CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2022-50489 – drm/mipi-dsi: Detach devices when removing the host
https://notcve.org/view.php?id=CVE-2022-50489
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of mipi_dsi_host_unregister() loops over every device currently found on that bus and will unregister it. However, it doesn't detach it from the bus first, which leads to all kind of resource leaks if the host wants to perform some clean up whenever a device is detached. In the Linux kernel, the following vulnerability has been resolved:... • https://git.kernel.org/stable/c/068a00233969833f1ba925e7627797489efd6041 • CWE-459: Incomplete Cleanup •
CVSS: 6.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50488 – block, bfq: fix possible uaf for 'bfqq->bic'
https://notcve.org/view.php?id=CVE-2022-50488
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ================================================================== BUG: KASAN: use-after-free in bfq_select_queue+0x378/0xa30 CPU: 6 PID: 2318352 Comm: fsstress Kdump: loaded Not tainted 5.10.0-60.18.0.50.h602.kasan.eulerosv2r11.x86_64 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58-20220320_160524-szxrtosci10000 ... • https://git.kernel.org/stable/c/4dfc12f8c94c8052e975060f595938f75e8b7165 • CWE-826: Premature Release of Resource During Expected Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53579 – gpio: mvebu: fix irq domain leak
https://notcve.org/view.php?id=CVE-2023-53579
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action. In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action. The ... • https://git.kernel.org/stable/c/812d47889a8e418d7bea9bec383581a34c19183e •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53578 – net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()
https://notcve.org/view.php?id=CVE-2023-53578
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtr_tx_resume+0x185/0x1f0 net/qrtr/af_qrtr.c:230 qrtr_tx_resume+0x185/0x1f0 net/qrtr/af_qrtr.c:230 qrtr_endpoint_post+0xf85/0x11b0 net/qrtr/af_qrtr.c:519 qrtr_tun_write_iter+0x270/0x400 net/qrtr/tun.c:108 call_write_iter include/linux/fs.h:2189 [inline] aio_wr... • https://git.kernel.org/stable/c/5fdeb0d372ab33b4175043a2a4a1730239a217f1 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-53577 – bpf, cpumap: Make sure kthread is running before map update returns
https://notcve.org/view.php?id=CVE-2023-53577
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdp_redirect_cpu with some RT threads: ------------[ cut here ]------------ WARNING: CPU: 4 PID: 65 at kernel/bpf/cpumap.c:135 CPU: 4 PID: 65 Comm: kworker/4:1 Not tainted 6.5.0-rc2+ #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Workqueue: events cpu_map_kthread_stop RIP: 0010:put_cpu_map_entry+0... • https://git.kernel.org/stable/c/6710e1126934d8b4372b4d2f9ae1646cd3f151bf • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-53576 – null_blk: Always check queue mode setting from configfs
https://notcve.org/view.php?id=CVE-2023-53576
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: null_blk: Always check queue mode setting from configfs Make sure to check device queue mode in the null_validate_conf() and return error for NULL_Q_RQ as we don't allow legacy I/O path, without this patch we get OOPs when queue mode is set to 1 from configfs, following are repro steps :- modprobe null_blk nr_devices=0 mkdir config/nullb/nullb0 echo 1 > config/nullb/nullb0/memory_backed echo 4096 > config/nullb/nullb0/blocksize echo 20480 >... • https://git.kernel.org/stable/c/e50b1e327aeb4b224364aa6f85c1713ff8b3654b • CWE-1288: Improper Validation of Consistency within Input •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-53574 – wifi: rtw88: delete timer and free skb queue when unloading
https://notcve.org/view.php?id=CVE-2023-53574
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtw_core_deinit()', shrink critical section in the latter by freeing COEX queue out of TX report lock scope. In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driv... • https://git.kernel.org/stable/c/e3037485c68ec1a299ff41160d8fedbd4abc29b9 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53571 – drm/i915: Make intel_get_crtc_new_encoder() less oopsy
https://notcve.org/view.php?id=CVE-2023-53571
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/i915: Make intel_get_crtc_new_encoder() less oopsy The point of the WARN was to print something, not oops straight up. Currently that is precisely what happens if we can't find the connector for the crtc in the atomic state. Get the dev pointer from the atomic state instead of the potentially NULL encoder to avoid that. (cherry picked from commit 3b6692357f70498f617ea1b31a0378070a0acf1c) In the Linux kernel, the following vulnerability ... • https://git.kernel.org/stable/c/3a47ae201e074945bbde0b088e4c1215c07f4d75 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-53569 – ext2: Check block size validity during mount
https://notcve.org/view.php?id=CVE-2023-53569
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: ext2: Check block size validity during mount Check that log of block size stored in the superblock has sensible value. Otherwise the shift computing the block size can overflow leading to undefined behavior. In the Linux kernel, the following vulnerability has been resolved: ext2: Check block size validity during mount Check that log of block size stored in the superblock has sensible value. Otherwise the shift computing the block size can ... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-53568 – s390/zcrypt: don't leak memory if dev_set_name() fails
https://notcve.org/view.php?id=CVE-2023-53568
04 Oct 2025 — In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if dev_set_name() fails When dev_set_name() fails, zcdn_create() doesn't free the newly allocated resources. Do it. In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if dev_set_name() fails When dev_set_name() fails, zcdn_create() doesn't free the newly allocated resources. Do it. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to fix various security ... • https://git.kernel.org/stable/c/00fab2350e6b91e57b3cdcd5d9f01056775a921d • CWE-772: Missing Release of Resource after Effective Lifetime •