CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53709 – ring-buffer: Handle race between rb_move_tail and rb_check_pages
https://notcve.org/view.php?id=CVE-2023-53709
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Handle race between rb_move_tail and rb_check_pages It seems a data race between ring_buffer writing and integrity check. That is, RB_FLAG of head_page is been updating, while at same time RB_FLAG was cleared when doing integrity check rb_check_pages(): rb_check_pages() rb_handle_head_page(): -------- -------- rb_head_page_deactivate() rb_head_page_set_normal() rb_head_page_activate() We do intergrity test of the list to check ... • https://git.kernel.org/stable/c/1039221cc2787dee51a7ffbf9b0e79d192dadf76 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53708 – ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects
https://notcve.org/view.php?id=CVE-2023-53708
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explicitly guard against this. In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects whil... • https://git.kernel.org/stable/c/7b7964cd9db30bc84808a40d13a0633b4313f149 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53707 – drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1
https://notcve.org/view.php?id=CVE-2023-53707
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an ... • https://git.kernel.org/stable/c/9f55d300541cb5b435984d269087810581580b00 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53705 – ipv6: Fix out-of-bounds access in ipv6_find_tlv()
https://notcve.org/view.php?id=CVE-2023-53705
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE. In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte... • https://git.kernel.org/stable/c/c61a404325093250b676f40ad8f4dd00f3bcab5f •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53704 – clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
https://notcve.org/view.php?id=CVE-2023-53704
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe() Replace of_iomap() and kzalloc() with devm_of_iomap() and devm_kzalloc() which can automatically release the related memory when the device or driver is removed or unloaded to avoid potential memory leak. In this case, iounmap(anatop_base) in line 427,433 are removed as manual release is not required. Besides, referring to clk-imx8mq.c, check the return code of of_clk_add... • https://git.kernel.org/stable/c/9c140d9926761b0f5d329ff6c09a1540f3d5e1d3 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53700 – media: max9286: Fix memleak in max9286_v4l2_register()
https://notcve.org/view.php?id=CVE-2023-53700
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fix memleak in max9286_v4l2_register() There is a kmemleak when testing the media/i2c/max9286.c with bpf mock device: kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) unreferenced object 0xffff88810defc400 (size 256): comm "python3", pid 278, jiffies 4294737563 (age 31.978s) hex dump (first 32 bytes): 28 06 a7 0a 81 88 ff ff 00 fe 22 12 81 88 ff ff (........."..... 10 c4 ef 0d 81 88 ff ff 10 c4 ef 0d 8... • https://git.kernel.org/stable/c/66d8c9d2422da21ed41f75c03ba0685987b65fe0 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53699 – riscv: move memblock_allow_resize() after linear mapping is ready
https://notcve.org/view.php?id=CVE-2023-53699
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: move memblock_allow_resize() after linear mapping is ready The initial memblock metadata is accessed from kernel image mapping. The regions arrays need to "reallocated" from memblock and accessed through linear mapping to cover more memblock regions. So the resizing should not be allowed until linear mapping is ready. Note that there are memblock allocations when building linear mapping. This patch is similar to 24cc61d8cb5a ("arm64:... • https://git.kernel.org/stable/c/671f9a3e2e24cdeb2d2856abee7422f093e23e29 •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53696 – scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()
https://notcve.org/view.php?id=CVE-2023-53696
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 (size 12288): comm "modprobe", pid 19117, jiffies 4299751452 (age 42490.264s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000629261a8>] __vmalloc_node_range+0xe56/0x1110 [<000... • https://git.kernel.org/stable/c/a4239945b8ad112fb914d0605c8f6c5fd3330f61 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53695 – udf: Detect system inodes linked into directory hierarchy
https://notcve.org/view.php?id=CVE-2023-53695
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the filesystem and kernel confusion as noticed by syzbot fuzzed images. Refuse to access system inodes linked into directory hierarchy and vice versa. In the Linux kernel, the following vulnerability has been resolved: udf: Detect system i... • https://git.kernel.org/stable/c/1dc71eeb198a8daa17d0c995998a53b0b749a158 •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53693 – USB: gadget: Fix the memory leak in raw_gadget driver
https://notcve.org/view.php?id=CVE-2023-53693
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_dev->count happens before invoke the raw_queue_event(), if the raw_queue_event() return error, invoke raw_release() will not trigger the dev_free() to be called. [ 268.905865][ T5067] raw-gadget.0 gadget.0: failed to queue event [ 268.912053][ T5067] udc dummy_udc.0: failed to start USB Raw Gadget: -12 [ 268.918885][ T5067] raw-gadget.0: probe of gadget.0 failed... • https://git.kernel.org/stable/c/68e6287ac61dc22513cd39f02b9ac1fef28513e4 •