CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53702 – s390/crypto: use vector instructions only if available for ChaCha20
https://notcve.org/view.php?id=CVE-2023-53702
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 ("crypto: s390 - add crypto library interface for ChaCha20") added a library interface to the s390 specific ChaCha20 implementation. However no check was added to verify if the required facilities are installed before branching into the assembler code. If compiled into the kernel, this will lead to the following crash, if vector instructions are not avai... • https://git.kernel.org/stable/c/349d03ffd5f62c298fd667ffa397c3fdc5c6194b •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53700 – media: max9286: Fix memleak in max9286_v4l2_register()
https://notcve.org/view.php?id=CVE-2023-53700
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fix memleak in max9286_v4l2_register() There is a kmemleak when testing the media/i2c/max9286.c with bpf mock device: kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) unreferenced object 0xffff88810defc400 (size 256): comm "python3", pid 278, jiffies 4294737563 (age 31.978s) hex dump (first 32 bytes): 28 06 a7 0a 81 88 ff ff 00 fe 22 12 81 88 ff ff (........."..... 10 c4 ef 0d 81 88 ff ff 10 c4 ef 0d 8... • https://git.kernel.org/stable/c/66d8c9d2422da21ed41f75c03ba0685987b65fe0 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53699 – riscv: move memblock_allow_resize() after linear mapping is ready
https://notcve.org/view.php?id=CVE-2023-53699
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: move memblock_allow_resize() after linear mapping is ready The initial memblock metadata is accessed from kernel image mapping. The regions arrays need to "reallocated" from memblock and accessed through linear mapping to cover more memblock regions. So the resizing should not be allowed until linear mapping is ready. Note that there are memblock allocations when building linear mapping. This patch is similar to 24cc61d8cb5a ("arm64:... • https://git.kernel.org/stable/c/671f9a3e2e24cdeb2d2856abee7422f093e23e29 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53698 – xsk: fix refcount underflow in error path
https://notcve.org/view.php?id=CVE-2023-53698
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: xsk: fix refcount underflow in error path Fix a refcount underflow problem reported by syzbot that can happen when a system is running out of memory. If xp_alloc_tx_descs() fails, and it can only fail due to not having enough memory, then the error path is triggered. In this error path, the refcount of the pool is decremented as it has incremented before. However, the reference to the pool in the socket was not nulled. This means that when ... • https://git.kernel.org/stable/c/f7019562f142bc041f9cde63af338d1886585923 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53697 – nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu()
https://notcve.org/view.php?id=CVE-2023-53697
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() Memory pointed by 'nd_pmu->pmu.attr_groups' is allocated in function 'register_nvdimm_pmu' and is lost after 'kfree(nd_pmu)' call in function 'unregister_nvdimm_pmu'. In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() Memory pointed by 'nd_pmu->pmu.attr_groups' is allocated in function 'registe... • https://git.kernel.org/stable/c/0fab1ba6ad6ba1f76380f92ead95c6e861ef8116 •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53696 – scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()
https://notcve.org/view.php?id=CVE-2023-53696
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 (size 12288): comm "modprobe", pid 19117, jiffies 4299751452 (age 42490.264s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000629261a8>] __vmalloc_node_range+0xe56/0x1110 [<000... • https://git.kernel.org/stable/c/a4239945b8ad112fb914d0605c8f6c5fd3330f61 •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53695 – udf: Detect system inodes linked into directory hierarchy
https://notcve.org/view.php?id=CVE-2023-53695
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the filesystem and kernel confusion as noticed by syzbot fuzzed images. Refuse to access system inodes linked into directory hierarchy and vice versa. In the Linux kernel, the following vulnerability has been resolved: udf: Detect system i... • https://git.kernel.org/stable/c/1dc71eeb198a8daa17d0c995998a53b0b749a158 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53694 – riscv: ftrace: Fixup panic by disabling preemption
https://notcve.org/view.php?id=CVE-2023-53694
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixup panic by disabling preemption In RISCV, we must use an AUIPC + JALR pair to encode an immediate, forming a jump that jumps to an address over 4K. This may cause errors if we want to enable kernel preemption and remove dependency from patching code with stop_machine(). For example, if a task was switched out on auipc. And, if we changed the ftrace function before it was switched back, then it would jump to an address tha... • https://git.kernel.org/stable/c/afc76b8b80112189b6f11e67e19cf58301944814 •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53693 – USB: gadget: Fix the memory leak in raw_gadget driver
https://notcve.org/view.php?id=CVE-2023-53693
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_dev->count happens before invoke the raw_queue_event(), if the raw_queue_event() return error, invoke raw_release() will not trigger the dev_free() to be called. [ 268.905865][ T5067] raw-gadget.0 gadget.0: failed to queue event [ 268.912053][ T5067] udc dummy_udc.0: failed to start USB Raw Gadget: -12 [ 268.918885][ T5067] raw-gadget.0: probe of gadget.0 failed... • https://git.kernel.org/stable/c/68e6287ac61dc22513cd39f02b9ac1fef28513e4 •
CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53692 – ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
https://notcve.org/view.php?id=CVE-2023-53692
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. ================================================================== BUG: KASAN: use-after-free in ext4_ext_binsearch_idx fs/ext4/extents.c:768 [inline] BUG: KASAN: use-after-free in ex... • https://git.kernel.org/stable/c/6f4200ec76a0d31200c308ec5a71c68df5417004 •