CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-53719 – serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
https://notcve.org/view.php?id=CVE-2023-53719
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631. In arc_serial_probe(), if uart_add_one_port() fails, port->membase is not released, which would cause a resource leak. To fix this, I replace of_iomap with devm_platform_ioremap_resource. In the Linux kernel, the following vulnerability has been resol... • https://git.kernel.org/stable/c/8dbe1d5e09a7faec8d22cadcc1011acab8fa6e2a •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53718 – ring-buffer: Do not swap cpu_buffer during resize process
https://notcve.org/view.php?id=CVE-2023-53718
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in the wrong state will result in oops. This issue can be easily reproduced using the following two scripts: /tmp # cat test1.sh //#! /bin/sh for i in `seq 0 100000` do echo 2000 > /sys/kernel/debug/tracing/buffer_size_kb sleep 0.5 echo... • https://git.kernel.org/stable/c/66a3b2a121386702663065d5c9e5a33c03d3f4a2 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53717 – wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback()
https://notcve.org/view.php?id=CVE-2023-53717
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wmi_cmd(). The callback writes to wmi->cmd_rsp_buf, a stack-allocated buffer that could no longer be valid when a timeout occurs. Set wmi->last_seq_id to 0 when a timeout occurred. Found by a modified version of syzkaller. BUG: KASAN: s... • https://git.kernel.org/stable/c/fb9987d0f748c983bb795a86f47522313f701a08 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53716 – net: fix skb leak in __skb_tstamp_tx()
https://notcve.org/view.php?id=CVE-2023-53716
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in __skb_tstamp_tx() Commit 50749f2dd685 ("tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.") added a call to skb_orphan_frags_rx() to fix leaks with zerocopy skbs. But it ended up adding a leak of its own. When skb_orphan_frags_rx() fails, the function just returns, leaking the skb it just cloned. Free it before returning. This bug was discovered and resolved using Coverity Static Analysis Security Testing... • https://git.kernel.org/stable/c/281072fb2a7294cde7acbf5375b879f40a8001b7 •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53715 – wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
https://notcve.org/view.php?id=CVE-2023-53715
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in binary all along, so use that and avoid the hexification. OpenBSD has been doing it like this from the beginning, so this should work on all chips. Also clear the structure before setting the PMK. • https://git.kernel.org/stable/c/1687845eb8f37360a9ee849a3587ab659b090773 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53714 – drm/stm: ltdc: fix late dereference check
https://notcve.org/view.php?id=CVE-2023-53714
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a container_of() before the pointer check. This could cause a kernel panic. Fix this smatch warning: drivers/gpu/drm/stm/ltdc.c:1124 ltdc_crtc_set_crc_source() warn: variable dereferenced before check 'crtc' (see line 1119) In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check I... • https://git.kernel.org/stable/c/340dba127bbed51e8425cd8e097aacfadd175462 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53713 – arm64: sme: Use STR P to clear FFR context field in streaming SVE mode
https://notcve.org/view.php?id=CVE-2023-53713
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 and 256 bits in size depending upon the configured vector length. When saving the SVE state in streaming SVE mode, the FFR register is inaccessible and so commit 9f5848665788 ("arm64/sve: Make access to FFR optional") simply clears the FFR field of the in-memory context structure. Unfortunately, it achieves this u... • https://git.kernel.org/stable/c/9f5848665788a0f07bc175cb2cdd06d367b7556e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53712 – ARM: 9317/1: kexec: Make smp stop calls asynchronous
https://notcve.org/view.php?id=CVE-2023-53712
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdcb8039c ("smp: Warn on function calls from softirq context") this call should not be made synchronous with disabled interrupts: softdog: Initiating panic Kernel panic - not syncing: Software Watchdog Timer expired WARNING: CPU: 1 PID: 0 at kernel/smp.c:753 smp... • https://git.kernel.org/stable/c/46870eea5496ff277e86187a49ac5a667cfe60c4 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53711 – NFS: Fix a potential data corruption
https://notcve.org/view.php?id=CVE-2023-53711
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it synchronously, we still need to add it back to the retransmission list. Add a call that mirrors the effect of nfs_cancel_remove_inode() for O_DIRECT. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potenti... • https://git.kernel.org/stable/c/ed5d588fe47feef290f271022820e255d8371561 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-53710 – wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read
https://notcve.org/view.php?id=CVE-2023-53710
22 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read Kernel NULL pointer dereference when ACPI SAR table isn't implemented well. Fix the error code of return to mark the ACPI SAR table as invalid. [ 5.077128] mt7921e 0000:06:00.0: sar cnt = 0 [ 5.077381] BUG: kernel NULL pointer dereference, address: 0000000000000004 [ 5.077630] #PF: supervisor read access in kernel mode [ 5.077883] #PF: error_code(0x0000) - not-present page [ 5... • https://git.kernel.org/stable/c/f965333e491e36adb0fa91e389fba8685b704fb6 •