CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2023-53134 – bnxt_en: Avoid order-5 memory allocation for TPA data
https://notcve.org/view.php?id=CVE-2023-53134
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA (GRO/LRO) completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256 and the amount of memory we allocate is order-5 on systems using 4K pages. Memory allocation failure has been reported: NetworkManager: page allocation failure: order:5, mode:0x40dc0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), no... • https://git.kernel.org/stable/c/79632e9ba38671215fb193346ef6fb8db582744d •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2023-53133 – bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()
https://notcve.org/view.php?id=CVE-2023-53133
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup - CPU#3 stuck for 27s! [a.out:6149] CPU: 3 PID: 6149 Comm: a.out Kdump: loaded Not tainted 6.2.0+ #30 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 RIP: 0010:remove_wait_queue+0xb/0xc0 Code: 5e 41 5f c3 c... • https://git.kernel.org/stable/c/604326b41a6fb9b4a78b6179335decee0365cd8c •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2023-53132 – scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove()
https://notcve.org/view.php?id=CVE-2023-53132
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove() Free mpi3mr_hba_port at .remove. • https://git.kernel.org/stable/c/42fc9fee116fc6a225a1f738adf86689d5c39d49 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2023-53131 – SUNRPC: Fix a server shutdown leak
https://notcve.org/view.php?id=CVE-2023-53131
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever getting called. If that happens the svc_rqst will not be cleaned up. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever getting called. If that happens the svc_rqst will not be cleaned up. • https://git.kernel.org/stable/c/ed6473ddc704a2005b9900ca08e236ebb2d8540a •
CVSS: 7.1EPSS: %CPEs: 1EXPL: 0CVE-2023-53130 – block: fix wrong mode for blkdev_put() from disk_scan_partitions()
https://notcve.org/view.php?id=CVE-2023-53130
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: block: fix wrong mode for blkdev_put() from disk_scan_partitions() If disk_scan_partitions() is called with 'FMODE_EXCL', blkdev_get_by_dev() will be called without 'FMODE_EXCL', however, follow blkdev_put() is still called with 'FMODE_EXCL', which will cause 'bd_holders' counter to leak. Fix the problem by using the right mode for blkdev_put(). In the Linux kernel, the following vulnerability has been resolved: block: fix wrong mode for bl... • https://git.kernel.org/stable/c/428913bce1e67ccb4dae317fd0332545bf8c9233 •
CVSS: 5.6EPSS: %CPEs: 1EXPL: 0CVE-2023-53129 – ext4: Fix deadlock during directory rename
https://notcve.org/view.php?id=CVE-2023-53129
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock during directory rename As lockdep properly warns, we should not be locking i_rwsem while having transactions started as the proper lock ordering used by all directory handling operations is i_rwsem -> transaction start. Fix the lock ordering by moving the locking of the directory earlier in ext4_rename(). In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock during directory rename As loc... • https://git.kernel.org/stable/c/3c92792da8506a295afb6d032b4476e46f979725 •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2023-53128 – scsi: mpi3mr: Fix throttle_groups memory leak
https://notcve.org/view.php?id=CVE-2023-53128
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttle_groups memory leak Add a missing kfree(). • https://git.kernel.org/stable/c/f10af057325c251c0dfcba7f3e3b607634d0bb25 •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2023-53127 – scsi: mpi3mr: Fix expander node leak in mpi3mr_remove()
https://notcve.org/view.php?id=CVE-2023-53127
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix expander node leak in mpi3mr_remove() Add a missing resource clean up in .remove. • https://git.kernel.org/stable/c/e22bae30667a7e74ed057e00fb6e8c79e0738de3 •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2023-53126 – scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove()
https://notcve.org/view.php?id=CVE-2023-53126
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove() Free mrioc->sas_hba.phy at .remove. • https://git.kernel.org/stable/c/42fc9fee116fc6a225a1f738adf86689d5c39d49 •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2023-53125 – net: usb: smsc75xx: Limit packet length to skb->len
https://notcve.org/view.php?id=CVE-2023-53125
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network stack will leak kernel memory contents. In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socke... • https://git.kernel.org/stable/c/d0cad871703b898a442e4049c532ec39168e5b57 •