CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53622 – gfs2: Fix possible data races in gfs2_show_options()
https://notcve.org/view.php?id=CVE-2023-53622
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options(): val = sdp->sd_tune.gt_logd_secs; if (val != 30) seq_printf(s, ",commit=%d", val); And thus can cause data races when gfs2_show_options() and other functions such as gfs2_reconfigure() are concurrently executed: spin_lock(>->gt_spin); gt->gt_logd_secs = newargs->... • https://git.kernel.org/stable/c/7e5bbeb7eb813bb2568e1d5d02587df943272e57 •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53621 – memcontrol: ensure memcg acquired by id is properly set up
https://notcve.org/view.php?id=CVE-2023-53621
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: memcontrol: ensure memcg acquired by id is properly set up In the eviction recency check, we attempt to retrieve the memcg to which the folio belonged when it was evicted, by the memcg id stored in the shadow entry. However, there is a chance that the retrieved memcg is not the original memcg that has been killed, but a new one which happens to have the same id. This is a somewhat unfortunate, but acceptable and rare inaccuracy in the heuri... • https://git.kernel.org/stable/c/f78dfc7b77d5c3527d0f895bef693f711802de5a •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53620 – md: fix soft lockup in status_resync
https://notcve.org/view.php?id=CVE-2023-53620
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: md: fix soft lockup in status_resync status_resync() will calculate 'curr_resync - recovery_active' to show user a progress bar like following: [============>........] resync = 61.4% 'curr_resync' and 'recovery_active' is updated in md_do_sync(), and status_resync() can read them concurrently, hence it's possible that 'curr_resync - recovery_active' can overflow to a huge number. In this case status_resync() will be stuck in the loop to pri... • https://git.kernel.org/stable/c/b4acb6c3ede88d6b7d33742a09e63cfce5e7fb69 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53619 – netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
https://notcve.org/view.php?id=CVE-2023-53619
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free If nf_conntrack_init_start() fails (for example due to a register_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini() clean-up path frees the nf_ct_helper_hash map. When built with NF_CONNTRACK=y, further netfilter modules (e.g: netfilter_conntrack_ftp) can still be loaded and call nf_conntrack_helpers_register(), independently of whether nf_conntrack initialized correctl... • https://git.kernel.org/stable/c/12f7a505331e6b2754684b509f2ac8f0011ce644 •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53618 – btrfs: reject invalid reloc tree root keys with stack dump
https://notcve.org/view.php?id=CVE-2023-53618
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: reject invalid reloc tree root keys with stack dump [BUG] Syzbot reported a crash that an ASSERT() got triggered inside prepare_to_merge(). That ASSERT() makes sure the reloc tree is properly pointed back by its subvolume tree. [CAUSE] After more debugging output, it turns out we had an invalid reloc tree: BTRFS error (device loop1): reloc tree mismatch, root 8 has no reloc root, expect reloc root key (-8, 132, 8) gen 17 Note the abo... • https://git.kernel.org/stable/c/314135b7bae9618a317874ae195272682cf2d5d4 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53617 – soc: aspeed: socinfo: Add kfree for kstrdup
https://notcve.org/view.php?id=CVE-2023-53617
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: socinfo: Add kfree for kstrdup Add kfree() in the later error handling in order to avoid memory leak. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to fix various security issues. • https://git.kernel.org/stable/c/e0218dca5787c851b403fcbc33cdfec795446fca •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50534 – dm thin: Use last transaction's pmd->root when commit failed
https://notcve.org/view.php?id=CVE-2022-50534
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd->root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung tasks CPU: 7 PID: 2669225 Comm: kworker/u16:3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Workqueue: dm-thin do_worker [dm_thin_pool] Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-50533 – wifi: mac80211: mlme: fix null-ptr deref on failed assoc
https://notcve.org/view.php?id=CVE-2022-50533
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mlme: fix null-ptr deref on failed assoc If association to an AP without a link 0 fails, then we crash in tracing because it assumes that either ap_mld_addr or link 0 BSS is valid, since we clear sdata->vif.valid_links and then don't add the ap_mld_addr to the struct. Since we clear also sdata->vif.cfg.ap_addr, keep a local copy of it and assign it earlier, before clearing valid_links, to fix this. In the Linux kernel, the f... • https://git.kernel.org/stable/c/81151ce462e533551f3284bfdb8e0f461c9220e6 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50532 – scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
https://notcve.org/view.php?id=CVE-2022-50532
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() returns error, sas_rphy_free() needs be called to free the resource allocated in sas_end_device_alloc(). Otherwise a kernel crash will happen: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000108 CPU: 45 PID: 37020 Comm: bash Kdump: loaded Tainted: G W 6.1.0-rc1+ #189 pstate: 60000005 ... • https://git.kernel.org/stable/c/f92363d12359498f9a9960511de1a550f0ec41c2 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50531 – tipc: fix an information leak in tipc_topsrv_kern_subscr
https://notcve.org/view.php?id=CVE-2022-50531
07 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipc_topsrv_kern_subscr Use a 8-byte write to initialize sub.usr_handle in tipc_topsrv_kern_subscr(), otherwise four bytes remain uninitialized when issuing setsockopt(..., SOL_TIPC, ...). This resulted in an infoleak reported by KMSAN when the packet was received: ===================================================== BUG: KMSAN: kernel-infoleak in copyout+0xbc/0x100 lib/iov_iter.c:169 instrument_copy_to_use... • https://git.kernel.org/stable/c/026321c6d056a54b4145522492245d2b5913ee1d •