CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53380 – md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
https://notcve.org/view.php?id=CVE-2023-53380
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request There are two check of 'mreplace' in raid10_sync_request(). In the first check, 'need_replace' will be set and 'mreplace' will be used later if no-Faulty 'mreplace' exists, In the second check, 'mreplace' will be set to NULL if it is Faulty, but 'need_replace' will not be changed accordingly. null-ptr-deref occurs if Faulty is set between two check. Fix it by merging two check... • https://git.kernel.org/stable/c/ee37d7314a32ab6809eacc3389bad0406c69a81f • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-53379 – usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
https://notcve.org/view.php?id=CVE-2023-53379
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() Smatch reports: drivers/usb/phy/phy-tahvo.c: tahvo_usb_probe() warn: missing unwind goto? After geting irq, if ret < 0, it will return without error handling to free memory. Just add error handling to fix this problem. In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() Smatch reports: drivers/usb/phy/phy-tahvo... • https://git.kernel.org/stable/c/3f06415418f37ac602e71a61ee83ea43553e6bbd •
CVSS: 5.6EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53375 – tracing: Free error logs of tracing instances
https://notcve.org/view.php?id=CVE-2023-53375
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: # cd /sys/kernel/tracing # mkdir instances/foo # echo 'hist:keys=x' > instances/foo/events/sched/sched_switch/trigger # cat instances/foo/error_log [ 117.404795] hist:sched:sched_switch: error: Couldn't find field Command: hist:keys=x ^ # r... • https://git.kernel.org/stable/c/2f754e771b1a6feba670782e82c45555984ac43b •
CVSS: 8.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53373 – crypto: seqiv - Handle EBUSY correctly
https://notcve.org/view.php?id=CVE-2023-53373
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify MAY_BACKLOG, we also need to expect EBUSY and treat it in the same way. Otherwise backlogged requests will trigger a use-after-free. In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv... • https://git.kernel.org/stable/c/0a270321dbf948963aeb0e8382fe17d2c2eb3771 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53372 – sctp: fix a potential overflow in sctp_ifwdtsn_skip
https://notcve.org/view.php?id=CVE-2023-53372
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctp_ifwdtsn_skip Currently, when traversing ifwdtsn skips with _sctp_walk_ifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be < sizeof(struct sctp_ifwdtsn_skip), and dereference it as struct sctp_ifwdtsn_skip may cause coverflow. This patch fixes it by checking the pos against "the end of the chunk - sizeof(struct sctp_ifwdtsn_skip)" in sctp_ifwdtsn_... • https://git.kernel.org/stable/c/0fc2ea922c8ad5520c80f03facbf396c81dce802 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53370 – drm/amdgpu: fix memory leak in mes self test
https://notcve.org/view.php?id=CVE-2023-53370
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix memory leak in mes self test The fences associated with mes queue have to be freed up during amdgpu_ring_fini. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix memory leak in mes self test The fences associated with mes queue have to be freed up during amdgpu_ring_fini. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be upda... • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53369 – net: dcb: choose correct policy to parse DCB_ATTR_BCN
https://notcve.org/view.php?id=CVE-2023-53369
18 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCB_ATTR_BCN The dcbnl_bcn_setcfg uses erroneous policy to parse tb[DCB_ATTR_BCN], which is introduced in commit 859ee3c43812 ("DCB: Add support for DCB BCN"). Please see the comment in below code static int dcbnl_bcn_setcfg(...) { ... ret = nla_parse_nested_deprecated(..., dcbnl_pfc_up_nest, .. ) // !!! dcbnl_pfc_up_nest for attributes // DCB_PFC_UP_ATTR_0 to DCB_PFC_UP_ATTR_ALL in enum dcbnl_pfc_up... • https://git.kernel.org/stable/c/859ee3c43812051e21816c6d6d4cc04fb7ce9b2e •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53368 – tracing: Fix race issue between cpu buffer write and swap
https://notcve.org/view.php?id=CVE-2023-53368
17 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rb_end_commit() at code: if (RB_WARN_ON(cpu_buffer, !local_read(&cpu_buffer->committing))) WARNING: CPU: 0 PID: 139 at kernel/trace/ring_buffer.c:3142 rb_commit+0x402/0x4a0 Call Trace: ring_buffer_unlock_commit+0x42/0x250 trace_buffer_unlock_commit_regs+0x3b/0x250 trace_event_buffer_commit+0xe5/0x440 trace_event_buffer_reserve+0x11c/0x150 trace_event_raw_event_sch... • https://git.kernel.org/stable/c/f1affcaaa861f27752a769f889bf1486ebd301fe •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53367 – accel/habanalabs: fix mem leak in capture user mappings
https://notcve.org/view.php?id=CVE-2023-53367
17 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: fix mem leak in capture user mappings This commit fixes a memory leak caused when clearing the user_mappings info when a new context is opened immediately after user_mapping is captured and a hard reset is performed. In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: fix mem leak in capture user mappings This commit fixes a memory leak caused when clearing the user_mappings info when a ne... • https://git.kernel.org/stable/c/0feaf86d4e69507ab9b2af7dcc63a6886352d5db •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53365 – ip6mr: Fix skb_under_panic in ip6mr_cache_report()
https://notcve.org/view.php?id=CVE-2023-53365
17 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skb_under_panic in ip6mr_cache_report() skbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:192! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),... • https://git.kernel.org/stable/c/14fb64e1f449ef6666f1c3a3fa4e13aec669b98d • CWE-124: Buffer Underwrite ('Buffer Underflow') •