CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53714 – drm/stm: ltdc: fix late dereference check
https://notcve.org/view.php?id=CVE-2023-53714
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a container_of() before the pointer check. This could cause a kernel panic. Fix this smatch warning: drivers/gpu/drm/stm/ltdc.c:1124 ltdc_crtc_set_crc_source() warn: variable dereferenced before check 'crtc' (see line 1119) In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check I... • https://git.kernel.org/stable/c/340dba127bbed51e8425cd8e097aacfadd175462 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53712 – ARM: 9317/1: kexec: Make smp stop calls asynchronous
https://notcve.org/view.php?id=CVE-2023-53712
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdcb8039c ("smp: Warn on function calls from softirq context") this call should not be made synchronous with disabled interrupts: softdog: Initiating panic Kernel panic - not syncing: Software Watchdog Timer expired WARNING: CPU: 1 PID: 0 at kernel/smp.c:753 smp... • https://git.kernel.org/stable/c/46870eea5496ff277e86187a49ac5a667cfe60c4 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53708 – ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects
https://notcve.org/view.php?id=CVE-2023-53708
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explicitly guard against this. In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects whil... • https://git.kernel.org/stable/c/7b7964cd9db30bc84808a40d13a0633b4313f149 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53707 – drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1
https://notcve.org/view.php?id=CVE-2023-53707
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an ... • https://git.kernel.org/stable/c/9f55d300541cb5b435984d269087810581580b00 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53705 – ipv6: Fix out-of-bounds access in ipv6_find_tlv()
https://notcve.org/view.php?id=CVE-2023-53705
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE. In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte... • https://git.kernel.org/stable/c/c61a404325093250b676f40ad8f4dd00f3bcab5f • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53695 – udf: Detect system inodes linked into directory hierarchy
https://notcve.org/view.php?id=CVE-2023-53695
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the filesystem and kernel confusion as noticed by syzbot fuzzed images. Refuse to access system inodes linked into directory hierarchy and vice versa. In the Linux kernel, the following vulnerability has been resolved: udf: Detect system i... • https://git.kernel.org/stable/c/1dc71eeb198a8daa17d0c995998a53b0b749a158 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50582 – regulator: core: Prevent integer underflow
https://notcve.org/view.php?id=CVE-2022-50582
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to poll_enabled_time that is not integer time_remaining underflows and does not exit the loop as expected. As delay could be derived from DT and poll_enabled_time is defined in the driver this can easily happen. Use a signed iterator to make sure that the loop exits once the remaining time is negative. In the Linux kernel, the following vulnerability has been resolved: reg... • https://git.kernel.org/stable/c/b051d9bf98bd9cea312b228e264eb6542a9beb67 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50581 – hfs: fix OOB Read in __hfs_brec_find
https://notcve.org/view.php?id=CVE-2022-50581
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in __hfs_brec_find Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_strcmp+0x117/0x190 fs/hfs/string.c:84 Read of size 1 at addr ffff88807eb62c4e by task kworker/u4:1/11 CPU: 1 PID: 11 Comm: kworker/u4:1 Not tainted 6.1.0-rc6-syzkaller-00308-g644e9524388a #0 Workqueue: writeback wb_workfn (flush-7:0) Call Trace:
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-50580 – blk-throttle: prevent overflow while calculating wait time
https://notcve.org/view.php?id=CVE-2022-50580
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that 'bps_limit * jiffy_elapsed_rnd' might overflow. Fix the problem by calling mul_u64_u64_div_u64() instead. In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that 'bps_limit... • https://git.kernel.org/stable/c/19c010ae44f0ce52b5436080492a61a092ee0cf4 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50578 – class: fix possible memory leak in __class_register()
https://notcve.org/view.php?id=CVE-2022-50578
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in __class_register() If class_add_groups() returns error, the 'cp->subsys' need be unregister, and the 'cp' need be freed. We can not call kset_unregister() here, because the 'cls' will be freed in callback function class_release() and it's also freed in caller's error path, it will cause double free. So fix this by calling kobject_del() and kfree_const(name) to cleanup kobject. Besides, call kfree() to free... • https://git.kernel.org/stable/c/ced6473e7486702f530a49f886b73195e4977734 • CWE-772: Missing Release of Resource after Effective Lifetime •