linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53710 | — | >= 6.0.0, < 6.1.16 | 6.1.16 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read Kernel NULL pointer dereference when ACPI SAR table isn't implemented well. Fix the error code of return to mark the ACPI SAR table as invalid. | ||
| CVE-2023-53709 | — | >= 5.7.0, < 5.10.173 | 5.10.173 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Handle race between rb_move_tail and rb_check_pages It seems a data race between ring_buffer writing and integrity check. That is, RB_FLAG of head_page is been updating, while at same time RB_FLAG | ||
| CVE-2023-53708 | — | >= 5.11.0, < 5.15.133 | 5.15.133 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explic | ||
| CVE-2023-53707 | — | >= 4.2.0, < 6.1.47 | 6.1.47 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause unini | ||
| CVE-2023-53706 | — | >= 5.19.0, < 6.3.5 | 6.3.5 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/vmemmap/devdax: fix kernel crash when probing devdax devices commit 4917f55b4ef9 ("mm/sparse-vmemmap: improve memory savings for compound devmaps") added support for using optimized vmmemap for devdax device | ||
| CVE-2023-53705 | — | >= 2.6.19, < 4.14.316 | 4.14.316 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Veri | ||
| CVE-2023-53704 | — | >= 5.6.0, < 5.10.188 | 5.10.188 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe() Replace of_iomap() and kzalloc() with devm_of_iomap() and devm_kzalloc() which can automatically release the related memory when the device | ||
| CVE-2023-53703 | — | >= 6.0.0, < 6.1.40 | 6.1.40 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... [ 6.120512] UBS | ||
| CVE-2023-53702 | — | >= 5.19.0, < 6.1.30 | 6.1.30 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 ("crypto: s390 - add crypto library interface for ChaCha20") added a library interface to the s390 specific ChaCha20 imple | ||
| CVE-2023-53700 | — | >= 5.9.0, < 5.10.173 | 5.10.173 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fix memleak in max9286_v4l2_register() There is a kmemleak when testing the media/i2c/max9286.c with bpf mock device: kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) un | ||
| CVE-2023-53699 | — | >= 5.3.0, < 5.15.121 | 5.15.121 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: riscv: move memblock_allow_resize() after linear mapping is ready The initial memblock metadata is accessed from kernel image mapping. The regions arrays need to "reallocated" from memblock and accessed through | ||
| CVE-2023-53698 | — | < 5.15.127 | 5.15.127 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: xsk: fix refcount underflow in error path Fix a refcount underflow problem reported by syzbot that can happen when a system is running out of memory. If xp_alloc_tx_descs() fails, and it can only fail due to no | ||
| CVE-2023-53697 | — | >= 5.18.0, < 6.1.53 | 6.1.53 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() Memory pointed by 'nd_pmu->pmu.attr_groups' is allocated in function 'register_nvdimm_pmu' and is lost after 'kfree(nd_pmu)' call in function 'u | ||
| CVE-2023-53696 | — | >= 4.16.0, < 5.15.107 | 5.15.107 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 (size 12288): comm "modprobe", pid 19117, jiffies 4299751452 (age | ||
| CVE-2023-53695 | — | >= 3.18.0, < 4.19.278 | 4.19.278 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the f | ||
| CVE-2023-53694 | — | >= 5.12.0, < 6.1.23 | 6.1.23 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixup panic by disabling preemption In RISCV, we must use an AUIPC + JALR pair to encode an immediate, forming a jump that jumps to an address over 4K. This may cause errors if we want to enable | ||
| CVE-2023-53693 | — | >= 5.7.0, < 5.10.190 | 5.10.190 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_dev->count happens before invoke the raw_queue_event(), if the raw_queue_event() return error, invoke raw_release() will not trigg | ||
| CVE-2023-53692 | — | < 4.19.271 | 4.19.271 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-00 | ||
| CVE-2022-50582 | — | >= 5.9.0, < 5.10.150 | 5.10.150 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to poll_enabled_time that is not integer time_remaining underflows and does not exit the loop as expected. As delay could be derived from DT | ||
| CVE-2022-50581 | — | >= 2.6.12, < 4.9.337 | 4.9.337 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in __hfs_brec_find Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_strcmp+0x117/0x190 fs/hfs/string.c: |
- CVE-2023-53710Oct 22, 2025affected >= 6.0.0, < 6.1.16fixed 6.1.16
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read Kernel NULL pointer dereference when ACPI SAR table isn't implemented well. Fix the error code of return to mark the ACPI SAR table as invalid.
- CVE-2023-53709Oct 22, 2025affected >= 5.7.0, < 5.10.173fixed 5.10.173
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Handle race between rb_move_tail and rb_check_pages It seems a data race between ring_buffer writing and integrity check. That is, RB_FLAG of head_page is been updating, while at same time RB_FLAG
- CVE-2023-53708Oct 22, 2025affected >= 5.11.0, < 5.15.133fixed 5.15.133
In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explic
- CVE-2023-53707Oct 22, 2025affected >= 4.2.0, < 6.1.47fixed 6.1.47
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause unini
- CVE-2023-53706Oct 22, 2025affected >= 5.19.0, < 6.3.5fixed 6.3.5
In the Linux kernel, the following vulnerability has been resolved: mm/vmemmap/devdax: fix kernel crash when probing devdax devices commit 4917f55b4ef9 ("mm/sparse-vmemmap: improve memory savings for compound devmaps") added support for using optimized vmmemap for devdax device
- CVE-2023-53705Oct 22, 2025affected >= 2.6.19, < 4.14.316fixed 4.14.316
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Veri
- CVE-2023-53704Oct 22, 2025affected >= 5.6.0, < 5.10.188fixed 5.10.188
In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe() Replace of_iomap() and kzalloc() with devm_of_iomap() and devm_kzalloc() which can automatically release the related memory when the device
- CVE-2023-53703Oct 22, 2025affected >= 6.0.0, < 6.1.40fixed 6.1.40
In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... [ 6.120512] UBS
- CVE-2023-53702Oct 22, 2025affected >= 5.19.0, < 6.1.30fixed 6.1.30
In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 ("crypto: s390 - add crypto library interface for ChaCha20") added a library interface to the s390 specific ChaCha20 imple
- CVE-2023-53700Oct 22, 2025affected >= 5.9.0, < 5.10.173fixed 5.10.173
In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fix memleak in max9286_v4l2_register() There is a kmemleak when testing the media/i2c/max9286.c with bpf mock device: kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) un
- CVE-2023-53699Oct 22, 2025affected >= 5.3.0, < 5.15.121fixed 5.15.121
In the Linux kernel, the following vulnerability has been resolved: riscv: move memblock_allow_resize() after linear mapping is ready The initial memblock metadata is accessed from kernel image mapping. The regions arrays need to "reallocated" from memblock and accessed through
- CVE-2023-53698Oct 22, 2025affected < 5.15.127fixed 5.15.127
In the Linux kernel, the following vulnerability has been resolved: xsk: fix refcount underflow in error path Fix a refcount underflow problem reported by syzbot that can happen when a system is running out of memory. If xp_alloc_tx_descs() fails, and it can only fail due to no
- CVE-2023-53697Oct 22, 2025affected >= 5.18.0, < 6.1.53fixed 6.1.53
In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() Memory pointed by 'nd_pmu->pmu.attr_groups' is allocated in function 'register_nvdimm_pmu' and is lost after 'kfree(nd_pmu)' call in function 'u
- CVE-2023-53696Oct 22, 2025affected >= 4.16.0, < 5.15.107fixed 5.15.107
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 (size 12288): comm "modprobe", pid 19117, jiffies 4299751452 (age
- CVE-2023-53695Oct 22, 2025affected >= 3.18.0, < 4.19.278fixed 4.19.278
In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the f
- CVE-2023-53694Oct 22, 2025affected >= 5.12.0, < 6.1.23fixed 6.1.23
In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixup panic by disabling preemption In RISCV, we must use an AUIPC + JALR pair to encode an immediate, forming a jump that jumps to an address over 4K. This may cause errors if we want to enable
- CVE-2023-53693Oct 22, 2025affected >= 5.7.0, < 5.10.190fixed 5.10.190
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_dev->count happens before invoke the raw_queue_event(), if the raw_queue_event() return error, invoke raw_release() will not trigg
- CVE-2023-53692Oct 22, 2025affected < 4.19.271fixed 4.19.271
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-00
- CVE-2022-50582Oct 22, 2025affected >= 5.9.0, < 5.10.150fixed 5.10.150
In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to poll_enabled_time that is not integer time_remaining underflows and does not exit the loop as expected. As delay could be derived from DT
- CVE-2022-50581Oct 22, 2025affected >= 2.6.12, < 4.9.337fixed 4.9.337
In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in __hfs_brec_find Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_strcmp+0x117/0x190 fs/hfs/string.c:
Page 84 of 88