CVSS: 5.5EPSS: %CPEs: 7EXPL: 0CVE-2023-53124 – scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
https://notcve.org/view.php?id=CVE-2023-53124
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access. If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access... • https://git.kernel.org/stable/c/d60000cb1195a464080b0efb4949daf7594e0020 •
CVSS: 7.1EPSS: %CPEs: 4EXPL: 0CVE-2023-53123 – PCI: s390: Fix use-after-free of PCI resources with per-function hotplug
https://notcve.org/view.php?id=CVE-2023-53123
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functions may be hotplugged individually even when they belong to a multi-function device. In particular on an SR-IOV device VFs may be removed and later re-added. In commit a50297cf8235 ("s390/pci: separate zbus creation from scanning") it was missed however that struct pci_bus and struct zpci_bus's resource list retained a reference to the PCI functions M... • https://git.kernel.org/stable/c/a50297cf8235b062bcdeaa8b1dad58e69d3e1b43 •
CVSS: 5.5EPSS: %CPEs: 1EXPL: 0CVE-2023-53122 – RISC-V: fix taking the text_mutex twice during sifive errata patching
https://notcve.org/view.php?id=CVE-2023-53122
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: RISC-V: fix taking the text_mutex twice during sifive errata patching Chris pointed out that some bonehead, *cough* me *cough*, added two mutex_locks() to the SiFive errata patching. The second was meant to have been a mutex_unlock(). This results in errors such as Unable to handle kernel NULL pointer dereference at virtual address 0000000000000030 Oops [#1] Modules linked in: CPU: 0 PID: 0 Comm: swapper Not tainted 6.2.0-rc1-starlight-0007... • https://git.kernel.org/stable/c/bf89b7ee52af5a5944fa3539e86089f72475055b •
CVSS: 7.8EPSS: %CPEs: 8EXPL: 0CVE-2023-53121 – tcp: tcp_make_synack() can be called from process context
https://notcve.org/view.php?id=CVE-2023-53121
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tcp: tcp_make_synack() can be called from process context tcp_rtx_synack() now could be called in process context as explained in 0a375c822497 ("tcp: tcp_rtx_synack() can be called from process context"). tcp_rtx_synack() might call tcp_make_synack(), which will touch per-CPU variables with preemption enabled. This causes the following BUG: BUG: using __this_cpu_add() in preemptible [00000000] code: ThriftIO1/5464 caller is tcp_make_synack+... • https://git.kernel.org/stable/c/8336886f786fdacbc19b719c1f7ea91eb70706d4 •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2023-53120 – scsi: mpi3mr: Fix config page DMA memory leak
https://notcve.org/view.php?id=CVE-2023-53120
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix config page DMA memory leak A fix for: DMA-API: pci 0000:83:00.0: device driver has pending DMA allocations while released from device [count=1] • https://git.kernel.org/stable/c/32d457d5a2af9bf5ddbe28297eabf1fc93451665 •
CVSS: 7.2EPSS: %CPEs: 8EXPL: 0CVE-2023-53119 – nfc: pn533: initialize struct pn533_out_arg properly
https://notcve.org/view.php?id=CVE-2023-53119
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533_out_arg properly struct pn533_out_arg used as a temporary context for out_urb is not initialized properly. Its uninitialized 'phy' field can be dereferenced in error cases inside pn533_out_complete() callback function. It causes the following failure: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000... • https://git.kernel.org/stable/c/35529d6b827eedb6bf7e81130e4b7e0aba9e58d2 •
CVSS: 7.1EPSS: %CPEs: 6EXPL: 0CVE-2023-53118 – scsi: core: Fix a procfs host directory removal regression
https://notcve.org/view.php?id=CVE-2023-53118
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a procfs host directory removal regression scsi_proc_hostdir_rm() decreases a reference counter and hence must only be called once per host that is removed. This change does not require a scsi_add_host_with_dma() change since scsi_add_host_with_dma() will return 0 (success) if scsi_proc_host_add() is called. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a procfs host directory removal re... • https://git.kernel.org/stable/c/891a3cba425cf483d96facca55aebd6ff1da4338 •
CVSS: 8.5EPSS: %CPEs: 8EXPL: 0CVE-2023-53117 – fs: prevent out-of-bounds array speculation when closing a file descriptor
https://notcve.org/view.php?id=CVE-2023-53117
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369 • https://git.kernel.org/stable/c/f31cd5da636682caea424fa1c22679016cbfc16b •
CVSS: 7.8EPSS: %CPEs: 8EXPL: 0CVE-2023-53116 – nvmet: avoid potential UAF in nvmet_req_complete()
https://notcve.org/view.php?id=CVE-2023-53116
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free the request passed as argument. Such implementation potentially could result in a use after free of the request pointer when percpu_ref_put() is called in nvmet_req_complete(). Avoid such problem by using a local variable to save the sq pointer before calling __nvmet_req_complete(), thus avoiding dereferencing the req point... • https://git.kernel.org/stable/c/a07b4970f464f13640e28e16dad6cfa33647cc99 •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2023-53115 – scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc()
https://notcve.org/view.php?id=CVE-2023-53115
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc() Don't allocate memory again when IOC is being reinitialized. • https://git.kernel.org/stable/c/fe6db615156573d3f6a37564b8a590cb03bbaf25 •