CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2023-53272 – net: ena: fix shift-out-of-bounds in exponential backoff
https://notcve.org/view.php?id=CVE-2023-53272
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in build/linux/drivers/net/ethernet/amazon/ena/ena_com.c:540:13 shift exponent 32 is too large for 32-bit type 'unsigned int' CPU: 28 PID: 70012 Comm: kworker/u72:2 Kdump: loaded not tainted 5.15.117 Hardware name: Amazon EC2 c5d.9xlarge/, BI... • https://git.kernel.org/stable/c/4bb7f4cf60e38a00965d22aa5979ab143193d41f •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2023-53271 – ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()
https://notcve.org/view.php?id=CVE-2023-53271
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() There is a memory leaks problem reported by kmemleak: unreferenced object 0xffff888102007a00 (size 128): comm "ubirsvol", pid 32090, jiffies 4298464136 (age 2361.231s) hex dump (first 32 bytes): ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ backtrace: [
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2023-53270 – ext4: fix i_disksize exceeding i_size problem in paritally written case
https://notcve.org/view.php?id=CVE-2023-53270
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggering a warning. generic_perform_write copied = iov_iter_copy_from_user_atomic(len) // copied < len ext4_da_write_end | ext4_update_i_disksize | new_i_size = pos + copied; | WRITE_ONCE(EXT4_I(inode)->i_disksize, newsize) // update i_disksize | generic_write_end | copied = block_write_end(copied, len) // copied = 0 | ... • https://git.kernel.org/stable/c/64769240bd07f446f83660bb143bb609d8ab4910 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2023-53269 – block: ublk: make sure that block size is set correctly
https://notcve.org/view.php?id=CVE-2023-53269
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: block: ublk: make sure that block size is set correctly block size is one very key setting for block layer, and bad block size could panic kernel easily. Make sure that block size is set correctly. Meantime if ublk_validate_params() fails, clear ub->params so that disk is prevented from being added. • https://git.kernel.org/stable/c/71f28f3136aff5890cd56de78abc673f8393cad9 •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2023-53268 – ASoC: fsl_mqs: move of_node_put() to the correct location
https://notcve.org/view.php?id=CVE-2023-53268
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_mqs: move of_node_put() to the correct location of_node_put() should have been done directly after mqs_priv->regmap = syscon_node_to_regmap(gpr_np); otherwise it creates a reference leak on the success path. To fix this, of_node_put() is moved to the correct location, and change all the gotos to direct returns. • https://git.kernel.org/stable/c/a9d273671440c439c4f236123c59dd839c1a0eb7 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2023-53267 – driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event()
https://notcve.org/view.php?id=CVE-2023-53267
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event() The kfree() should be called when memory fails to be allocated for cb_data in xlnx_add_cb_for_notify_event(), otherwise there will be a memory leak, so add kfree() to fix it. • https://git.kernel.org/stable/c/05e5ba40ea7ab6a99bb8d6117c899d0e13ca8700 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2023-53266 – arm64: acpi: Fix possible memory leak of ffh_ctxt
https://notcve.org/view.php?id=CVE-2023-53266
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Fix possible memory leak of ffh_ctxt Allocated 'ffh_ctxt' memory leak is possible if the SMCCC version and conduit checks fail and -EOPNOTSUPP is returned without freeing the allocated memory. Fix the same by moving the allocation after the SMCCC version and conduit checks. • https://git.kernel.org/stable/c/1d280ce099db396e092cac1aa9bf2ea8beee6d76 •
CVSS: -EPSS: %CPEs: 8EXPL: 0CVE-2023-53265 – ubi: ensure that VID header offset + VID header size <= alloc, size
https://notcve.org/view.php?id=CVE-2023-53265
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: slab-out-of-bounds in crc32_body lib/crc32.c:111 [inline] BUG: KASAN: slab-out-of-bounds in crc32_le_generic lib/crc32.c:179 [inline] BUG: KASAN: slab-out-of-bounds in crc32_le_base+0x58c/0x626 lib/crc32.c:197 Read of size 4 at addr ffff88802bb36f00 by task ... • https://git.kernel.org/stable/c/801c135ce73d5df1caf3eca35b66a10824ae0707 •
CVSS: -EPSS: %CPEs: 4EXPL: 0CVE-2023-53264 – clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe
https://notcve.org/view.php?id=CVE-2023-53264
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe Use devm_of_iomap() instead of of_iomap() to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc() will leak, but using devm_kzalloc() instead will automatically free the memory using devm_kfree(). Also, fix error handling of hws by adding unregister_hws label, which unregisters remaining hws when iomap failed. • https://git.kernel.org/stable/c/7154b046d8f3a441474ced1688eb348d42f5f165 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2023-53263 – drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create
https://notcve.org/view.php?id=CVE-2023-53263
16 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create We can't simply free the connector after calling drm_connector_init on it. We need to clean up the drm side first. It might not fix all regressions from commit 2b5d1c29f6c4 ("drm/nouveau/disp: PIOR DP uses GPIO for HPD, not PMGR AUX interrupts"), but at least it fixes a memory corruption in error handling related to that commit. • https://git.kernel.org/stable/c/95983aea80038539ebc70e41e73e9bb4eabd1a92 •