CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53047 – tee: amdtee: fix race condition in amdtee_open_session
https://notcve.org/view.php?id=CVE-2023-53047
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdtee_open_session There is a potential race condition in amdtee_open_session that may lead to use-after-free. In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdtee_open_session There is a potential race condition in amdtee_open_session that may lead to use-after-free. ... A use-after-free vulnerability was found in the AMD TEE driver i... • https://git.kernel.org/stable/c/757cc3e9ff1d72d014096399d6e2bf03974d9da1 • CWE-826: Premature Release of Resource During Expected Lifetime •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53046 – Bluetooth: Fix race condition in hci_cmd_sync_clear
https://notcve.org/view.php?id=CVE-2023-53046
02 May 2025 — kthread_complete_and_exit+0x30/0x30 ret_from_fork+0x22/0x30 Allocated by task 266: kasan_save_stack+0x26/0x50 __kasan_kmalloc+0xae/0xe0 kmem_cache_alloc_trace+0x191/0x350 hci_cmd_sync_queue+0x97/0x2b0 hci_update_passive_scan+0x176/0x1d0 le_conn_complete_evt+0x1b5/0x1a00 hci_le_conn_complete_evt+0x234/0x340 hci_le_meta_evt+0x231/0x4e0 hci_event_packet+0x4c5/0xf00 hci_rx_work+0x37d/0x880 process_one_work+0x77b/0x11c0 worker_thread+0x544/0x1180 kthread+0x285/0x320 ret_from_fork+0x22/0x30 Freed by task ... • https://git.kernel.org/stable/c/6a98e3836fa2077b169f10a35c2ca9952d53f987 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53045 – usb: gadget: u_audio: don't let userspace block driver unbind
https://notcve.org/view.php?id=CVE-2023-53045
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_audio: don't let userspace block driver unbind In the unbind callback for f_uac1 and f_uac2, a call to snd_card_free() via g_audio_cleanup() will disconnect the card and then wait for all resources to be released, which happens when the refcount falls to zero. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_audio: don't let userspace block driver unbind In the unbind callback f... • https://git.kernel.org/stable/c/132fcb460839a876f5bc8b71bede60f8d0875757 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53044 – dm stats: check for and propagate alloc_percpu failure
https://notcve.org/view.php?id=CVE-2023-53044
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate alloc_percpu failure Check alloc_precpu()'s return value and return an error from dm_stats_init() if it fails. ... In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate alloc_percpu failure Check alloc_precpu()'s return value and return an error from dm_stats_init() if it fails. • https://git.kernel.org/stable/c/fd2ed4d252701d3bbed4cd3e3d267ad469bb832a • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53043 – arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent
https://notcve.org/view.php?id=CVE-2023-53043
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent If the controller is not marked as cache coherent, then kernel will try to ensure coherency during dma-ops and that may cause data corruption. In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent If the controller is not marked as cache coherent, then kernel will try to ensure coheren... • https://git.kernel.org/stable/c/92e0ee9f83b3bc1d5644b1dc36eae730d1e8694d •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53042 – drm/amd/display: Do not set DRR on pipe Commit
https://notcve.org/view.php?id=CVE-2023-53042
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit [WHY] Writing to DRR registers such as OTG_V_TOTAL_MIN on the same frame as a pipe commit can cause underflow. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit [WHY] Writing to DRR registers such as OTG_V_TOTAL_MIN on the same frame as a pipe commit can cause underflow. • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53041 – scsi: qla2xxx: Perform lockless command completion in abort path
https://notcve.org/view.php?id=CVE-2023-53041
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Perform lockless command completion in abort path While adding and removing the controller, the following call trace was observed: WARNING: CPU: 3 PID: 623596 at kernel/dma/mapping.c:532 dma_free_attrs+0x33/0x50 CPU: 3 PID: 623596 Comm: sh Kdump: loaded Not tainted 5.14.0-96.el9.x86_64 #1 RIP: 0010:dma_free_attrs+0x33/0x50 Call Trace: qla2x00_async_sns_sp_done+0x107/0x1b0 [qla2xxx] qla2x00_abort_srb+0x8e/0x250 [qla2xxx... • https://git.kernel.org/stable/c/31c1f455203e56a3ce8d5dd92f37c83d07bd5bd5 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53040 – ca8210: fix mac_len negative array access
https://notcve.org/view.php?id=CVE-2023-53040
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ca8210: fix mac_len negative array access This patch fixes a buffer overflow access of skb->data if ieee802154_hdr_peek_addrs() fails. In the Linux kernel, the following vulnerability has been resolved: ca8210: fix mac_len negative array access This patch fixes a buffer overflow access of skb->data if ieee802154_hdr_peek_addrs() fails. • https://git.kernel.org/stable/c/ded845a781a578dfb0b5b2c138e5a067aa3b1242 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53039 – HID: intel-ish-hid: ipc: Fix potential use-after-free in work function
https://notcve.org/view.php?id=CVE-2023-53039
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer ishtp_dev. In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work funct... • https://git.kernel.org/stable/c/ae02e5d40d5f829c589412c6253f925e35cf7a22 • CWE-825: Expired Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53038 – scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()
https://notcve.org/view.php?id=CVE-2023-53038
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() If kzalloc() fails in lpfc_sli4_cgn_params_read(), then we rely on lpfc_read_object()'s routine to NULL check pdata. ... In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() If kzalloc() fails in lpfc_sli4_cgn_params_read(), then we rely on lpfc_read_object()'s routine to NULL check pdata. • https://git.kernel.org/stable/c/72df8a452883b0be334396acba07df77c3c3f6c7 •