CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2023-53134 – bnxt_en: Avoid order-5 memory allocation for TPA data
https://notcve.org/view.php?id=CVE-2023-53134
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA (GRO/LRO) completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256 and the amount of memory we allocate is order-5 on systems using 4K pages. Memory allocation failure has been reported: NetworkManager: page allocation failure: order:5, mode:0x40dc0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), no... • https://git.kernel.org/stable/c/79632e9ba38671215fb193346ef6fb8db582744d •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2023-53133 – bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()
https://notcve.org/view.php?id=CVE-2023-53133
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup - CPU#3 stuck for 27s! [a.out:6149] CPU: 3 PID: 6149 Comm: a.out Kdump: loaded Not tainted 6.2.0+ #30 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 RIP: 0010:remove_wait_queue+0xb/0xc0 Code: 5e 41 5f c3 c... • https://git.kernel.org/stable/c/604326b41a6fb9b4a78b6179335decee0365cd8c •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2023-53131 – SUNRPC: Fix a server shutdown leak
https://notcve.org/view.php?id=CVE-2023-53131
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever getting called. If that happens the svc_rqst will not be cleaned up. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever getting called. If that happens the svc_rqst will not be cleaned up. • https://git.kernel.org/stable/c/ed6473ddc704a2005b9900ca08e236ebb2d8540a •
CVSS: 7.1EPSS: %CPEs: 1EXPL: 0CVE-2023-53130 – block: fix wrong mode for blkdev_put() from disk_scan_partitions()
https://notcve.org/view.php?id=CVE-2023-53130
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: block: fix wrong mode for blkdev_put() from disk_scan_partitions() If disk_scan_partitions() is called with 'FMODE_EXCL', blkdev_get_by_dev() will be called without 'FMODE_EXCL', however, follow blkdev_put() is still called with 'FMODE_EXCL', which will cause 'bd_holders' counter to leak. Fix the problem by using the right mode for blkdev_put(). In the Linux kernel, the following vulnerability has been resolved: block: fix wrong mode for bl... • https://git.kernel.org/stable/c/428913bce1e67ccb4dae317fd0332545bf8c9233 •
CVSS: 5.6EPSS: %CPEs: 1EXPL: 0CVE-2023-53129 – ext4: Fix deadlock during directory rename
https://notcve.org/view.php?id=CVE-2023-53129
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock during directory rename As lockdep properly warns, we should not be locking i_rwsem while having transactions started as the proper lock ordering used by all directory handling operations is i_rwsem -> transaction start. Fix the lock ordering by moving the locking of the directory earlier in ext4_rename(). In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock during directory rename As loc... • https://git.kernel.org/stable/c/3c92792da8506a295afb6d032b4476e46f979725 •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2023-53128 – scsi: mpi3mr: Fix throttle_groups memory leak
https://notcve.org/view.php?id=CVE-2023-53128
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttle_groups memory leak Add a missing kfree(). • https://git.kernel.org/stable/c/f10af057325c251c0dfcba7f3e3b607634d0bb25 •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2023-53125 – net: usb: smsc75xx: Limit packet length to skb->len
https://notcve.org/view.php?id=CVE-2023-53125
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network stack will leak kernel memory contents. In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socke... • https://git.kernel.org/stable/c/d0cad871703b898a442e4049c532ec39168e5b57 •
CVSS: 5.5EPSS: %CPEs: 7EXPL: 0CVE-2023-53124 – scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
https://notcve.org/view.php?id=CVE-2023-53124
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access. If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access... • https://git.kernel.org/stable/c/d60000cb1195a464080b0efb4949daf7594e0020 •
CVSS: 7.1EPSS: %CPEs: 4EXPL: 0CVE-2023-53123 – PCI: s390: Fix use-after-free of PCI resources with per-function hotplug
https://notcve.org/view.php?id=CVE-2023-53123
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functions may be hotplugged individually even when they belong to a multi-function device. In particular on an SR-IOV device VFs may be removed and later re-added. In commit a50297cf8235 ("s390/pci: separate zbus creation from scanning") it was missed however that struct pci_bus and struct zpci_bus's resource list retained a reference to the PCI functions M... • https://git.kernel.org/stable/c/a50297cf8235b062bcdeaa8b1dad58e69d3e1b43 •
CVSS: 5.5EPSS: %CPEs: 1EXPL: 0CVE-2023-53122 – RISC-V: fix taking the text_mutex twice during sifive errata patching
https://notcve.org/view.php?id=CVE-2023-53122
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: RISC-V: fix taking the text_mutex twice during sifive errata patching Chris pointed out that some bonehead, *cough* me *cough*, added two mutex_locks() to the SiFive errata patching. The second was meant to have been a mutex_unlock(). This results in errors such as Unable to handle kernel NULL pointer dereference at virtual address 0000000000000030 Oops [#1] Modules linked in: CPU: 0 PID: 0 Comm: swapper Not tainted 6.2.0-rc1-starlight-0007... • https://git.kernel.org/stable/c/bf89b7ee52af5a5944fa3539e86089f72475055b •