CVSS: 5.7EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53503 – ext4: allow ext4_get_group_info() to fail
https://notcve.org/view.php?id=CVE-2023-53503
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: allow ext4_get_group_info() to fail Previously, ext4_get_group_info() would treat an invalid group number as BUG(), since in theory it should never happen. However, if a malicious attaker (or fuzzer) modifies the superblock via the block device while it is the file system is mounted, it is possible for s_first_data_block to get set to a very large number. In that case, when calculating the block group of some block number (such as the... • https://git.kernel.org/stable/c/100c0ad6c04597fefeaaba2bb1827cc015d95067 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53500 – xfrm: fix slab-use-after-free in decode_session6
https://notcve.org/view.php?id=CVE-2023-53500
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decode_session6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when the xfrm device sends IPv6 packets. The stack information is as follows: BUG: KASAN: slab-use-after-free in decode_session6+0x103f/0x1890 Read of size 1 at addr ffff8881111458ef by task swapper/3/0 CPU: 3 PID: 0 Comm: swapper/3 Not t... • https://git.kernel.org/stable/c/f855691975bb06373a98711e4cfe2c224244b536 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53491 – start_kernel: Add __no_stack_protector function attribute
https://notcve.org/view.php?id=CVE-2023-53491
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: start_kernel: Add __no_stack_protector function attribute Back during the discussion of commit a9a3ed1eff36 ("x86: Fix early boot crash on gcc-10, third try") we discussed the need for a function attribute to control the omission of stack protectors on a per-function basis; at the time Clang had support for no_stack_protector but GCC did not. This was fixed in gcc-11. Now that the function attribute is available, let's start using it. Calle... • https://git.kernel.org/stable/c/25e73018b4093e0cfbcec5dc4a4bb86d0b69ed56 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53488 – IB/hfi1: Fix possible panic during hotplug remove
https://notcve.org/view.php?id=CVE-2023-53488
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the update counters work might be pending, and may run after memory has been freed. Cancel the update counters work before freeing memory. In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the update counters work might be pending, and may ru... • https://git.kernel.org/stable/c/7724105686e718ac476a6ad3304fea2fbcfcffde •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50467 – scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID
https://notcve.org/view.php?id=CVE-2022-50467
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID An error case exit from lpfc_cmpl_ct_cmd_gft_id() results in a call to lpfc_nlp_put() with a null pointer to a nodelist structure. Changed lpfc_cmpl_ct_cmd_gft_id() to initialize nodelist pointer upon entry. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID An error case exit... • https://git.kernel.org/stable/c/04e7cd8c85636a329d1a6e5a269a7c8b6f71c41c • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50463 – powerpc/52xx: Fix a resource leak in an error handling path
https://notcve.org/view.php?id=CVE-2022-50463
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/52xx: Fix a resource leak in an error handling path The error handling path of mpc52xx_lpbfifo_probe() has a request_irq() that is not balanced by a corresponding free_irq(). Add the missing call, as already done in the remove function. In the Linux kernel, the following vulnerability has been resolved: powerpc/52xx: Fix a resource leak in an error handling path The error handling path of mpc52xx_lpbfifo_probe() has a request_irq() ... • https://git.kernel.org/stable/c/3c9059d79f5eea6b8b75ddac97693127c3c41db4 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50462 – MIPS: vpe-mt: fix possible memory leak while module exiting
https://notcve.org/view.php?id=CVE-2022-50462
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fix possible memory leak while module exiting Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, it need be freed when module exiting, call put_device() to give up reference, so that it can be freed in kobject_cleanup() when the refcount hit to 0. The vpe_device is static, so remove kfree() from vpe_device_release(). In the Linux kernel, the fo... • https://git.kernel.org/stable/c/1fa5ae857bb14f6046205171d98506d8112dd74e •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50456 – btrfs: fix resolving backrefs for inline extent followed by prealloc
https://notcve.org/view.php?id=CVE-2022-50456
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt to resolve a logical address in the non-inline region will result in add_all_parents reading the invalid offset field of the inline extent. If the inline extent item is placed in the leaf eb s.t. it is the first item, attempting to access the offset field will not onl... • https://git.kernel.org/stable/c/c59ee1528b3432ec9dca220567f7eb507820917a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50449 – clk: samsung: Fix memory leak in _samsung_clk_register_pll()
https://notcve.org/view.php?id=CVE-2022-50449
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix memory leak in _samsung_clk_register_pll() If clk_register() fails, @pll->rate_table may have allocated memory by kmemdup(), so it needs to be freed, otherwise will cause memory leak issue, this patch fixes it. In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix memory leak in _samsung_clk_register_pll() If clk_register() fails, @pll->rate_table may have allocated memory by kmemdup(), so i... • https://git.kernel.org/stable/c/3ff6e0d8d64d594a551b5c4904e4b617bf7eee22 •
CVSS: 6.6EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50445 – xfrm: Reinject transport-mode packets through workqueue
https://notcve.org/view.php?id=CVE-2022-50445
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress test case of the LTP test suite is tested: watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [ns-tcpserver:48198] CPU: 0 PID: 48198 Comm: ns-tcpserver Kdump: loaded Not tainted 6.0.0-rc6+ #39 Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--... • https://git.kernel.org/stable/c/acf568ee859f098279eadf551612f103afdacb4e •