CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53482 – iommu: Fix error unwind in iommu_group_alloc()
https://notcve.org/view.php?id=CVE-2023-53482
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: iommu: Fix error unwind in iommu_group_alloc() If either iommu_group_grate_file() fails then the iommu_group is leaked. Destroy it on these error paths. Found by kselftest/iommu/iommufd_fail_nth In the Linux kernel, the following vulnerability has been resolved: iommu: Fix error unwind in iommu_group_alloc() If either iommu_group_grate_file() fails then the iommu_group is leaked. Destroy it on these error paths. Found by kselftest/iommu/iom... • https://git.kernel.org/stable/c/bc7d12b91bd35477fd650c4d72b61239de9d9066 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53481 – ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed
https://notcve.org/view.php?id=CVE-2023-53481
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed Following process will trigger an infinite loop in ubi_wl_put_peb(): ubifs_bgt ubi_bgt ubifs_leb_unmap ubi_leb_unmap ubi_eba_unmap_leb ubi_wl_put_peb wear_leveling_worker e1 = rb_entry(rb_first(&ubi->used) e2 = get_peb_for_wl(ubi) ubi_io_read_vid_hdr // return err (flash fault) out_error: ubi->move_from = ubi->move_to = NULL wl_entry_destroy(ubi, e1) ubi->lookuptbl[e->pnu... • https://git.kernel.org/stable/c/43f9b25a9cdd7b177f77f026b1461abd1abbd174 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53480 – kobject: Add sanity check for kset->kobj.ktype in kset_register()
https://notcve.org/view.php?id=CVE-2023-53480
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: kobject: Add sanity check for kset->kobj.ktype in kset_register() When I register a kset in the following way: static struct kset my_kset; kobject_set_name(&my_kset.kobj, "my_kset"); ret = kset_register(&my_kset); A null pointer dereference exception is occurred: [ 4453.568337] Unable to handle kernel NULL pointer dereference at \ virtual address 0000000000000028 ... ... [ 4453.810361] Call trace: [ 4453.813062] kobject_get_ownership+0xc/0x... • https://git.kernel.org/stable/c/5f81880d5204ee2388fd9a75bb850ccd526885b7 •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53477 – ipv6: Add lwtunnel encap size of all siblings in nexthop calculation
https://notcve.org/view.php?id=CVE-2023-53477
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: Add lwtunnel encap size of all siblings in nexthop calculation In function rt6_nlmsg_size(), the length of nexthop is calculated by multipling the nexthop length of fib6_info and the number of siblings. However if the fib6_info has no lwtunnel but the siblings have lwtunnels, the nexthop length is less than it should be, and it will trigger a warning in inet6_rt_notify() as follows: WARNING: CPU: 0 PID: 6082 at net/ipv6/route.c:6180 i... • https://git.kernel.org/stable/c/beb1afac518dec5a15dc92ba8f0ca016dcf457b4 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53476 – iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()
https://notcve.org/view.php?id=CVE-2023-53476
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep". The problem is that "epcp" has been re-assigned so just testing "if (epcp->state == LISTEN) {" a second time is not sufficient. In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL derefe... • https://git.kernel.org/stable/c/116aeb8873712ea559d26b0d9d88147af5c88db5 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-53472 – pwm: lpc32xx: Remove handling of PWM channels
https://notcve.org/view.php?id=CVE-2023-53472
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm->hwpwm value is always 0. On basis of this fact simplify the code by removing operations with pwm->hwpwm, there is no controls which require channel number as input. Even though I wasn't aware at the time when I forward ported that patch, th... • https://git.kernel.org/stable/c/bb4de81eb940e7027f37a6fd3b7ddcb4403deb56 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53471 – drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras
https://notcve.org/view.php?id=CVE-2023-53471
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras gfx9 cp_ecc_error_irq is only enabled when legacy gfx ras is assert. So in gfx_v9_0_hw_fini, interrupt disablement for cp_ecc_error_irq should be executed under such condition, otherwise, an amdgpu_irq_put calltrace will occur. [ 7283.170322] RIP: 0010:amdgpu_irq_put+0x45/0x70 [amdgpu] [ 7283.170964] RSP: 0018:ffff9a5fc3967d00 EFLAGS: 00010246 [ 7283.170967] RAX... • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53468 – ubifs: Fix memory leak in alloc_wbufs()
https://notcve.org/view.php?id=CVE-2023-53468
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in alloc_wbufs() kmemleak reported a sequence of memory leaks, and show them as following: unreferenced object 0xffff8881575f8400 (size 1024): comm "mount", pid 19625, jiffies 4297119604 (age 20.383s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53458 – media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and buffer_finish()
https://notcve.org/view.php?id=CVE-2023-53458
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and buffer_finish() When the driver calls cx23885_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a empty buffer risc->cpu. Later when we free the buffer or access the buffer, null ptr deref is triggered. This bug is similar to the following one: https://git.linuxtv.org/media_stage.git/commit/?id=2b064d91440b33fba5b452f2d1b31f13ae91... • https://git.kernel.org/stable/c/4d63a25c4523b5d18e5307897d56aff785f43bf5 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53457 – FS: JFS: Fix null-ptr-deref Read in txBegin
https://notcve.org/view.php?id=CVE-2023-53457
01 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Fix null-ptr-deref Read in txBegin Syzkaller reported an issue where txBegin may be called on a superblock in a read-only mounted filesystem which leads to NULL pointer deref. This could be solved by checking if the filesystem is read-only before calling txBegin, and returning with appropiate error code. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated wit... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •