linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53730 | — | >= 5.10.0, < 5.10.188 | 5.10.188 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost adjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabled when unlock. DEADLOCK might happen if we have held other locks and disabl | ||
| CVE-2023-53729 | — | >= 4.16.0, < 4.19.295 | 4.19.295 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmi_encdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAX_LEN + 1. If a string is actually MAX_LE | ||
| CVE-2023-53728 | — | >= 3.10.0, < 4.14.322 | 4.14.322 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posix_timer_add() tries to allocate a posix timer ID by starting from the cached ID which was stored by the last successful allocation. This is done in | ||
| CVE-2023-53727 | — | >= 5.6.0, < 5.10.195 | 5.10.195 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: avoid stalls in fq_pie_timer() When setting a high number of flows (limit being 65536), fq_pie_timer() is currently using too much time as syzbot reported. Add logic to yield the cpu every 2 | ||
| CVE-2023-53726 | — | >= 5.6.0, < 5.10.195 | 5.10.195 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c ("arm64: csum: Fix pathological zero-length calls") added an early return for zero-length input, syzkaller has p | ||
| CVE-2023-53725 | — | >= 3.10.0, < 4.19.291 | 4.19.291 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttc_timer_probe() warn: 'timer_baseaddr' from of_iomap() not released on lines: 49 | ||
| CVE-2023-53724 | — | >= 2.6.29, < 4.14.308 | 4.14.308 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() `req` is allocated in pcf50633_adc_async_read(), but adc_enqueue_request() could fail to insert the `req` into queue. We need to check the r | ||
| CVE-2023-53723 | — | >= 4.2.0, < 5.4.243 | 5.4.243 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdma_v4_0_ip is shared on a few asics, but in sdma_v4_0_hw_fini, driver unconditionally disables ecc_irq which is only enabled on those | ||
| CVE-2023-53722 | — | >= 3.3.0, < 4.14.326 | 4.14.326 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows | ||
| CVE-2023-53721 | — | >= 6.3.0, < 6.5.5 | 6.5.5 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix a NULL pointer dereference in ath12k_mac_op_hw_scan() In ath12k_mac_op_hw_scan(), the return value of kzalloc() is directly used in memcpy(), which may lead to a NULL pointer dereference on fa | ||
| CVE-2023-53720 | — | >= 6.3.0, < 6.3.2 | 6.3.2 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Release the label when replacing existing ct entry Cited commit doesn't release the label mapping when replacing existing ct entry which leads to following memleak report: unreferenced object 0xffff | ||
| CVE-2023-53719 | — | >= 3.17.0, < 4.19.284 | 4.19.284 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631. In arc_serial_p | ||
| CVE-2023-53718 | — | >= 3.5.0, < 5.10.192 | 5.10.192 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in | ||
| CVE-2023-53717 | — | >= 2.6.35, < 4.14.308 | 4.14.308 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wm | ||
| CVE-2023-53716 | — | >= 4.14.315, < 4.14.316 | 4.14.316 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in __skb_tstamp_tx() Commit 50749f2dd685 ("tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.") added a call to skb_orphan_frags_rx() to fix leaks with zerocopy skbs. But it ende | ||
| CVE-2023-53715 | — | >= 4.13.0, < 4.14.316 | 4.14.316 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in bin | ||
| CVE-2023-53714 | — | >= 5.18.0, < 6.1.47 | 6.1.47 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a container_of() before the pointer check. This could cause a kernel panic. Fix this smatch warning: | ||
| CVE-2023-53713 | — | >= 5.16.0, < 6.1.39 | 6.1.39 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 and 256 bits in size depending upon the configured vector length. When saving the | ||
| CVE-2023-53712 | — | >= 2.6.38, < 5.15.133 | 5.15.133 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdcb8039c ("smp: Warn on fun | ||
| CVE-2023-53711 | — | >= 5.7.0, < 5.10.195 | 5.10.195 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it sy |
- CVE-2023-53730Oct 22, 2025affected >= 5.10.0, < 5.10.188fixed 5.10.188
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost adjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabled when unlock. DEADLOCK might happen if we have held other locks and disabl
- CVE-2023-53729Oct 22, 2025affected >= 4.16.0, < 4.19.295fixed 4.19.295
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmi_encdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAX_LEN + 1. If a string is actually MAX_LE
- CVE-2023-53728Oct 22, 2025affected >= 3.10.0, < 4.14.322fixed 4.14.322
In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posix_timer_add() tries to allocate a posix timer ID by starting from the cached ID which was stored by the last successful allocation. This is done in
- CVE-2023-53727Oct 22, 2025affected >= 5.6.0, < 5.10.195fixed 5.10.195
In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: avoid stalls in fq_pie_timer() When setting a high number of flows (limit being 65536), fq_pie_timer() is currently using too much time as syzbot reported. Add logic to yield the cpu every 2
- CVE-2023-53726Oct 22, 2025affected >= 5.6.0, < 5.10.195fixed 5.10.195
In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c ("arm64: csum: Fix pathological zero-length calls") added an early return for zero-length input, syzkaller has p
- CVE-2023-53725Oct 22, 2025affected >= 3.10.0, < 4.19.291fixed 4.19.291
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttc_timer_probe() warn: 'timer_baseaddr' from of_iomap() not released on lines: 49
- CVE-2023-53724Oct 22, 2025affected >= 2.6.29, < 4.14.308fixed 4.14.308
In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() `req` is allocated in pcf50633_adc_async_read(), but adc_enqueue_request() could fail to insert the `req` into queue. We need to check the r
- CVE-2023-53723Oct 22, 2025affected >= 4.2.0, < 5.4.243fixed 5.4.243
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdma_v4_0_ip is shared on a few asics, but in sdma_v4_0_hw_fini, driver unconditionally disables ecc_irq which is only enabled on those
- CVE-2023-53722Oct 22, 2025affected >= 3.3.0, < 4.14.326fixed 4.14.326
In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows
- CVE-2023-53721Oct 22, 2025affected >= 6.3.0, < 6.5.5fixed 6.5.5
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix a NULL pointer dereference in ath12k_mac_op_hw_scan() In ath12k_mac_op_hw_scan(), the return value of kzalloc() is directly used in memcpy(), which may lead to a NULL pointer dereference on fa
- CVE-2023-53720Oct 22, 2025affected >= 6.3.0, < 6.3.2fixed 6.3.2
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Release the label when replacing existing ct entry Cited commit doesn't release the label mapping when replacing existing ct entry which leads to following memleak report: unreferenced object 0xffff
- CVE-2023-53719Oct 22, 2025affected >= 3.17.0, < 4.19.284fixed 4.19.284
In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631. In arc_serial_p
- CVE-2023-53718Oct 22, 2025affected >= 3.5.0, < 5.10.192fixed 5.10.192
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in
- CVE-2023-53717Oct 22, 2025affected >= 2.6.35, < 4.14.308fixed 4.14.308
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wm
- CVE-2023-53716Oct 22, 2025affected >= 4.14.315, < 4.14.316fixed 4.14.316
In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in __skb_tstamp_tx() Commit 50749f2dd685 ("tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.") added a call to skb_orphan_frags_rx() to fix leaks with zerocopy skbs. But it ende
- CVE-2023-53715Oct 22, 2025affected >= 4.13.0, < 4.14.316fixed 4.14.316
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in bin
- CVE-2023-53714Oct 22, 2025affected >= 5.18.0, < 6.1.47fixed 6.1.47
In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a container_of() before the pointer check. This could cause a kernel panic. Fix this smatch warning:
- CVE-2023-53713Oct 22, 2025affected >= 5.16.0, < 6.1.39fixed 6.1.39
In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 and 256 bits in size depending upon the configured vector length. When saving the
- CVE-2023-53712Oct 22, 2025affected >= 2.6.38, < 5.15.133fixed 5.15.133
In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdcb8039c ("smp: Warn on fun
- CVE-2023-53711Oct 22, 2025affected >= 5.7.0, < 5.10.195fixed 5.10.195
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it sy
Page 83 of 88