CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53544 – cpufreq: davinci: Fix clk use after free
https://notcve.org/view.php?id=CVE-2023-53544
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driver(). If one of the cpufreq callbacks is called just before cpufreq_unregister_driver() is run, the freed clks might be used. In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driv... • https://git.kernel.org/stable/c/6601b8030de3e9c29930684eeac15302a59f991a • CWE-825: Expired Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53542 – ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy
https://notcve.org/view.php?id=CVE-2023-53542
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy For some reason, the driver adding support for Exynos5420 MIPI phy back in 2016 wasn't used on Exynos5420, which caused a kernel panic. Add the proper compatible for it. In the Linux kernel, the following vulnerability has been resolved: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy For some reason, the driver adding support for Exynos5420 MIPI phy back ... • https://git.kernel.org/stable/c/d1ed0d21695f632f8ec7bf8588abcf6a8da2b105 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53541 – mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write
https://notcve.org/view.php?id=CVE-2023-53541
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on the oob source buffer at the last iteration. Fix that by always checking length limit on the oob buffer read and fill with 0xff when reaching the end of the buffer to the oob registers. In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand... • https://git.kernel.org/stable/c/27c5b17cd1b10564fa36f8f51e4b4b41436ecc32 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53540 – wifi: cfg80211: reject auth/assoc to AP with our address
https://notcve.org/view.php?id=CVE-2023-53540
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connection... • https://git.kernel.org/stable/c/19957bb399e2722719c0e20c9ae91cf8b6aaff04 •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53539 – RDMA/rxe: Fix incomplete state save in rxe_requester
https://notcve.org/view.php?id=CVE-2023-53539
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxe_requester If a send packet is dropped by the IP layer in rxe_requester() the call to rxe_xmit_packet() can fail with err == -EAGAIN. To recover, the state of the wqe is restored to the state before the packet was sent so it can be resent. However, the routines that save and restore the state miss a significnt part of the variable state in the wqe, the dma struct which is used to process through the... • https://git.kernel.org/stable/c/3050b99850247695cb07a5c15265afcc08bcf400 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53538 – btrfs: insert tree mod log move in push_node_left
https://notcve.org/view.php?id=CVE-2023-53538
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: insert tree mod log move in push_node_left There is a fairly unlikely race condition in tree mod log rewind that can result in a kernel panic which has the following trace: [530.569] BTRFS critical (device sda3): unable to find logical 0 length 4096 [530.585] BTRFS critical (device sda3): unable to find logical 0 length 4096 [530.602] BUG: kernel NULL pointer dereference, address: 0000000000000002 [530.618] #PF: supervisor read acces... • https://git.kernel.org/stable/c/57911b8ba814fae01306376a0d02bc7cdc88dc94 •
CVSS: 8.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53535 – net: bcmgenet: Add a check for oversized packets
https://notcve.org/view.php?id=CVE-2023-53535
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for oversized packets Occasionnaly we may get oversized packets from the hardware which exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early check which drops the packet to avoid invoking skb_over_panic() and move on to processing the next packet. In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for oversized packets Occasionnaly we may get oversized... • https://git.kernel.org/stable/c/1c1008c793fa46703a2fee469f4235e1c7984333 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50486 – net: ethernet: ti: Fix return type of netcp_ndo_start_xmit()
https://notcve.org/view.php?id=CVE-2022-50486
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A proposed warning in clang aims to ... • https://git.kernel.org/stable/c/84640e27f23041d474c31d3362c3e2185ad68ec2 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.7EPSS: 0%CPEs: 6EXPL: 0CVE-2022-50485 – ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
https://notcve.org/view.php?id=CVE-2022-50485
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad inode to be returned, because the inode may not be initialized. This mechanism can be used to bypass some checks and cause panic. To solve this problem, we add a special iget flag EXT4_IGET_BAD. Only with this flag we'd be returning bad... • https://git.kernel.org/stable/c/393d1d1d76933886d5e1ce603214c9987589c6d5 • CWE-654: Reliance on a Single Factor in a Security Decision •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50484 – ALSA: usb-audio: Fix potential memory leaks
https://notcve.org/view.php?id=CVE-2022-50484
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, when -ENOMEM hits at the middle of the sync EP URB allocation loop, the partially allocated URBs might be left without released, because ep->nurbs is still zero at that point. Fix it by setting ep->nurbs at first, so that the error handle... • https://git.kernel.org/stable/c/8fdff6a319e7dac757c558bd283dc4577e68cde7 • CWE-911: Improper Update of Reference Count •