CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2023-53101 – ext4: zero i_disksize when initializing the bootloader inode
https://notcve.org/view.php?id=CVE-2023-53101
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: zero i_disksize when initializing the bootloader inode If the boot loader inode has never been used before, the EXT4_IOC_SWAP_BOOT inode will initialize it, including setting the i_size to 0. However, if the "never before used" boot loader has a non-zero i_size, then i_disksize will be non-zero, and the inconsistency between i_size and i_disksize can trigger a kernel warning: WARNING: CPU: 0 PID: 2580 at fs/ext4/file.c:319 CPU: 0 PID:... • https://git.kernel.org/stable/c/d6c1447e483c05dbcfb3ff77ac04237a82070b8c •
CVSS: 6.6EPSS: %CPEs: 8EXPL: 0CVE-2023-53100 – ext4: fix WARNING in ext4_update_inline_data
https://notcve.org/view.php?id=CVE-2023-53100
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in ext4_update_inline_data Syzbot found the following issue: EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" fscrypt: AES-256-XTS using implementation "xts-aes-aesni" ------------[ cut here ]------------ WARNING: CPU: 0 PID: 5071 at mm/page_alloc.c:5525 __alloc_pages+0x30a/0x560 mm/page_alloc.c:5525... • https://git.kernel.org/stable/c/c5aa102b433b1890e1ccaa40c06826c77dda1665 •
CVSS: 6.5EPSS: %CPEs: 5EXPL: 0CVE-2023-53098 – media: rc: gpio-ir-recv: add remove function
https://notcve.org/view.php?id=CVE-2023-53098
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: media: rc: gpio-ir-recv: add remove function In case runtime PM is enabled, do runtime PM clean up to remove cpu latency qos request, otherwise driver removal may have below kernel dump: [ 19.463299] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000048 [ 19.472161] Mem abort info: [ 19.474985] ESR = 0x0000000096000004 [ 19.478754] EC = 0x25: DABT (current EL), IL = 32 bits [ 19.484081] SET = 0, FnV = 0 [ 19.4... • https://git.kernel.org/stable/c/a5c140d88a69eb43de2a030f1d7ff7b16bff3b1a •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2023-53097 – powerpc/iommu: fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-53097
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the ... • https://git.kernel.org/stable/c/e3a62a35f903fd8be5b44542fe3901ec45f16757 •
CVSS: 5.5EPSS: %CPEs: 7EXPL: 0CVE-2023-53094 – tty: serial: fsl_lpuart: fix race on RX DMA shutdown
https://notcve.org/view.php?id=CVE-2023-53094
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: fix race on RX DMA shutdown From time to time DMA completion can come in the middle of DMA shutdown:
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2023-53093 – tracing: Do not let histogram values have some modifiers
https://notcve.org/view.php?id=CVE-2023-53093
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram code was not prepared to handle these modifiers for histograms and caused a bug. Mark Rutland reported: # echo 'p:copy_to_user __arch_copy_to_user n=$arg2' >> /sys/kernel/tracing/kprobe_events # echo 'hist:keys=n:vals=... • https://git.kernel.org/stable/c/c6afad49d127f6d7c9957319f55173a2198b1ba8 •
CVSS: 7.8EPSS: %CPEs: 4EXPL: 0CVE-2023-53091 – ext4: update s_journal_inum if it changes after journal replay
https://notcve.org/view.php?id=CVE-2023-53091
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: update s_journal_inum if it changes after journal replay When mounting a crafted ext4 image, s_journal_inum may change after journal replay, which is obviously unreasonable because we have successfully loaded and replayed the journal through the old s_journal_inum. And the new s_journal_inum bypasses some of the checks in ext4_get_journal(), which may trigger a null pointer dereference problem. So if s_journal_inum changes after the j... • https://git.kernel.org/stable/c/499fef2030fb754c68b1c7cb3a799a3bc1d0d925 •
CVSS: 6.6EPSS: %CPEs: 7EXPL: 0CVE-2023-53090 – drm/amdkfd: Fix an illegal memory access
https://notcve.org/view.php?id=CVE-2023-53090
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfd_wait_on_events() function, the kfd_event_waiter structure is allocated by alloc_event_waiters(), but the event field of the waiter structure is not initialized; When copy_from_user() fails in the kfd_wait_on_events() function, it will enter exception handling to release the previously allocated memory of the waiter structure; Due to the event field of the waiters structure being accessed i... • https://git.kernel.org/stable/c/5a3fb3b745af0ce46ec2e0c8e507bae45b937334 •
CVSS: 7.8EPSS: %CPEs: 8EXPL: 0CVE-2023-53089 – ext4: fix task hung in ext4_xattr_delete_inode
https://notcve.org/view.php?id=CVE-2023-53089
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix task hung in ext4_xattr_delete_inode Syzbot reported a hung task problem: ================================================================== INFO: task syz-executor232:5073 blocked for more than 143 seconds. Not tainted 6.2.0-rc2-syzkaller-00024-g512dee0c00ad #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-exec232 state:D stack:21024 pid:5073 ppid:5072 flags:0x00004004 Call Trace:
CVSS: 7.1EPSS: %CPEs: 10EXPL: 0CVE-2023-53081 – ocfs2: fix data corruption after failed write
https://notcve.org/view.php?id=CVE-2023-53081
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into underlying page cache page, ocfs2_write_end_nolock() just zeroes out and dirties the page. This can leave dirty page beyond EOF and if page writeback tries to write this page before write succeeds and expands i_size, page gets into inconsistent state where page dirty bit is clear but buffer dirty bits stay set resulting in page data never getting writt... • https://git.kernel.org/stable/c/7ed80e77c908cbaa686529a49f8ae0060c5caee7 •