linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53763 | — | < 6.1.53 | 6.1.53 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: fix to do sanity check on extent cache correctly" syzbot reports a f2fs bug as below: UBSAN: array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 index 1409 is out of range for type '__le32[923]' | ||
| CVE-2023-53762 | — | >= 5.17.0, < 6.4.16 | 6.4.16 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync Use-after-free can occur in hci_disconnect_all_sync if a connection is deleted by concurrent processing of a controller event. To prevent this the code n | ||
| CVE-2023-53761 | — | >= 4.20.0, < 5.4.244 | 5.4.244 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a user submits an ioctl for a 0-length control transfer, the driver does not check tha | ||
| CVE-2023-53760 | — | >= 6.3.0, < 6.3.3 | 6.3.3 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq->cq_lock deadlock issue When ufshcd_err_handler() is executed, CQ event interrupt can enter waiting for the same lock. This can happen in ufshcd_handle_mcq_cq_events() and also in | ||
| CVE-2023-53759 | — | >= 5.17.0, < 6.1.37 | 6.1.37 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidraw_open() function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data rac | ||
| CVE-2023-53758 | — | >= 6.0.0, < 6.1.28 | 6.1.28 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove() An early error exit in atmel_qspi_remove() doesn't prevent the device unbind. So this results in an spi controller with an unbound p | ||
| CVE-2023-53757 | — | >= 4.13.0, < 4.14.308 | 4.14.308 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_nod | ||
| CVE-2023-53756 | — | >= 4.18.0, < 5.10.175 | 5.10.175 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current_vmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcs_touch_m | ||
| CVE-2023-53755 | — | >= 5.18.0, < 6.1.16 | 6.1.16 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling pt_cmd_callback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exercised. The issue was the | ||
| CVE-2023-53754 | — | >= 4.17.0, < 5.4.243 | 5.4.243 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() When if_type equals zero and pci_resource_start(pdev, PCI_64BIT_BAR4) returns false, drbl_regs_memmap_p is not remapped. This passes a NULL pointer to | ||
| CVE-2023-53753 | — | >= 4.15.0, < 6.1.16 | 6.1.16 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address [Why] There is an issue mapping non-allocated location of memory. It would allocate gpio registers from an array out of bounds. [How] Patch correct numbers | ||
| CVE-2023-53752 | — | < 6.1.54 | 6.1.54 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmalloc_reserve() Blamed commit changed: ptr = kmalloc(size); if (ptr) size = ksize(ptr); size = kmalloc_size_roundup(size); ptr = kmalloc(size); This | ||
| CVE-2023-53751 | — | >= 5.0.0, < 6.1.28 | 6.1.28 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then p | ||
| CVE-2023-53750 | — | >= 6.2.0, < 6.3.13 | 6.3.13 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when num_configs is 1 The config passed in by pad wakeup is 1, when num_configs is 1, Configuration [1] should not be fetched, which will be detected by KASAN as a | ||
| CVE-2023-53748 | — | >= 4.10.0, < 6.1.30 | 6.1.30 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup variable *nplanes is provided by user via system call argument. The possible value of q_data->fmt->num_planes is 1-3, while the | ||
| CVE-2023-53747 | — | >= 2.6.38, < 4.14.327 | 4.14.327 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF After a call to console_unlock() in vcs_write() the vc_data struct can be freed by vc_port_destruct(). Because of that, the struct vc | ||
| CVE-2023-53746 | — | >= 4.20.0, < 5.4.240 | 5.4.240 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfio_ap device driver The device release callback function invoked to release the matrix device uses the dev_get_drvdata(device *dev) function to retrieve the pointer to the vfi | ||
| CVE-2023-53745 | — | >= 4.17.0, < 4.19.276 | 4.19.276 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: um: vector: Fix memory leak in vector_config If the return value of the uml_parse_vector_ifspec function is NULL, we should call kfree(params) to prevent memory leak. | ||
| CVE-2023-53744 | — | >= 5.2.0, < 5.10.180 | 5.10.180 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe wkup_m3_ipc_get() takes refcount, which should be freed by wkup_m3_ipc_put(). Add missing refcount release in the error paths. | ||
| CVE-2023-53743 | — | < 6.1.53 | 6.1.53 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: Free released resource after coalescing release_resource() doesn't actually free the resource or resource list entry so free the resource list entry to avoid a leak. |
- CVE-2023-53763Dec 8, 2025affected < 6.1.53fixed 6.1.53
In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: fix to do sanity check on extent cache correctly" syzbot reports a f2fs bug as below: UBSAN: array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 index 1409 is out of range for type '__le32[923]'
- CVE-2023-53762Dec 8, 2025affected >= 5.17.0, < 6.4.16fixed 6.4.16
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync Use-after-free can occur in hci_disconnect_all_sync if a connection is deleted by concurrent processing of a controller event. To prevent this the code n
- CVE-2023-53761Dec 8, 2025affected >= 4.20.0, < 5.4.244fixed 5.4.244
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a user submits an ioctl for a 0-length control transfer, the driver does not check tha
- CVE-2023-53760Dec 8, 2025affected >= 6.3.0, < 6.3.3fixed 6.3.3
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq->cq_lock deadlock issue When ufshcd_err_handler() is executed, CQ event interrupt can enter waiting for the same lock. This can happen in ufshcd_handle_mcq_cq_events() and also in
- CVE-2023-53759Dec 8, 2025affected >= 5.17.0, < 6.1.37fixed 6.1.37
In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidraw_open() function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data rac
- CVE-2023-53758Dec 8, 2025affected >= 6.0.0, < 6.1.28fixed 6.1.28
In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove() An early error exit in atmel_qspi_remove() doesn't prevent the device unbind. So this results in an spi controller with an unbound p
- CVE-2023-53757Dec 8, 2025affected >= 4.13.0, < 4.14.308fixed 4.14.308
In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_nod
- CVE-2023-53756Dec 8, 2025affected >= 4.18.0, < 5.10.175fixed 5.10.175
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current_vmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcs_touch_m
- CVE-2023-53755Dec 8, 2025affected >= 5.18.0, < 6.1.16fixed 6.1.16
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling pt_cmd_callback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exercised. The issue was the
- CVE-2023-53754Dec 8, 2025affected >= 4.17.0, < 5.4.243fixed 5.4.243
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() When if_type equals zero and pci_resource_start(pdev, PCI_64BIT_BAR4) returns false, drbl_regs_memmap_p is not remapped. This passes a NULL pointer to
- CVE-2023-53753Dec 8, 2025affected >= 4.15.0, < 6.1.16fixed 6.1.16
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address [Why] There is an issue mapping non-allocated location of memory. It would allocate gpio registers from an array out of bounds. [How] Patch correct numbers
- CVE-2023-53752Dec 8, 2025affected < 6.1.54fixed 6.1.54
In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmalloc_reserve() Blamed commit changed: ptr = kmalloc(size); if (ptr) size = ksize(ptr); size = kmalloc_size_roundup(size); ptr = kmalloc(size); This
- CVE-2023-53751Dec 8, 2025affected >= 5.0.0, < 6.1.28fixed 6.1.28
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then p
- CVE-2023-53750Dec 8, 2025affected >= 6.2.0, < 6.3.13fixed 6.3.13
In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when num_configs is 1 The config passed in by pad wakeup is 1, when num_configs is 1, Configuration [1] should not be fetched, which will be detected by KASAN as a
- CVE-2023-53748Dec 8, 2025affected >= 4.10.0, < 6.1.30fixed 6.1.30
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup variable *nplanes is provided by user via system call argument. The possible value of q_data->fmt->num_planes is 1-3, while the
- CVE-2023-53747Dec 8, 2025affected >= 2.6.38, < 4.14.327fixed 4.14.327
In the Linux kernel, the following vulnerability has been resolved: vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF After a call to console_unlock() in vcs_write() the vc_data struct can be freed by vc_port_destruct(). Because of that, the struct vc
- CVE-2023-53746Dec 8, 2025affected >= 4.20.0, < 5.4.240fixed 5.4.240
In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfio_ap device driver The device release callback function invoked to release the matrix device uses the dev_get_drvdata(device *dev) function to retrieve the pointer to the vfi
- CVE-2023-53745Dec 8, 2025affected >= 4.17.0, < 4.19.276fixed 4.19.276
In the Linux kernel, the following vulnerability has been resolved: um: vector: Fix memory leak in vector_config If the return value of the uml_parse_vector_ifspec function is NULL, we should call kfree(params) to prevent memory leak.
- CVE-2023-53744Dec 8, 2025affected >= 5.2.0, < 5.10.180fixed 5.10.180
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe wkup_m3_ipc_get() takes refcount, which should be freed by wkup_m3_ipc_put(). Add missing refcount release in the error paths.
- CVE-2023-53743Dec 8, 2025affected < 6.1.53fixed 6.1.53
In the Linux kernel, the following vulnerability has been resolved: PCI: Free released resource after coalescing release_resource() doesn't actually free the resource or resource list entry so free the resource list entry to avoid a leak.
Page 66 of 88