CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53477 – ipv6: Add lwtunnel encap size of all siblings in nexthop calculation
https://notcve.org/view.php?id=CVE-2023-53477
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: Add lwtunnel encap size of all siblings in nexthop calculation In function rt6_nlmsg_size(), the length of nexthop is calculated by multipling the nexthop length of fib6_info and the number of siblings. However if the fib6_info has no lwtunnel but the siblings have lwtunnels, the nexthop length is less than it should be, and it will trigger a warning in inet6_rt_notify() as follows: WARNING: CPU: 0 PID: 6082 at net/ipv6/route.c:6180 i... • https://git.kernel.org/stable/c/beb1afac518dec5a15dc92ba8f0ca016dcf457b4 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53476 – iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()
https://notcve.org/view.php?id=CVE-2023-53476
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep". The problem is that "epcp" has been re-assigned so just testing "if (epcp->state == LISTEN) {" a second time is not sufficient. In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL derefe... • https://git.kernel.org/stable/c/116aeb8873712ea559d26b0d9d88147af5c88db5 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53475 – usb: xhci: tegra: fix sleep in atomic call
https://notcve.org/view.php?id=CVE-2023-53475
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: [ 167.057718] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:229 [ 167.057872] Workqueue: events tegra_xusb_usb_phy_work [ 167.057954] Call trace: [ 167.057962] dump_backtrace+0x0/0x210 [ 167.057996] show_stack+0x30/0x50 [ 167.058020] dump_stack_lvl+0x64/0x84 [ 167.058065] dump_stack+0x14/0... • https://git.kernel.org/stable/c/f836e7843036fbf34320356e156cd4267fa5bfa2 •
CVSS: 6.6EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53474 – x86/MCE/AMD: Use an u64 for bank_map
https://notcve.org/view.php?id=CVE-2023-53474
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bank_map Thee maximum number of MCA banks is 64 (MAX_NR_BANKS), see a0bc32b3cacf ("x86/mce: Increase maximum number of banks to 64"). However, the bank_map which contains a bitfield of which banks to initialize is of type unsigned int and that overflows when those bit numbers are >= 32, leading to UBSAN complaining correctly: UBSAN: shift-out-of-bounds in arch/x86/kernel/cpu/mce/amd.c:1365:38 shift exponent 32 is... • https://git.kernel.org/stable/c/a0bc32b3cacf194dc479b342f006203fd1e1941a •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53473 – ext4: improve error handling from ext4_dirhash()
https://notcve.org/view.php?id=CVE-2023-53473
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4_dirhash() The ext4_dirhash() will *almost* never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, casefolded file names, that function can most certainly fail today. So make sure the callers of ext4_dirhash() properly check for failures, and reflect the errors back up to their callers. In the Linux kernel, the following vulnerability ... • https://git.kernel.org/stable/c/b886ee3e778ec2ad43e276fd378ab492cf6819b7 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-53472 – pwm: lpc32xx: Remove handling of PWM channels
https://notcve.org/view.php?id=CVE-2023-53472
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm->hwpwm value is always 0. On basis of this fact simplify the code by removing operations with pwm->hwpwm, there is no controls which require channel number as input. Even though I wasn't aware at the time when I forward ported that patch, th... • https://git.kernel.org/stable/c/bb4de81eb940e7027f37a6fd3b7ddcb4403deb56 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53471 – drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras
https://notcve.org/view.php?id=CVE-2023-53471
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras gfx9 cp_ecc_error_irq is only enabled when legacy gfx ras is assert. So in gfx_v9_0_hw_fini, interrupt disablement for cp_ecc_error_irq should be executed under such condition, otherwise, an amdgpu_irq_put calltrace will occur. [ 7283.170322] RIP: 0010:amdgpu_irq_put+0x45/0x70 [amdgpu] [ 7283.170964] RSP: 0018:ffff9a5fc3967d00 EFLAGS: 00010246 [ 7283.170967] RAX... • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53470 – ionic: catch failure from devlink_alloc
https://notcve.org/view.php?id=CVE-2023-53470
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlink_alloc Add a check for NULL on the alloc return. If devlink_alloc() fails and we try to use devlink_priv() on the NULL return, the kernel gets very unhappy and panics. With this fix, the driver load will still fail, but at least it won't panic the kernel. In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlink_alloc Add a check for NULL on the alloc return. If de... • https://git.kernel.org/stable/c/df69ba43217d3cf4215c83c0627ce98a26e56e7c • CWE-252: Unchecked Return Value •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53468 – ubifs: Fix memory leak in alloc_wbufs()
https://notcve.org/view.php?id=CVE-2023-53468
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in alloc_wbufs() kmemleak reported a sequence of memory leaks, and show them as following: unreferenced object 0xffff8881575f8400 (size 1024): comm "mount", pid 19625, jiffies 4297119604 (age 20.383s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53467 – wifi: rtw89: fix potential leak in rtw89_append_probe_req_ie()
https://notcve.org/view.php?id=CVE-2023-53467
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential leak in rtw89_append_probe_req_ie() Do `kfree_skb(new)` before `goto out` to prevent potential leak. • https://git.kernel.org/stable/c/895907779752606f6a4795abfc008509f8e38314 •