CVSS: 8.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53117 – fs: prevent out-of-bounds array speculation when closing a file descriptor
https://notcve.org/view.php?id=CVE-2023-53117
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369 • https://git.kernel.org/stable/c/f31cd5da636682caea424fa1c22679016cbfc16b • CWE-385: Covert Timing Channel •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53116 – nvmet: avoid potential UAF in nvmet_req_complete()
https://notcve.org/view.php?id=CVE-2023-53116
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free the request passed as argument. In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free the request passed as argument. ... • https://git.kernel.org/stable/c/a07b4970f464f13640e28e16dad6cfa33647cc99 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53115 – scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc()
https://notcve.org/view.php?id=CVE-2023-53115
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc() Don't allocate memory again when IOC is being reinitialized. • https://git.kernel.org/stable/c/fe6db615156573d3f6a37564b8a590cb03bbaf25 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53114 – i40e: Fix kernel crash during reboot when adapter is in recovery mode
https://notcve.org/view.php?id=CVE-2023-53114
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during reboot when adapter is in recovery mode If the driver detects during probe that firmware is in recovery mode then i40e_init_recovery_mode() is called and the rest of probe function is skipped including pci_set_drvdata(). In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during reboot when adapter is in recovery mode If the driver detects during probe that f... • https://git.kernel.org/stable/c/4ff0ee1af016976acb6a525e68ec9a5a85d7abdc • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53113 – wifi: nl80211: fix NULL-ptr deref in offchan check
https://notcve.org/view.php?id=CVE-2023-53113
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NULL-ptr deref in offchan check If, e.g. In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NULL-ptr deref in offchan check If, e.g. in AP mode, the link was already created by userspace but not activated yet, it has a chandef but the chandef isn't valid and has no channel. ... A flaw was found in the cfg80211 module in the Linux kernel. ... • https://git.kernel.org/stable/c/7b0a0e3c3a88260b6fcb017e49f198463aa62ed1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53112 – drm/i915/sseu: fix max_subslices array-index-out-of-bounds access
https://notcve.org/view.php?id=CVE-2023-53112
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access It seems that commit bc3c5e0809ae ("drm/i915/sseu: Don't try to store EU mask internally in UAPI format") exposed a potential out-of-bounds access, reported by UBSAN as following on a laptop with a gen 11 i915 card: UBSAN: array-index-out-of-bounds in drivers/gpu/drm/i915/gt/intel_sseu.c:65:27 index 6 is out of range for type 'u16 [6]' CPU: 2 PID: 165 Comm: systemd-ude... • https://git.kernel.org/stable/c/bc3c5e0809ae9faa039baf75547e8ee46ec124ef •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53111 – loop: Fix use-after-free issues
https://notcve.org/view.php?id=CVE-2023-53111
02 May 2025 — This patch fixes the following kernel crash: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000054 Call trace: css_put.42938+0x1c/0x1ac loop_process_work+0xc8c/0xfd4 loop_rootcg_workfn+0x24/0x34 process_one_work+0x244/0x558 worker_thread+0x400/0x8fc kthread+0x16c/0x1e0 ret_from_fork+0x10/0x20 In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues do_req_filebacked() calls blk_mq_complete_request() synchronously or asynchronou... • https://git.kernel.org/stable/c/bc07c10a3603a5ab3ef01ba42b3d41f9ac63d1b6 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53110 – net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
https://notcve.org/view.php?id=CVE-2023-53110
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler() When performing a stress test on SMC-R by rmmod mlx5_ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler() When performing a stress test on SMC-R by rmmod mlx5_ib driver during ... • https://git.kernel.org/stable/c/0b29ec6436138721acf5844e558f7334a0fa61d5 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53109 – net: tunnels: annotate lockless accesses to dev->needed_headroom
https://notcve.org/view.php?id=CVE-2023-53109
02 May 2025 — BUG: KCSAN: data-race in ip_tunnel_xmit / ip_tunnel_xmit read to 0xffff88815b9da0ec of 2 bytes by task 888 on cpu 1: ip_tunnel_xmit+0x1270/0x1730 net/ipv4/ip_tunnel.c:803 __gre_xmit net/ipv4/ip_gre.c:469 [inline] ipgre_xmit+0x516/0x570 net/ipv4/ip_gre.c:661 __netdev_start_xmit include/linux/netdevice.h:4881 [inline] netdev_start_xmit include/linux/netdevice.h:4895 [inline] xmit_one net/core/dev.c:3580 [inline] dev_hard_start_xmit+0x127/0x400 net/core/dev.c:3596 __dev_queue_xmit+0x1007/0x1eb0 n... • https://git.kernel.org/stable/c/8eb30be0352d09165e94a41fef1c7b994dca0714 •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53108 – net/iucv: Fix size of interrupt data
https://notcve.org/view.php?id=CVE-2023-53108
02 May 2025 — In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucv_irq_data needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. ... • https://git.kernel.org/stable/c/2356f4cb191100a5e92d537f13e5efdbc697e9cb •