fb7f0d286b29c43 •