CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53724 – mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()
https://notcve.org/view.php?id=CVE-2023-53724
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() `req` is allocated in pcf50633_adc_async_read(), but adc_enqueue_request() could fail to insert the `req` into queue. We need to check the return value and free it in the case of failure. In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() `req` is allocated in pcf50633_adc_async_read(),... • https://git.kernel.org/stable/c/08c3e06a5eb27d43b712adef18379f8464425e71 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53723 – drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
https://notcve.org/view.php?id=CVE-2023-53723
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdma_v4_0_ip is shared on a few asics, but in sdma_v4_0_hw_fini, driver unconditionally disables ecc_irq which is only enabled on those asics enabling sdma ecc. This will introduce a warning in suspend cycle on those chips with sdma ip v4.0, while without sdma ecc. So this patch correct this. [ 7283.166354] RIP: 0010:amdgpu_irq_put+0x45/0x70 [amdgpu] [ 7283.167001] RS... • https://git.kernel.org/stable/c/3decf3a750a924362bf4e2680dd3b07242fe56e8 •
CVSS: 8.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53722 – md: raid1: fix potential OOB in raid1_remove_disk()
https://notcve.org/view.php?id=CVE-2023-53722
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows: 1) commit d17f744e883b ("md-raid10: fix KASAN warning") 2) commit 1ebc2cec0b7d ("dm raid: fix KASAN warning in raid5_remove_disk") Fix this bug by checking whether the "number" variable is valid. In the Linux kernel, the following v... • https://git.kernel.org/stable/c/beedf40f73939f248c81802eda08a2a8148ea13e • CWE-125: Out-of-bounds Read •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53718 – ring-buffer: Do not swap cpu_buffer during resize process
https://notcve.org/view.php?id=CVE-2023-53718
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in the wrong state will result in oops. This issue can be easily reproduced using the following two scripts: /tmp # cat test1.sh //#! /bin/sh for i in `seq 0 100000` do echo 2000 > /sys/kernel/debug/tracing/buffer_size_kb sleep 0.5 echo... • https://git.kernel.org/stable/c/66a3b2a121386702663065d5c9e5a33c03d3f4a2 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53717 – wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback()
https://notcve.org/view.php?id=CVE-2023-53717
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wmi_cmd(). The callback writes to wmi->cmd_rsp_buf, a stack-allocated buffer that could no longer be valid when a timeout occurs. Set wmi->last_seq_id to 0 when a timeout occurred. Found by a modified version of syzkaller. BUG: KASAN: s... • https://git.kernel.org/stable/c/fb9987d0f748c983bb795a86f47522313f701a08 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53715 – wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
https://notcve.org/view.php?id=CVE-2023-53715
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in binary all along, so use that and avoid the hexification. OpenBSD has been doing it like this from the beginning, so this should work on all chips. Also clear the structure before setting the PMK. • https://git.kernel.org/stable/c/1687845eb8f37360a9ee849a3587ab659b090773 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53714 – drm/stm: ltdc: fix late dereference check
https://notcve.org/view.php?id=CVE-2023-53714
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a container_of() before the pointer check. This could cause a kernel panic. Fix this smatch warning: drivers/gpu/drm/stm/ltdc.c:1124 ltdc_crtc_set_crc_source() warn: variable dereferenced before check 'crtc' (see line 1119) In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check I... • https://git.kernel.org/stable/c/340dba127bbed51e8425cd8e097aacfadd175462 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53712 – ARM: 9317/1: kexec: Make smp stop calls asynchronous
https://notcve.org/view.php?id=CVE-2023-53712
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdcb8039c ("smp: Warn on function calls from softirq context") this call should not be made synchronous with disabled interrupts: softdog: Initiating panic Kernel panic - not syncing: Software Watchdog Timer expired WARNING: CPU: 1 PID: 0 at kernel/smp.c:753 smp... • https://git.kernel.org/stable/c/46870eea5496ff277e86187a49ac5a667cfe60c4 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53708 – ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects
https://notcve.org/view.php?id=CVE-2023-53708
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explicitly guard against this. In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects whil... • https://git.kernel.org/stable/c/7b7964cd9db30bc84808a40d13a0633b4313f149 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53707 – drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1
https://notcve.org/view.php?id=CVE-2023-53707
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an ... • https://git.kernel.org/stable/c/9f55d300541cb5b435984d269087810581580b00 •