CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53603 – scsi: qla2xxx: Avoid fcport pointer dereference
https://notcve.org/view.php?id=CVE-2023-53603
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NULL fcport pointer to dereference at the time of exit. To avoid fcport pointer dereference, exit the routine when sa_ctl is NULL. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer der... • https://git.kernel.org/stable/c/4406fe8a96a946c7ea5724ee59625755a1d9c59d •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53602 – wifi: ath11k: fix memory leak in WMI firmware stats
https://notcve.org/view.php?id=CVE-2023-53602
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod. Fix it by calling ath11k_fw_stats_free() function before hardware unregister. While at it, avoid calling ath11k_fw_stats_free() while processing the firmware stats received in the WMI event because the local list is getting spliced and reinitialised and hence there are no elements in the list afte... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53601 – bonding: do not assume skb mac_header is set
https://notcve.org/view.php?id=CVE-2023-53601
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb mac_header is set Drivers must not assume in their ndo_start_xmit() that skbs have their mac_header set. skb->data is all what is needed. bonding seems to be one of the last offender as caught by syzbot: WARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 skb_mac_offset include/linux/skbuff.h:2913 [inline] WARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 bond_xmit_hash drivers/net/bonding/bond_main.... • https://git.kernel.org/stable/c/7b8fc0103bb51d1d3e1fb5fd67958612e709f883 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53600 – tunnels: fix kasan splat when generating ipv4 pmtu error
https://notcve.org/view.php?id=CVE-2023-53600
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in ip_compute_csum+0x134/0x220 Read of size 4 at addr ffff88811c50db00 by task iperf3/1691 CPU: 2 PID: 1691 Comm: iperf3 Not tainted 6.5.0-rc3+ #309 [..] kasan_report+0x105/0x140 ip_compute_csum+0x134/0x220 iptunnel_pmtud_build_icmp+0x554/0x1020 skb_tunnel_check_pmtu+0x513/0xb80 vxlan_... • https://git.kernel.org/stable/c/4cb47a8644cc9eb8ec81190a50e79e6530d0297f •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53598 – bus: mhi: host: Range check CHDBOFF and ERDBOFF
https://notcve.org/view.php?id=CVE-2023-53598
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBOFF registers is outside the range of the MHI register space then an invalid address might be computed which later causes a kernel panic. Range check the read value to prevent a crash due to bad data from the device. In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read fr... • https://git.kernel.org/stable/c/6cd330ae76ffd5c8f6294c423cabde7eeef1b40c •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53597 – cifs: fix mid leak during reconnection after timeout threshold
https://notcve.org/view.php?id=CVE-2023-53597
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT), we reconnect the connection. But we do not return the mid, or the credits returned for the mid, or reduce the number of in-flight requests. This bug could result in the server->in_flight count to go bad, and also cause a leak in the mids. This change moves the che... • https://git.kernel.org/stable/c/8e670f77c4a55013db6d23b962f9bf6673a5e7b6 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53596 – drivers: base: Free devm resources when unregistering a device
https://notcve.org/view.php?id=CVE-2023-53596
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only gets called if the device has a bus and has been probed. This leads to issues when using bus-less or driver-less devices where the device might never get freed if a managed resource holds a reference to the device. This is happening in the DRM framework for example. We should thus call devres_release_all() in the device_del() functi... • https://git.kernel.org/stable/c/a525a3ddeaca69f405d98442ab3c0746e53168dc •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53595 – octeontx2-pf: mcs: Fix NULL pointer dereferences
https://notcve.org/view.php?id=CVE-2023-53595
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: mcs: Fix NULL pointer dereferences When system is rebooted after creating macsec interface below NULL pointer dereference crashes occurred. This patch fixes those crashes by using correct order of teardown [ 3324.406942] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 3324.415726] Mem abort info: [ 3324.418510] ESR = 0x96000006 [ 3324.421557] EC = 0x25: DABT (current EL), IL = 32 bits [ 3... • https://git.kernel.org/stable/c/c54ffc73601c0a239e55911923a6e23a2a74f143 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53593 – cifs: Release folio lock on fscache read hit.
https://notcve.org/view.php?id=CVE-2023-53593
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: cifs: Release folio lock on fscache read hit. Under the current code, when cifs_readpage_worker is called, the call contract is that the callee should unlock the page. This is documented in the read_folio section of Documentation/filesystems/vfs.rst as: > The filesystem should unlock the folio once the read has completed, > whether it was successful or not. Without this change, when fscache is in use and cache hit occurs during a read, the ... • https://git.kernel.org/stable/c/c3ac8323f2f5b50e32681c254b8318f7fa2dc3f4 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53591 – net/mlx5e: Fix deadlock in tc route query code
https://notcve.org/view.php?id=CVE-2023-53591
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlock in tc route query code Cited commit causes ABBA deadlock[0] when peer flows are created while holding the devcom rw semaphore. Due to peer flows offload implementation the lock is taken much higher up the call chain and there is no obvious way to easily fix the deadlock. Instead, since tc route query code needs the peer eswitch structure only to perform a lookup in xarray and doesn't perform any sleeping operations w... • https://git.kernel.org/stable/c/f9d196bd632b8b79261ec3366c30ec3923ea9a02 •