CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53562 – drm/msm: fix vram leak on bind errors
https://notcve.org/view.php?id=CVE-2023-53562
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix vram leak on bind errors Make sure to release the VRAM buffer also in a case a subcomponent fails to bind. Patchwork: https://patchwork.freedesktop.org/patch/525094/ In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix vram leak on bind errors Make sure to release the VRAM buffer also in a case a subcomponent fails to bind. Patchwork: https://patchwork.freedesktop.org/patch/525094/ • https://git.kernel.org/stable/c/d863f0c7b536288e2bd40cbc01c10465dd226b11 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53560 – tracing/histograms: Add histograms to hist_vars if they have referenced variables
https://notcve.org/view.php?id=CVE-2023-53560
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to hist_vars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigger actions. In this case the newly added references will not have field variables. Not taking such referenced variables into consideration can result in a bug where it would be possible to remove hist trigger with ... • https://git.kernel.org/stable/c/067fe038e70f6e64960d26a79c4df5f1413d0f13 •
CVSS: 9.7EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53559 – ip_vti: fix potential slab-use-after-free in decode_session6
https://notcve.org/view.php?id=CVE-2023-53559
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ip_vti device sends IPv6 packets. As commit f855691975bb ("xfrm6: Fix the nexthdr offset in _decode_session6.") showed, xfrm_decode_session was originally intended only for the receive path. IP6CB(skb)->nhoff is not set dur... • https://git.kernel.org/stable/c/f855691975bb06373a98711e4cfe2c224244b536 • CWE-825: Expired Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53556 – iavf: Fix use-after-free in free_netdev
https://notcve.org/view.php?id=CVE-2023-53556
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: iavf: Fix use-after-free in free_netdev We do netif_napi_add() for all allocated q_vectors[], but potentially do netif_napi_del() for part of them, then kfree q_vectors and leave invalid pointers at dev->napi_list. Reproducer: [root@host ~]# cat repro.sh #!/bin/bash pf_dbsf="0000:41:00.0" vf0_dbsf="0000:41:02.0" g_pids=() function do_set_numvf() { echo 2 >/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs sleep $((RANDOM%3+1)) echo 0 >/sys/bus/pc... • https://git.kernel.org/stable/c/5eae00c57f5e42bf201023471917da213c4946d6 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53554 – staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
https://notcve.org/view.php?id=CVE-2023-53554
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user. If it's over IW_ENCODING_TOKEN_MAX (64) that could lead to memory corruption. In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user. If it's over IW_ENCODING_TOKEN_MAX (64) that cou... • https://git.kernel.org/stable/c/b121d84882b97b8668be0b95e9ba50cfd01aa0f1 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53551 – usb: gadget: u_serial: Add null pointer check in gserial_resume
https://notcve.org/view.php?id=CVE-2023-53551
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Add null pointer check in gserial_resume Consider a case where gserial_disconnect has already cleared gser->ioport. And if a wakeup interrupt triggers afterwards, gserial_resume gets called, which will lead to accessing of gser->ioport and thus causing null pointer dereference.Add a null pointer check to prevent this. Added a static spinlock to prevent gser->ioport from becoming null after the newly added check. In th... • https://git.kernel.org/stable/c/aba3a8d01d623a5efef48ab8e78752d58d4c90c3 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53549 – netfilter: ipset: Rework long task execution when adding/deleting entries
https://notcve.org/view.php?id=CVE-2023-53549
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When adding/deleting large number of elements in one step in ipset, it can take a reasonable amount of time and can result in soft lockup errors. The patch 5f7b51bf09ba ("netfilter: ipset: Limit the maximal range of consecutive elements to add/delete") tried to fix it by limiting the max elements to process at all. However it was not enough, it is still possible that ... • https://git.kernel.org/stable/c/e62e62ea912a49f7230620f1bdc20410b943a44c • CWE-1050: Excessive Platform Resource Consumption within a Loop •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53548 – net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
https://notcve.org/view.php?id=CVE-2023-53548
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb The syzbot fuzzer identified a problem in the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 754 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504 Modules linked in: CPU: 0 PID: 754 Comm: kworker/0:2 Not tainted 6.4.0-rc7-syzkaller-00014-g692b7dc87ca6 #0 Hardware name: Google Google Compute Engine/Google Compute Eng... • https://git.kernel.org/stable/c/a0715d04cf687a7e21f0d6ac8c1d479294a3f6f8 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53546 – net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
https://notcve.org/view.php?id=CVE-2023-53546
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory pointed by 'in' is not released, which will cause memory leak. Move memory release after mlx5_cmd_exec. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory ... • https://git.kernel.org/stable/c/1d9186476e12c85dc81a0f01f5c614a9683af7f2 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53545 – drm/amdgpu: unmap and remove csa_va properly
https://notcve.org/view.php?id=CVE-2023-53545
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: unmap and remove csa_va properly Root PD BO should be reserved before unmap and remove a bo_va from VM otherwise lockdep will complain. v2: check fpriv->csa_va is not NULL instead of amdgpu_mcbp (christian) [14616.936827] WARNING: CPU: 6 PID: 1711 at drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c:1762 amdgpu_vm_bo_del+0x399/0x3f0 [amdgpu] [14616.937096] Call Trace: [14616.937097]