CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53195 – mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init
https://notcve.org/view.php?id=CVE-2023-53195
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init The line cards array is not freed in the error path of mlxsw_m_linecards_init(), which can lead to a memory leak. Fix by freeing the array in the error path, thereby making the error path identical to mlxsw_m_linecards_fini(). In the Linux kernel, the following vulnerability has been resolved: mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init The line card... • https://git.kernel.org/stable/c/01328e23a476a47179b07125eabac439bc1d5fd3 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53194 – fs/ntfs3: Add length check in indx_get_root
https://notcve.org/view.php?id=CVE-2023-53194
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add length check in indx_get_root This adds a length check to guarantee the retrieved index root is legit. [ 162.459513] BUG: KASAN: use-after-free in hdr_find_e.isra.0+0x10c/0x320 [ 162.460176] Read of size 2 at addr ffff8880037bca99 by task mount/243 [ 162.460851] [ 162.461252] CPU: 0 PID: 243 Comm: mount Not tainted 6.0.0-rc7 #42 [ 162.461744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990... • https://git.kernel.org/stable/c/4534a70b7056fd4b9a1c6db5a4ce3c98546b291e •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53193 – drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v10_0_hw_fini
https://notcve.org/view.php?id=CVE-2023-53193
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v10_0_hw_fini The gmc.ecc_irq is enabled by firmware per IFWI setting, and the host driver is not privileged to enable/disable the interrupt. So, it is meaningless to use the amdgpu_irq_put function in gmc_v10_0_hw_fini, which also leads to the call trace. [ 82.340264] Call Trace: [ 82.340265]
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53192 – vxlan: Fix nexthop hash size
https://notcve.org/view.php?id=CVE-2023-53192
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix nexthop hash size The nexthop code expects a 31 bit hash, such as what is returned by fib_multipath_hash() and rt6_multipath_hash(). Passing the 32 bit hash returned by skb_get_hash() can lead to problems related to the fact that 'int hash' is a negative number when the MSB is set. In the case of hash threshold nexthop groups, nexthop_select_path_hthr() will disproportionately select the first nexthop group entry. In the case of ... • https://git.kernel.org/stable/c/1274e1cc42264d4e629841e4f182795cb0becfd2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53191 – irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
https://notcve.org/view.php?id=CVE-2023-53191
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_node_put() to avoid refcount leak. In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains of_irq_find_parent() returns a node pointer with refcount increm... • https://git.kernel.org/stable/c/e6b78f2c3e14a9e3a909be3e6ec305d9f1cbabbd •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53190 – vxlan: Fix memory leaks in error path
https://notcve.org/view.php?id=CVE-2023-53190
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix memory leaks in error path The memory allocated by vxlan_vnigroup_init() is not freed in the error path, leading to memory leaks [1]. Fix by calling vxlan_vnigroup_uninit() in the error path. The leaks can be reproduced by annotating gro_cells_init() with ALLOW_ERROR_INJECTION() and then running: # echo "100" > /sys/kernel/debug/fail_function/probability # echo "1" > /sys/kernel/debug/fail_function/times # echo "gro_cells_init" >... • https://git.kernel.org/stable/c/f9c4bb0b245cee35ef66f75bf409c9573d934cf9 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-53189 – ipv6/addrconf: fix a potential refcount underflow for idev
https://notcve.org/view.php?id=CVE-2023-53189
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconf_mod_rs_timer(), reference idev depends on whether rs_timer is not pending. Then modify rs_timer timeout. There is a time gap in [1], during which if the pending rs_timer becomes not pending. It will miss to hold idev, but the rs_timer is activated. Thus rs_timer callback function addrconf_rs_timer() will be executed and put idev later without holding idev. • https://git.kernel.org/stable/c/b7b1bfce0bb68bd8f6e62a28295922785cc63781 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53188 – net: openvswitch: fix race on port output
https://notcve.org/view.php?id=CVE-2023-53188
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output assume the following setup on a single machine: 1. An openvswitch instance with one bridge and default flows 2. two network namespaces "server" and "client" 3. two ovs interfaces "server" and "client" on the bridge 4. for each ovs interface a veth pair with a matching name and 32 rx and tx queues 5. move the ends of the veth pairs to the respective network namespaces 6. assign ip addresses to each o... • https://git.kernel.org/stable/c/7f8a436eaa2c3ddd8e1ff2fbca267e6275085536 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-53187 – btrfs: fix use-after-free of new block group that became unused
https://notcve.org/view.php?id=CVE-2023-53187
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of new block group that became unused If a task creates a new block group and that block group becomes unused before we finish its creation, at btrfs_create_pending_block_groups(), then when btrfs_mark_bg_unused() is called against the block group, we assume that the block group is currently in the list of block groups to reclaim, and we move it out of the list of new block groups and into the list of unused block ... • https://git.kernel.org/stable/c/edf3b5aadb2515c808200b904baa5b70a727f0ac •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53186 – skbuff: Fix a race between coalescing and releasing SKBs
https://notcve.org/view.php?id=CVE-2023-53186
15 Sep 2025 — In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 ("skbuff: fix coalescing for page_pool fragment recycling") allowed coalescing to proceed with non page pool page and page pool page when @from is cloned, i.e. to->pp_recycle --> false from->pp_recycle --> true skb_cloned(from) --> true However, it actually requires skb_cloned(@from) to hold true until coalescing finishes in this situation. If the other cloned SKB ... • https://git.kernel.org/stable/c/53e0961da1c7bbdabd1abebb20de403ec237ec09 • CWE-416: Use After Free •