CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53470 – ionic: catch failure from devlink_alloc
https://notcve.org/view.php?id=CVE-2023-53470
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlink_alloc Add a check for NULL on the alloc return. If devlink_alloc() fails and we try to use devlink_priv() on the NULL return, the kernel gets very unhappy and panics. With this fix, the driver load will still fail, but at least it won't panic the kernel. In the Linux kernel, the following vulnerability has been resolved: ionic: catch failure from devlink_alloc Add a check for NULL on the alloc return. If de... • https://git.kernel.org/stable/c/df69ba43217d3cf4215c83c0627ce98a26e56e7c • CWE-252: Unchecked Return Value •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53469 – af_unix: Fix null-ptr-deref in unix_stream_sendpage().
https://notcve.org/view.php?id=CVE-2023-53469
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix null-ptr-deref in unix_stream_sendpage(). Bing-Jhong Billy Jheng reported null-ptr-deref in unix_stream_sendpage() with detailed analysis and a nice repro. unix_stream_sendpage() tries to add data to the last skb in the peer's recv queue without locking the queue. If the peer's FD is passed to another socket and the socket's FD is passed to the peer, there is a loop between them. If we close both sockets without receiving FD, t... • https://git.kernel.org/stable/c/869e7c62486ec0e170a9771acaa251d1a33b5871 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53468 – ubifs: Fix memory leak in alloc_wbufs()
https://notcve.org/view.php?id=CVE-2023-53468
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in alloc_wbufs() kmemleak reported a sequence of memory leaks, and show them as following: unreferenced object 0xffff8881575f8400 (size 1024): comm "mount", pid 19625, jiffies 4297119604 (age 20.383s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53467 – wifi: rtw89: fix potential leak in rtw89_append_probe_req_ie()
https://notcve.org/view.php?id=CVE-2023-53467
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential leak in rtw89_append_probe_req_ie() Do `kfree_skb(new)` before `goto out` to prevent potential leak. • https://git.kernel.org/stable/c/895907779752606f6a4795abfc008509f8e38314 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53466 – wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit
https://notcve.org/view.php?id=CVE-2023-53466
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit Always purge mcu skb queues in mt7915_mcu_exit routine even if mt7915_firmware_state fails. In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit Always purge mcu skb queues in mt7915_mcu_exit routine even if mt7915_firmware_state fails. • https://git.kernel.org/stable/c/e57b7901469fc0b021930b83a8094baaf3d81b09 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53465 – soundwire: qcom: fix storing port config out-of-bounds
https://notcve.org/view.php?id=CVE-2023-53465
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: soundwire: qcom: fix storing port config out-of-bounds The 'qcom_swrm_ctrl->pconfig' has size of QCOM_SDW_MAX_PORTS (14), however we index it starting from 1, not 0, to match real port numbers. This can lead to writing port config past 'pconfig' bounds and overwriting next member of 'qcom_swrm_ctrl' struct. Reported also by smatch: drivers/soundwire/qcom.c:1269 qcom_swrm_get_port_config() error: buffer overflow 'ctrl->pconfig' 14 <= 14 In t... • https://git.kernel.org/stable/c/9916c02ccd74e672b62dd1a9017ac2f237ebf512 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53464 – scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()
https://notcve.org/view.php?id=CVE-2023-53464
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad ("scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()") introduced this change which may lead to inconsistent values of tcp_sw_conn->sendpage and conn->datadgst_en. Fix the issue by moving the position of the assignment. In the Linux kernel, the followin... • https://git.kernel.org/stable/c/884a788f065578bb640382279a83d1df433b13e6 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53463 – ibmvnic: Do not reset dql stats on NON_FATAL err
https://notcve.org/view.php?id=CVE-2023-53463
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reset dql stats on NON_FATAL err All ibmvnic resets, make a call to netdev_tx_reset_queue() when re-opening the device. netdev_tx_reset_queue() resets the num_queued and num_completed byte counters. These stats are used in Byte Queue Limit (BQL) algorithms. The difference between these two stats tracks the number of bytes currently sitting on the physical NIC. ibmvnic increases the number of queued bytes though calls to netd... • https://git.kernel.org/stable/c/0d973388185d49add56b81ca82fa5e4348019df8 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53462 – hsr: Fix uninit-value access in fill_frame_info()
https://notcve.org/view.php?id=CVE-2023-53462
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in fill_frame_info() Syzbot reports the following uninit-value access problem. ===================================================== BUG: KMSAN: uninit-value in fill_frame_info net/hsr/hsr_forward.c:601 [inline] BUG: KMSAN: uninit-value in hsr_forward_skb+0x9bd/0x30f0 net/hsr/hsr_forward.c:616 fill_frame_info net/hsr/hsr_forward.c:601 [inline] hsr_forward_skb+0x9bd/0x30f0 net/hsr/hsr_forward.c:616 hsr_dev_xmit+0... • https://git.kernel.org/stable/c/451d8123f89791bb628277c0bdb4cae34a3563e6 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53461 – io_uring: wait interruptibly for request completions on exit
https://notcve.org/view.php?id=CVE-2023-53461
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: io_uring: wait interruptibly for request completions on exit WHen the ring exits, cleanup is done and the final cancelation and waiting on completions is done by io_ring_exit_work. That function is invoked by kworker, which doesn't take any signals. Because of that, it doesn't really matter if we wait for completions in TASK_INTERRUPTIBLE or TASK_UNINTERRUPTIBLE state. However, it does matter to the hung task detection checker! Normally we ... • https://git.kernel.org/stable/c/2b188cc1bb857a9d4701ae59aa7768b5124e262e •