CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2023-53285 – ext4: add bounds checking in get_max_inline_xattr_value_size()
https://notcve.org/view.php?id=CVE-2023-53285
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in get_max_inline_xattr_value_size() Normally the extended attributes in the inode body would have been checked when the inode is first opened, but if someone is writing to the block device while the file system is mounted, it's possible for the inode table to get corrupted. Add bounds checking to avoid reading beyond the end of allocated memory if this happens. • https://git.kernel.org/stable/c/5a229d21b98d132673096710e8281ef522dab1d1 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2023-53282 – scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write
https://notcve.org/view.php?id=CVE-2023-53282
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-free read warning is logged from the lpfc_wr_object() routine: BUG: KFENCE: use-after-free read in lpfc_wr_object+0x235/0x310 [lpfc] Use-after-free read at 0x0000000000cf164d (in kfence-#111): lpfc_wr_object+0x235/0x310 [lpfc] lpfc_write_firmware.cold+0x206/0x30d [lpfc] lpfc_sli4_request_firmware_update+0xa6/0x100... • https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2023-53279 – misc: vmw_balloon: fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-53279
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: misc: vmw_balloon: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. • https://git.kernel.org/stable/c/b94b39bf3d545671f210a2257d18e33c8b874699 •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2023-53277 – wifi: iwl3945: Add missing check for create_singlethread_workqueue
https://notcve.org/view.php?id=CVE-2023-53277
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_workqueue in order to avoid NULL pointer dereference. • https://git.kernel.org/stable/c/b481de9ca074528fe8c429604e2777db8b89806a •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2023-53276 – ubifs: Free memory for tmpfile name
https://notcve.org/view.php?id=CVE-2023-53276
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after the name has been copied to the directory entry inode, the memory is not freed. When running kmemleak on it we see that it is registered as a leak. The report below is triggered by a simple program 'tmpfile' just opening a tmpfile: unr... • https://git.kernel.org/stable/c/8ad8c67a897e68426e85990ebfe0a7d1f71fc79f •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2023-53275 – ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync()
https://notcve.org/view.php?id=CVE-2023-53275
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is accessed without holding the lock when is accessed in snd_hdac_regmap_sync(): if (codec->regmap) In my opinion, this may be a harmful race, because if codec->regmap is set to NULL right after the condition is checked, a null-pointer derefer... • https://git.kernel.org/stable/c/109f0aaa0b8838a88af9125b79579023539300a7 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2023-53270 – ext4: fix i_disksize exceeding i_size problem in paritally written case
https://notcve.org/view.php?id=CVE-2023-53270
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggering a warning. generic_perform_write copied = iov_iter_copy_from_user_atomic(len) // copied < len ext4_da_write_end | ext4_update_i_disksize | new_i_size = pos + copied; | WRITE_ONCE(EXT4_I(inode)->i_disksize, newsize) // update i_disksize | generic_write_end | copied = block_write_end(copied, len) // copied = 0 | ... • https://git.kernel.org/stable/c/64769240bd07f446f83660bb143bb609d8ab4910 •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2023-53265 – ubi: ensure that VID header offset + VID header size <= alloc, size
https://notcve.org/view.php?id=CVE-2023-53265
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: slab-out-of-bounds in crc32_body lib/crc32.c:111 [inline] BUG: KASAN: slab-out-of-bounds in crc32_le_generic lib/crc32.c:179 [inline] BUG: KASAN: slab-out-of-bounds in crc32_le_base+0x58c/0x626 lib/crc32.c:197 Read of size 4 at addr ffff88802bb36f00 by task ... • https://git.kernel.org/stable/c/801c135ce73d5df1caf3eca35b66a10824ae0707 •
CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2022-50334 – hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
https://notcve.org/view.php?id=CVE-2022-50334
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:hugetlbfs_parse_param+0x1dd/0x8e0 fs/hugetlbfs/inode.c:1380 [...] Call Trace:
CVSS: 7.1EPSS: %CPEs: 9EXPL: 0CVE-2022-50333 – fs: jfs: fix shift-out-of-bounds in dbDiscardAG
https://notcve.org/view.php?id=CVE-2022-50333
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor. In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap de... • https://git.kernel.org/stable/c/f8d4d0bac603616e2fa4a3907e81ed13f8f3c380 •