CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53861 – ext4: correct grp validation in ext4_mb_good_group
https://notcve.org/view.php?id=CVE-2023-53861
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will access memory of grp and will trigger kernel crash if grp is NULL. So do NULL check before corruption check. In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will access memory of grp and will trigger kernel crash if grp is NULL. So do NULL check before corruption check. • https://git.kernel.org/stable/c/100c0ad6c04597fefeaaba2bb1827cc015d95067 •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53860 – dm: don't attempt to queue IO under RCU protection
https://notcve.org/view.php?id=CVE-2023-53860
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dm: don't attempt to queue IO under RCU protection dm looks up the table for IO based on the request type, with an assumption that if the request is marked REQ_NOWAIT, it's fine to attempt to submit that IO while under RCU read lock protection. This is not OK, as REQ_NOWAIT just means that we should not be sleeping waiting on other IO, it does not mean that we can't potentially schedule. A simple test case demonstrates this quite nicely: in... • https://git.kernel.org/stable/c/563a225c9fd207326c2a2af9d59b4097cb31ce70 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53859 – s390/idle: mark arch_cpu_idle() noinstr
https://notcve.org/view.php?id=CVE-2023-53859
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/idle: mark arch_cpu_idle() noinstr linux-next commit ("cpuidle: tracing: Warn about !rcu_is_watching()") adds a new warning which hits on s390's arch_cpu_idle() function: RCU not on for: arch_cpu_idle+0x0/0x28 WARNING: CPU: 2 PID: 0 at include/linux/trace_recursion.h:162 arch_ftrace_ops_list_func+0x24c/0x258 Modules linked in: CPU: 2 PID: 0 Comm: swapper/2 Not tainted 6.2.0-rc6-next-20230202 #4 Hardware name: IBM 8561 T01 703 (z/VM 7.3... • https://git.kernel.org/stable/c/49aa49952116b8fd56bfb1e8c69bce179f49bece •
CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53858 – tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error
https://notcve.org/view.php?id=CVE-2023-53858
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed. In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed. • https://git.kernel.org/stable/c/5f5a7a5578c5885201cf9c85856f023fe8b81765 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53857 – bpf: bpf_sk_storage: Fix invalid wait context lockdep report
https://notcve.org/view.php?id=CVE-2023-53857
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_sk_storage: Fix invalid wait context lockdep report './test_progs -t test_local_storage' reported a splat: [ 27.137569] ============================= [ 27.138122] [ BUG: Invalid wait context ] [ 27.138650] 6.5.0-03980-gd11ae1b16b0a #247 Tainted: G O [ 27.139542] ----------------------------- [ 27.140106] test_progs/1729 is trying to lock: [ 27.140713] ffff8883ef047b88 (stock_lock){-.-.}-{3:3}, at: local_lock_acquire+0x9/0x130 [ 27.... • https://git.kernel.org/stable/c/b00fa38a9c1cba044a32a601b49a55a18ed719d1 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53856 – of: overlay: Call of_changeset_init() early
https://notcve.org/view.php?id=CVE-2023-53856
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call of_changeset_init() early When of_overlay_fdt_apply() fails, the changeset may be partially applied, and the caller is still expected to call of_overlay_remove() to clean up this partial state. However, of_overlay_apply() calls of_resolve_phandles() before init_overlay_changeset(). Hence if the overlay fails to apply due to an unresolved symbol, the overlay_changeset.cset.entries list is still uninitialized, and cleanup wi... • https://git.kernel.org/stable/c/f948d6d8b792bb90041edc12eac35faf83030994 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53855 – net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove
https://notcve.org/view.php?id=CVE-2023-53855
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove When the tagging protocol in current use is "ocelot-8021q" and we unbind the driver, we see this splat: $ echo '0000:00:00.2' > /sys/bus/pci/drivers/fsl_enetc/unbind mscc_felix 0000:00:00.5 swp0: left promiscuous mode sja1105 spi2.0: Link is Down DSA: tree 1 torn down mscc_felix 0000:00:00.5 swp2: left promiscuous mode sja1105 spi2.2: Link is Down DSA: tree... • https://git.kernel.org/stable/c/7c83a7c539abe9f980996063ac20532a7a7f6eb1 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53854 – ASoC: mediatek: mt8186: Fix use-after-free in driver remove path
https://notcve.org/view.php?id=CVE-2023-53854
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm or are using "roll your own" devm w/ devm_add_action_or_reset() you need to keep that in mind. The mt8186 audio driver didn't quite get this right. Specifically, in mt8186_init_clock() it called mt8186_audsys_clk_r... • https://git.kernel.org/stable/c/55b423d5623ccd6785429431c2cf5f3e073b73ba •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53853 – netlink: annotate accesses to nlk->cb_running
https://notcve.org/view.php?id=CVE-2023-53853
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk->cb_running Both netlink_recvmsg() and netlink_native_seq_show() read nlk->cb_running locklessly. Use READ_ONCE() there. Add corresponding WRITE_ONCE() to netlink_dump() and __netlink_dump_start() syzbot reported: BUG: KCSAN: data-race in __netlink_dump_start / netlink_recvmsg write to 0xffff88813ea4db59 of 1 bytes by task 28219 on cpu 0: __netlink_dump_start+0x3af/0x4d0 net/netlink/af_netlink.c:2399 netlin... • https://git.kernel.org/stable/c/16b304f3404f8e0243d5ee2b70b68767b7b59b2b •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53852 – nvme-core: fix memory leak in dhchap_secret_store
https://notcve.org/view.php?id=CVE-2023-53852
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_secret_store Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 (size 64): comm "check", pid 22048, jiffies 4344316705 (age 92.199s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67 DHHC-1:00:nxr5Kg 75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c uX4uoAxsJa4c/huL backtrace: [<0000000030ce5d4b>] ... • https://git.kernel.org/stable/c/f50fff73d620cd6e8f48bc58d4f1c944615a3fea •