CVSS: 5.5EPSS: %CPEs: 1EXPL: 0CVE-2023-53104 – net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull
https://notcve.org/view.php?id=CVE-2023-53104
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull Packet length check needs to be located after size and align_count calculation to prevent kernel panic in skb_pull() in case rx_cmd_a & RX_CMD_A_RED evaluates to true. In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull Packet length check needs to be located after ... • https://git.kernel.org/stable/c/43ffe6caccc7a1bb9d7442fbab521efbf6c1378c •
CVSS: 7.1EPSS: %CPEs: 4EXPL: 0CVE-2023-53103 – bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails
https://notcve.org/view.php?id=CVE-2023-53103
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails syzbot reported a warning[1] where the bond device itself is a slave and we try to enslave a non-ethernet device as the first slave which fails but then in the error path when ether_setup() restores the bond device it also clears all flags. In my previous fix[2] I restored the IFF_MASTER flag, but I didn't consider the case that the bond device itself might also be a slav... • https://git.kernel.org/stable/c/7d5cd2ce5292b45e555de776cb9e72975a07460d •
CVSS: 7.1EPSS: %CPEs: 8EXPL: 0CVE-2023-53101 – ext4: zero i_disksize when initializing the bootloader inode
https://notcve.org/view.php?id=CVE-2023-53101
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: zero i_disksize when initializing the bootloader inode If the boot loader inode has never been used before, the EXT4_IOC_SWAP_BOOT inode will initialize it, including setting the i_size to 0. However, if the "never before used" boot loader has a non-zero i_size, then i_disksize will be non-zero, and the inconsistency between i_size and i_disksize can trigger a kernel warning: WARNING: CPU: 0 PID: 2580 at fs/ext4/file.c:319 CPU: 0 PID:... • https://git.kernel.org/stable/c/d6c1447e483c05dbcfb3ff77ac04237a82070b8c •
CVSS: 6.6EPSS: %CPEs: 8EXPL: 0CVE-2023-53100 – ext4: fix WARNING in ext4_update_inline_data
https://notcve.org/view.php?id=CVE-2023-53100
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in ext4_update_inline_data Syzbot found the following issue: EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" fscrypt: AES-256-XTS using implementation "xts-aes-aesni" ------------[ cut here ]------------ WARNING: CPU: 0 PID: 5071 at mm/page_alloc.c:5525 __alloc_pages+0x30a/0x560 mm/page_alloc.c:5525... • https://git.kernel.org/stable/c/c5aa102b433b1890e1ccaa40c06826c77dda1665 •
CVSS: 6.5EPSS: %CPEs: 5EXPL: 0CVE-2023-53098 – media: rc: gpio-ir-recv: add remove function
https://notcve.org/view.php?id=CVE-2023-53098
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: media: rc: gpio-ir-recv: add remove function In case runtime PM is enabled, do runtime PM clean up to remove cpu latency qos request, otherwise driver removal may have below kernel dump: [ 19.463299] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000048 [ 19.472161] Mem abort info: [ 19.474985] ESR = 0x0000000096000004 [ 19.478754] EC = 0x25: DABT (current EL), IL = 32 bits [ 19.484081] SET = 0, FnV = 0 [ 19.4... • https://git.kernel.org/stable/c/a5c140d88a69eb43de2a030f1d7ff7b16bff3b1a •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2023-53097 – powerpc/iommu: fix memory leak with using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2023-53097
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once. In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the ... • https://git.kernel.org/stable/c/e3a62a35f903fd8be5b44542fe3901ec45f16757 •
CVSS: 5.5EPSS: %CPEs: 7EXPL: 0CVE-2023-53094 – tty: serial: fsl_lpuart: fix race on RX DMA shutdown
https://notcve.org/view.php?id=CVE-2023-53094
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: fix race on RX DMA shutdown From time to time DMA completion can come in the middle of DMA shutdown:
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2023-53093 – tracing: Do not let histogram values have some modifiers
https://notcve.org/view.php?id=CVE-2023-53093
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram code was not prepared to handle these modifiers for histograms and caused a bug. Mark Rutland reported: # echo 'p:copy_to_user __arch_copy_to_user n=$arg2' >> /sys/kernel/tracing/kprobe_events # echo 'hist:keys=n:vals=... • https://git.kernel.org/stable/c/c6afad49d127f6d7c9957319f55173a2198b1ba8 •
CVSS: 7.8EPSS: %CPEs: 4EXPL: 0CVE-2023-53091 – ext4: update s_journal_inum if it changes after journal replay
https://notcve.org/view.php?id=CVE-2023-53091
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: update s_journal_inum if it changes after journal replay When mounting a crafted ext4 image, s_journal_inum may change after journal replay, which is obviously unreasonable because we have successfully loaded and replayed the journal through the old s_journal_inum. And the new s_journal_inum bypasses some of the checks in ext4_get_journal(), which may trigger a null pointer dereference problem. So if s_journal_inum changes after the j... • https://git.kernel.org/stable/c/499fef2030fb754c68b1c7cb3a799a3bc1d0d925 •
CVSS: 6.6EPSS: %CPEs: 7EXPL: 0CVE-2023-53090 – drm/amdkfd: Fix an illegal memory access
https://notcve.org/view.php?id=CVE-2023-53090
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfd_wait_on_events() function, the kfd_event_waiter structure is allocated by alloc_event_waiters(), but the event field of the waiter structure is not initialized; When copy_from_user() fails in the kfd_wait_on_events() function, it will enter exception handling to release the previously allocated memory of the waiter structure; Due to the event field of the waiters structure being accessed i... • https://git.kernel.org/stable/c/5a3fb3b745af0ce46ec2e0c8e507bae45b937334 •