linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53864 | — | >= 5.19.0, < 6.1.54 | 6.1.54 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/mxsfb: Disable overlay plane in mxsfb_plane_overlay_atomic_disable() When disabling overlay plane in mxsfb_plane_overlay_atomic_update(), overlay plane's framebuffer pointer is NULL. So, dereferencing it w | ||
| CVE-2023-53863 | — | >= 3.5.0, < 4.14.322 | 4.14.322 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address [1] Replace ETH_ALEN by dev->addr_len. [1] (Case of a device where dev->addr | ||
| CVE-2023-53862 | — | >= 2.6.12, < 4.14.308 | 4.14.308 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfs_bnode_get() in __hfs_bnode_create Syzbot found a kernel BUG in hfs_bnode_put(): kernel BUG at fs/hfs/bnode.c:466! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 3634 Comm: kwor | ||
| CVE-2023-53861 | — | < 5.10.195 | 5.10.195 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will access memory of grp and will trigger kernel crash if grp is NULL. So do NULL check before corruption check. | ||
| CVE-2023-53860 | — | >= 5.19.0, < 6.1.55 | 6.1.55 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm: don't attempt to queue IO under RCU protection dm looks up the table for IO based on the request type, with an assumption that if the request is marked REQ_NOWAIT, it's fine to attempt to submit that IO whi | ||
| CVE-2023-53859 | — | >= 5.9.0, < 5.15.99 | 5.15.99 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/idle: mark arch_cpu_idle() noinstr linux-next commit ("cpuidle: tracing: Warn about !rcu_is_watching()") adds a new warning which hits on s390's arch_cpu_idle() function: RCU not on for: arch_cpu_idle+0x0 | ||
| CVE-2023-53858 | — | >= 3.3.0, < 4.14.322 | 4.14.322 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed. | ||
| CVE-2023-53857 | — | >= 5.18.0, < 6.5.4 | 6.5.4 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_sk_storage: Fix invalid wait context lockdep report './test_progs -t test_local_storage' reported a splat: [ 27.137569] ============================= [ 27.138122] [ BUG: Invalid wait context ] [ | ||
| CVE-2023-53856 | — | >= 4.15.0, < 5.15.132 | 5.15.132 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call of_changeset_init() early When of_overlay_fdt_apply() fails, the changeset may be partially applied, and the caller is still expected to call of_overlay_remove() to clean up this partial state | ||
| CVE-2023-53855 | — | >= 5.12.0, < 6.1.46 | 6.1.46 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove When the tagging protocol in current use is "ocelot-8021q" and we unbind the driver, we see this splat: $ echo '0000:00:00.2 | ||
| CVE-2023-53854 | — | >= 6.0.0, < 6.1.30 | 6.1.30 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver tha | ||
| CVE-2023-53853 | — | >= 3.12.0, < 4.14.316 | 4.14.316 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk->cb_running Both netlink_recvmsg() and netlink_native_seq_show() read nlk->cb_running locklessly. Use READ_ONCE() there. Add corresponding WRITE_ONCE() to netlink_dump() and _ | ||
| CVE-2023-53852 | — | >= 6.0.0, < 6.1.39 | 6.1.39 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_secret_store Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 (size 64): comm "chec | ||
| CVE-2023-53851 | — | >= 6.1.0, < 6.3.13 | 6.3.13 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Drop aux devices together with DP controller Using devres to depopulate the aux bus made sure that upon a probe deferral the EDP panel device would be destroyed and recreated upon next attempt. But | ||
| CVE-2023-53850 | — | >= 4.15.0, < 6.1.42 | 6.1.42 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavf_reset_task() is running, __LINK_STATE_START will be cleared and netif_running() will return false in iavf_reinit_ | ||
| CVE-2023-53849 | — | >= 3.15.0, < 6.1.29 | 6.1.29 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix workqueue leak on bind errors Make sure to destroy the workqueue also in case of early errors during bind (e.g. a subcomponent failing to bind). Since commit c3b790ea07a1 ("drm: Manage drm_mode_co | ||
| CVE-2023-53848 | — | >= 6.0.0, < 6.1.53 | 6.1.53 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") introduce a new problem: // caller hold reconfig_mutex r5l_exit_log flush_work(&lo | ||
| CVE-2023-53847 | — | >= 2.6.16, < 4.14.323 | 4.14.323 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alauda_tran | ||
| CVE-2023-53846 | — | >= 3.8.0, < 6.4.10 | 6.4.10 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncate_dnode() syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fs_truncate_data_blocks_range+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at a | ||
| CVE-2023-53845 | — | >= 2.6.30, < 4.14.315 | 4.14.315 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfs_mdt_get_block() If the disk image that nilfs2 mounts is corrupted and a virtual block address obtained by block lookup for a metadata file is invalid, nilfs_bmap_lookup_at_lev |
- CVE-2023-53864Dec 9, 2025affected >= 5.19.0, < 6.1.54fixed 6.1.54
In the Linux kernel, the following vulnerability has been resolved: drm/mxsfb: Disable overlay plane in mxsfb_plane_overlay_atomic_disable() When disabling overlay plane in mxsfb_plane_overlay_atomic_update(), overlay plane's framebuffer pointer is NULL. So, dereferencing it w
- CVE-2023-53863Dec 9, 2025affected >= 3.5.0, < 4.14.322fixed 4.14.322
In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address [1] Replace ETH_ALEN by dev->addr_len. [1] (Case of a device where dev->addr
- CVE-2023-53862Dec 9, 2025affected >= 2.6.12, < 4.14.308fixed 4.14.308
In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfs_bnode_get() in __hfs_bnode_create Syzbot found a kernel BUG in hfs_bnode_put(): kernel BUG at fs/hfs/bnode.c:466! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 3634 Comm: kwor
- CVE-2023-53861Dec 9, 2025affected < 5.10.195fixed 5.10.195
In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will access memory of grp and will trigger kernel crash if grp is NULL. So do NULL check before corruption check.
- CVE-2023-53860Dec 9, 2025affected >= 5.19.0, < 6.1.55fixed 6.1.55
In the Linux kernel, the following vulnerability has been resolved: dm: don't attempt to queue IO under RCU protection dm looks up the table for IO based on the request type, with an assumption that if the request is marked REQ_NOWAIT, it's fine to attempt to submit that IO whi
- CVE-2023-53859Dec 9, 2025affected >= 5.9.0, < 5.15.99fixed 5.15.99
In the Linux kernel, the following vulnerability has been resolved: s390/idle: mark arch_cpu_idle() noinstr linux-next commit ("cpuidle: tracing: Warn about !rcu_is_watching()") adds a new warning which hits on s390's arch_cpu_idle() function: RCU not on for: arch_cpu_idle+0x0
- CVE-2023-53858Dec 9, 2025affected >= 3.3.0, < 4.14.322fixed 4.14.322
In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed.
- CVE-2023-53857Dec 9, 2025affected >= 5.18.0, < 6.5.4fixed 6.5.4
In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_sk_storage: Fix invalid wait context lockdep report './test_progs -t test_local_storage' reported a splat: [ 27.137569] ============================= [ 27.138122] [ BUG: Invalid wait context ] [
- CVE-2023-53856Dec 9, 2025affected >= 4.15.0, < 5.15.132fixed 5.15.132
In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call of_changeset_init() early When of_overlay_fdt_apply() fails, the changeset may be partially applied, and the caller is still expected to call of_overlay_remove() to clean up this partial state
- CVE-2023-53855Dec 9, 2025affected >= 5.12.0, < 6.1.46fixed 6.1.46
In the Linux kernel, the following vulnerability has been resolved: net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove When the tagging protocol in current use is "ocelot-8021q" and we unbind the driver, we see this splat: $ echo '0000:00:00.2
- CVE-2023-53854Dec 9, 2025affected >= 6.0.0, < 6.1.30fixed 6.1.30
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver tha
- CVE-2023-53853Dec 9, 2025affected >= 3.12.0, < 4.14.316fixed 4.14.316
In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk->cb_running Both netlink_recvmsg() and netlink_native_seq_show() read nlk->cb_running locklessly. Use READ_ONCE() there. Add corresponding WRITE_ONCE() to netlink_dump() and _
- CVE-2023-53852Dec 9, 2025affected >= 6.0.0, < 6.1.39fixed 6.1.39
In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_secret_store Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 (size 64): comm "chec
- CVE-2023-53851Dec 9, 2025affected >= 6.1.0, < 6.3.13fixed 6.3.13
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Drop aux devices together with DP controller Using devres to depopulate the aux bus made sure that upon a probe deferral the EDP panel device would be destroyed and recreated upon next attempt. But
- CVE-2023-53850Dec 9, 2025affected >= 4.15.0, < 6.1.42fixed 6.1.42
In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavf_reset_task() is running, __LINK_STATE_START will be cleared and netif_running() will return false in iavf_reinit_
- CVE-2023-53849Dec 9, 2025affected >= 3.15.0, < 6.1.29fixed 6.1.29
In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix workqueue leak on bind errors Make sure to destroy the workqueue also in case of early errors during bind (e.g. a subcomponent failing to bind). Since commit c3b790ea07a1 ("drm: Manage drm_mode_co
- CVE-2023-53848Dec 9, 2025affected >= 6.0.0, < 6.1.53fixed 6.1.53
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") introduce a new problem: // caller hold reconfig_mutex r5l_exit_log flush_work(&lo
- CVE-2023-53847Dec 9, 2025affected >= 2.6.16, < 4.14.323fixed 4.14.323
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alauda_tran
- CVE-2023-53846Dec 9, 2025affected >= 3.8.0, < 6.4.10fixed 6.4.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncate_dnode() syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fs_truncate_data_blocks_range+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at a
- CVE-2023-53845Dec 9, 2025affected >= 2.6.30, < 4.14.315fixed 4.14.315
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfs_mdt_get_block() If the disk image that nilfs2 mounts is corrupted and a virtual block address obtained by block lookup for a metadata file is invalid, nilfs_bmap_lookup_at_lev
Page 59 of 88