CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53403 – time/debug: Fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-53403
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: time/debug: Fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. In the Linux kernel, the following vulnerability has been resolved: time/debug: Fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result... • https://git.kernel.org/stable/c/44511ab344c755d1f216bf421e92fbc2777e87fe • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53402 – kernel/printk/index.c: fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-53402
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: kernel/printk/index.c: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. In the Linux kernel, the following vulnerability has been resolved: kernel/printk/index.c: fix memory leak with using debugfs_lookup() When calling debug... • https://git.kernel.org/stable/c/337015573718b161891a3473d25f59273f2e626b • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50400 – staging: greybus: audio_helper: remove unused and wrong debugfs usage
https://notcve.org/view.php?id=CVE-2022-50400
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: greybus: audio_helper: remove unused and wrong debugfs usage In the greybus audio_helper code, the debugfs file for the dapm has the potential to be removed and memory will be leaked. There is also the very real potential for this code to remove ALL debugfs entries from the system, and it seems like this is what will really happen if this code ever runs. This all is very wrong as the greybus audio driver did not create this debugfs... • https://git.kernel.org/stable/c/510e340efe0cbd379cf1ff3490d088c3299749b1 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53401 – mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()
https://notcve.org/view.php?id=CVE-2023-53401
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() KCSAN found an issue in obj_stock_flush_required(): stock->cached_objcg can be reset between the check and dereference: ================================================================== BUG: KCSAN: data-race in drain_all_stock / drain_obj_stock write to 0xffff888237c2a2f8 of 8 bytes by task 19625 on cpu 0: drain_obj_stock+0x408/0x4e0 mm/memcontrol.c:3306 refill_obj_stoc... • https://git.kernel.org/stable/c/bf4f059954dcb221384b2f784677e19a13cd4bdb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53400 – ALSA: hda: Fix Oops by 9.1 surround channel names
https://notcve.org/view.php?id=CVE-2023-53400
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names get_line_out_pfx() may trigger an Oops by overflowing the static array with more than 8 channels. This was reported for MacBookPro 12,1 with Cirrus codec. As a workaround, extend for the 9.1 channels and also fix the potential Oops by unifying the code paths accessing the same array with the proper size check. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix... • https://git.kernel.org/stable/c/247d85ee068610c50d66ee0cd3130e02c69f5f2e •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53399 – ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
https://notcve.org/view.php?id=CVE-2023-53399
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem() If share is , share->path is NULL and it cause NULL pointer dereference issue. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem() If share is , share->path is NULL and it cause NULL pointer dereference issue. • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53397 – modpost: fix off by one in is_executable_section()
https://notcve.org/view.php?id=CVE-2023-53397
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in is_executable_section() The > comparison should be >= to prevent an out of bounds array access. In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in is_executable_section() The > comparison should be >= to prevent an out of bounds array access. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with... • https://git.kernel.org/stable/c/52dc0595d540155436d91811f929bdc8afd6a2a1 • CWE-125: Out-of-bounds Read CWE-193: Off-by-one Error •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53396 – ubifs: Fix memory leak in do_rename
https://notcve.org/view.php?id=CVE-2023-53396
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in do_rename If renaming a file in an encrypted directory, function fscrypt_setup_filename allocates memory for a file name. This name is never used, and before returning to the caller the memory for it is not freed. When running kmemleak on it we see that it is registered as a leak. The report below is triggered by a simple program 'rename' that renames a file in an encrypted directory: unreferenced object 0xffff8881... • https://git.kernel.org/stable/c/c67bc98d1f0853bb196e9c48eab38b6f2ddab795 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53395 – ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer
https://notcve.org/view.php?id=CVE-2023-53395
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruction. For taking care of no argument, AML_NO_OPERAND_RESOLVE flag is added to ASL Timer instruction opcode. When ASL timer instruction interpreted by ACPI interpreter, getting error. After adding AML_NO_OPERAND_RESOLVE flag to ASL Timer... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 • CWE-20: Improper Input Validation CWE-129: Improper Validation of Array Index •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53393 – RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device
https://notcve.org/view.php?id=CVE-2023-53393
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device Currently, when mlx5_ib_get_hw_stats() is used for device (port_num = 0), there is a special handling in order to use the correct counters, but, port_num is being passed down the stack without any change. Also, some functions assume that port_num >=1. As a result, the following oops can occur. BUG: unable to handle page fault for address: ffff89510294f1a8 #PF: supervisor write access ... • https://git.kernel.org/stable/c/aac4492ef23a176b6f1a41aadb99177eceb1fc06 • CWE-787: Out-of-bounds Write •