CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53796 – f2fs: fix information leak in f2fs_move_inline_dirents()
https://notcve.org/view.php?id=CVE-2023-53796
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fs_move_inline_dirents() When converting an inline directory to a regular one, f2fs is leaking uninitialized memory to disk because it doesn't initialize the entire directory block. Fix this by zero-initializing the block. This bug was introduced by commit 4ec17d688d74 ("f2fs: avoid unneeded initializing when converting inline dentry"), which didn't consider the security implications of leaking uninitialized ... • https://git.kernel.org/stable/c/4ec17d688d74b6b7cb10043c57ff4818cde2b0ca •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53794 – cifs: fix session state check in reconnect to avoid use-after-free issue
https://notcve.org/view.php?id=CVE-2023-53794
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2_reconnect_server(), because it will be released soon. Note that the exiting session will stay in server->smb_ses_list until it complete the cifs_free_ipc() and logoff() and then delete itself from the list. In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-af... • https://git.kernel.org/stable/c/7e4f5c3f01fb0e51ca438e43262d858daf9a0a76 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53789 – iommu/amd: Improve page fault error reporting
https://notcve.org/view.php?id=CVE-2023-53789
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Improve page fault error reporting If IOMMU domain for device group is not setup properly then we may hit IOMMU page fault. Current page fault handler assumes that domain is always setup and it will hit NULL pointer derefence (see below sample log). Lets check whether domain is setup or not and log appropriate message. Sample log: ---------- amdgpu 0000:00:01.0: amdgpu: SE 1, SH per SE 1, CU per SH 8, active_cu_number 6 BUG: kern... • https://git.kernel.org/stable/c/be8301e2d5a8b95c04ae8e35d7bfee7b0f03f83a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53788 – ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
https://notcve.org/view.php?id=CVE-2023-53788
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A). static int tuning_ctl_set(...) { for (i = 0; i < TUNING_CTLS_COUNT; i++) (A) if (nid == ca0132_tuning_ctls[i].nid) break; snd_hda_power_up(...); (X) dspio_set_param(..., ca0132_tuning_ctls[i].mid, ...); snd_hda_power_down(...); ^ return 1; } We will get below error by cppcheck sound/pci/h... • https://git.kernel.org/stable/c/ff5e8b49348f6a550c136b74efaf8b3c1d3ceaea •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53786 – dm flakey: fix a crash with invalid table line
https://notcve.org/view.php?id=CVE-2023-53786
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --table \ "0 `blockdev --getsize /dev/ram0` flakey /dev/ram0 0 0 1 2 corrupt_bio_byte 512" Fix the crash by checking if arg_name is non-NULL before comparing it. • https://git.kernel.org/stable/c/f95cb1526669ccdf7eb12eefd57a893953e3595f •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53783 – blk-iocost: fix divide by 0 error in calc_lcoefs()
https://notcve.org/view.php?id=CVE-2023-53783
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calc_lcoefs() echo max of u64 to cost.model can cause divide by 0 error. # echo 8:0 rbps=18446744073709551615 > /sys/fs/cgroup/io.cost.model divide error: 0000 [#1] PREEMPT SMP RIP: 0010:calc_lcoefs+0x4c/0xc0 Call Trace:
CVSS: 7.1EPSS: 0%CPEs: 21EXPL: 0CVE-2023-53782 – dccp: Fix out of bounds access in DCCP error handler
https://notcve.org/view.php?id=CVE-2023-53782
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: dccp: Fix out of bounds access in DCCP error handler There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only want to access the first 8 bytes of the DCCP header. Actually, they also look at the DCCP sequence number, which is stored beyond 8 bytes, so an explicit pskb_may_pull() is required. In the Linux kernel, the following vulnerability has been resolved: dc... • https://git.kernel.org/stable/c/6706a97fec963d6cb3f7fc2978ec1427b4651214 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53781 – smc: Fix use-after-free in tcp_write_timer_handler().
https://notcve.org/view.php?id=CVE-2023-53781
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in tcp_write_timer_handler(). With Eric's ref tracker, syzbot finally found a repro for use-after-free in tcp_write_timer_handler() by kernel TCP sockets. [0] If SMC creates a kernel socket in __smc_create(), the kernel socket is supposed to be freed in smc_clcsock_release() by calling sock_release() when we close() the parent SMC socket. However, at the end of smc_clcsock_release(), the kernel socket's sk_state migh... • https://git.kernel.org/stable/c/ac7138746e14137a451f8539614cdd349153e0c0 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53780 – drm/amd/display: fix FCLK pstate change underflow
https://notcve.org/view.php?id=CVE-2023-53780
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix FCLK pstate change underflow [Why] Currently we set FCLK p-state change watermark calculated based on dummy p-state latency when UCLK p-state is not supported [How] Calculate FCLK p-state change watermark based on on FCLK pstate change latency in case UCLK p-state is not supported In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix FCLK pstate change underflow [Why] Currently we set ... • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53779 – mfd: dln2: Fix memory leak in dln2_probe()
https://notcve.org/view.php?id=CVE-2023-53779
09 Dec 2025 — In the Linux kernel, the following vulnerability has been resolved: mfd: dln2: Fix memory leak in dln2_probe() When dln2_setup_rx_urbs() in dln2_probe() fails, error out_free forgets to call usb_put_dev() to decrease the refcount of dln2->usb_dev. Fix this by adding usb_put_dev() in the error handling code of dln2_probe(). In the Linux kernel, the following vulnerability has been resolved: mfd: dln2: Fix memory leak in dln2_probe() When dln2_setup_rx_urbs() in dln2_probe() fails, error out_free forgets to c... • https://git.kernel.org/stable/c/aa5a8673d71124e7dcdd497ec2accebc15bd6ca3 •