Skip to main content

Linux

12819 CVEs vendor

Monthly

CVE-2022-50515 MEDIUM PATCH This Month

A memory leak vulnerability exists in the Linux kernel's AMD GPU (amdgpu) driver within the hpd_rx_irq_create_workqueue() function, where allocated memory for work queue structures fails to be properly freed if workqueue construction fails partway through initialization. This affects all Linux kernel versions with the vulnerable amdgpu driver code and requires local access with low privileges to trigger. An attacker can repeatedly trigger this condition to exhaust kernel memory and cause a denial of service, though the EPSS score of 0.01% indicates this is rarely exploited in practice. Patches are available from the Linux kernel stable branches.

Linux Memory Corruption Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2022-50514 MEDIUM PATCH This Month

A reference count leak exists in the Linux kernel's USB HID gadget driver (f_hid module) where the opts->refcnt is incremented but not properly decremented when report_desc allocation fails, leaving the options structure permanently locked and causing a denial of service condition. This affects all Linux kernel versions running the vulnerable USB gadget code path and requires local privilege to trigger. While the CVSS score is 5.5 (medium) and EPSS is extremely low at 0.01th percentile, patches are available from multiple stable kernel branches, indicating this is a real but low-priority issue with no known active exploitation.

Linux Denial Of Service Memory Corruption Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2022-50513 MEDIUM PATCH This Month

A memory leak vulnerability exists in the Linux kernel's rtl8723bs WiFi driver initialization function rtw_init_cmd_priv(), where failure to allocate the response command buffer leaves the command buffer allocation unreleased. This affects all Linux kernel versions containing the vulnerable staging driver code and can be exploited by local attackers with low privileges to cause a denial of service through memory exhaustion. The vulnerability has a vendor-provided patch available across multiple stable kernel branches, and the EPSS score of 0.01% indicates minimal real-world exploitation probability despite the moderate CVSS 5.5 rating.

Linux Memory Corruption Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2022-50512 MEDIUM PATCH This Month

A memory leak vulnerability exists in the Linux kernel's ext4 fast commit (fc) implementation within the ext4_fc_record_regions() function. The vulnerability occurs when krealloc() fails and returns NULL, causing the function to improperly handle the state->fc_regions pointer, leaving allocated memory unreferenced and unable to be freed. This affects all Linux kernel versions with the vulnerable code path, allowing local attackers with unprivileged user access to exhaust kernel memory and trigger denial of service conditions. While the EPSS score of 0.01% indicates low real-world exploitation probability and no active exploitation is tracked in KEV data, the availability impact is high (CVSS score 5.5), and patches have been made available across multiple stable kernel branches.

Linux Memory Corruption Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2022-50511 MEDIUM PATCH This Month

This vulnerability is an undefined behavior issue in the Linux kernel's font handling code where a signed 32-bit left shift by 31 bits violates C language semantics, detected by UBSAN (Undefined Behavior Sanitizer). The vulnerability affects multiple Linux kernel versions starting from 2.6.23 and can be triggered by local users with low privileges during framebuffer console initialization, leading to denial of service through undefined behavior exploitation. While the EPSS score is extremely low at 0.01% (percentile 3%), patches are available from the kernel vendor and the issue has been resolved in stable releases.

Linux Integer Overflow Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2022-50510 MEDIUM PATCH This Month

A resource cleanup vulnerability exists in the Linux kernel's ARM SMMUv3 Performance Monitoring Unit (PMU) initialization code where a CPU hotplug callback registered via cpuhp_setup_state_multi() is not properly removed if platform_driver_register() fails, leading to a use-after-free condition. This affects Linux kernel versions across multiple stable branches and can be exploited by local attackers with limited privileges to trigger a denial of service through kernel panic or memory corruption. The vulnerability has a patch available from multiple kernel branches, with an EPSS score of 0.01% indicating low real-world exploitation probability despite the moderate CVSS 5.5 score.

Linux Denial Of Service Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2022-50509 MEDIUM PATCH This Month

A null pointer dereference vulnerability exists in the Linux kernel's Coda media driver due to missing validation of kmalloc return values. An unprivileged local attacker can trigger a denial of service condition by causing the kernel to dereference a null pointer, resulting in a system crash or hang. The vulnerability affects multiple Linux kernel versions across stable branches, though exploitation likelihood is low (EPSS 0.01%) and patches are readily available from vendors.

Linux Null Pointer Dereference Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53616 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount syzbot found an invalid-free in diUnmount: BUG: KASAN: double-free in slab_free mm/slub.c:3661 [inline] BUG: KASAN:...

Information Disclosure Linux Google Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53615 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption.

Denial Of Service Race Condition Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53614 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix race with VMA iteration and mm_struct teardown exit_mmap() will tear down the VMAs and maple tree with the mmap_lock held in write mode.

Race Condition Information Disclosure Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53613 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: dax: Fix dax_mapping_release() use after free A CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region provider (like modprobe -r dax_hmem) yields: kobject:...

Denial Of Service Linux Memory Corruption Use After Free Linux Kernel +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53612 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Simplify platform device handling Coretemp's platform driver is unconventional.

Denial Of Service Null Pointer Dereference Linux Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53611 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid...

Information Disclosure Linux Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53610 MEDIUM PATCH This Month

CVE-2023-53610 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53609 MEDIUM POC PATCH This Month

CVE-2023-53609 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.

Information Disclosure Linux Linux Kernel Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53608 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() The finalization of nilfs_segctor_thread() can race with nilfs_segctor_kill_thread() which terminates...

Information Disclosure Linux Memory Corruption Use After Free Red Hat +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53607 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fix BUG_ON in probe function The snd_dma_buffer.bytes field now contains the aligned size, which this snd_BUG_ON() did not account for, resulting in the...

Authentication Bypass Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53606 MEDIUM PATCH This Month

CVE-2023-53606 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53605 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm: amd: display: Fix memory leakage This commit fixes memory leakage in dc_construct_ctx() function.

Information Disclosure Linux Amd Red Hat Suse +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53604 HIGH PATCH This Week

CVE-2023-53604 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53603 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced.

Denial Of Service Null Pointer Dereference Linux Red Hat Suse +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53602 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53601 MEDIUM POC PATCH This Month

CVE-2023-53601 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.

Information Disclosure Linux Google Red Hat Suse +1
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53600 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in...

Buffer Overflow Information Disclosure Linux Red Hat Suse +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2023-53599 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix missing initialisation affecting gcm-aes-s390 Fix af_alg_alloc_areq() to initialise areq->first_rsgl.sgl.sgt.sgl to point to the scatterlist array in...

Denial Of Service Null Pointer Dereference Linux Red Hat Suse +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53598 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBOFF registers is outside the range of the MHI register space then an invalid address...

Denial Of Service Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53597 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT),...

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53596 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only gets called if the device has a bus and has been probed.

Information Disclosure Linux
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53595 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: mcs: Fix NULL pointer dereferences When system is rebooted after creating macsec interface below NULL pointer dereference crashes occurred.

Denial Of Service Null Pointer Dereference Linux Red Hat Suse +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53594 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: driver core: fix resource leak in device_add() When calling kobject_add() failed in device_add(), it will call cleanup_glue_dir() to free resource.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53593 MEDIUM PATCH This Month

CVE-2023-53593 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53592 MEDIUM PATCH This Month

CVE-2023-53592 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53591 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlock in tc route query code Cited commit causes ABBA deadlock[0] when peer flows are created while holding the devcom rw semaphore.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53590 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop With this refcnt added in sctp_stream_priorities, we don't need to traverse all streams to check if the prio is...

Buffer Overflow Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53589 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware n_channels If the firmware sends us a corrupted MCC response with n_channels much larger than the command response can be, we might copy...

Denial Of Service Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53588 MEDIUM PATCH This Month

CVE-2023-53588 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53587 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works before buffer destruction If something was written to the buffer just before destruction, it may be possible

Denial Of Service Linux Memory Corruption Use After Free Red Hat +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53586 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUN_RESET handling This fixes a bug where an initiator thinks a LUN_RESET has cleaned up running commands when it hasn't.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53585 MEDIUM PATCH This Month

CVE-2023-53585 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53584 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifs_releasepage: Remove ubifs_assert(0) to valid this process There are two states for ubifs writing pages: 1.

Denial Of Service Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53583 MEDIUM PATCH This Month

CVE-2023-53583 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Buffer Overflow Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53582 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated...

Buffer Overflow Denial Of Service Null Pointer Dereference Linux Red Hat +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53581 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the necessary lock.

Denial Of Service Race Condition Linux Canonical Red Hat +2
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-53580 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: core: Help prevent panic during UVC unconfigure Avichal Rakesh reported a kernel panic that occurred when the UVC gadget driver was removed from a gadget's...

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53579 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53578 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() Syzbot reported a bug as following: ===================================================== BUG: KMSAN:...

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53577 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdp_redirect_cpu with some RT threads: ...

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53576 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: null_blk: Always check queue mode setting from configfs Make sure to check device queue mode in the null_validate_conf() and return error for NULL_Q_RQ as we don't allow legacy...

Denial Of Service Null Pointer Dereference Linux Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53575 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWL_SEC_WEP_KEY_OFFSET when needed while verifying key_len size in iwl_mvm_sec_key_add().

Buffer Overflow Information Disclosure Linux Red Hat Suse +1
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2023-53574 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in...

Denial Of Service Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53573 MEDIUM PATCH This Month

CVE-2023-53573 is a security vulnerability (CVSS 5.5) that allows flat cache again. Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53572 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use _safe list iterator to avoid a use after free This loop is freeing "clk" so it needs to use list_for_each_entry_safe().

Denial Of Service Linux Memory Corruption Use After Free Red Hat +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53571 MEDIUM PATCH This Month

CVE-2023-53571 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53570 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems() nl80211_parse_mbssid_elems() uses a u8 variable num_elems to count the number of MBSSID elements in the nested...

Buffer Overflow Linux Integer Overflow Red Hat Suse +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53569 HIGH PATCH This Week

CVE-2023-53569 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Buffer Overflow Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53568 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if dev_set_name() fails When dev_set_name() fails, zcdn_create() doesn't free the newly allocated resources.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53567 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: spi: qup: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53566 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix null deref on element insertion There is no guarantee that rb_prev() will not return NULL in nft_rbtree_gc_elem(): general protection fault,...

Denial Of Service Null Pointer Dereference Linux Canonical Red Hat +2
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53565 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check for probe() id argument being NULL The probe() id argument may be NULL in 2 scenarios: 1. brcmf_pcie_pm_leave_D3() calling brcmf_pcie_probe() to reprobe ...

Denial Of Service Null Pointer Dereference Linux Dell Red Hat +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53564 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di ...

Denial Of Service Linux Oracle Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53563 MEDIUM PATCH This Month

CVE-2023-53563 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Amd Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53562 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix vram leak on bind errors Make sure to release the VRAM buffer also in a case a subcomponent fails to bind.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53561 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix NULL pointer dereference when removing device In suspend and resume cycle, the removal and rescan of device ends up in NULL pointer dereference.

Denial Of Service Null Pointer Dereference Linux Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53560 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to hist_vars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields.

Information Disclosure Linux Memory Corruption Use After Free Red Hat +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53559 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing.

Information Disclosure Linux Memory Corruption Use After Free Red Hat +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53558 MEDIUM PATCH This Month

CVE-2023-53558 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53557 MEDIUM PATCH This Month

CVE-2023-53557 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Canonical Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53556 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix use-after-free in free_netdev We do netif_napi_add() for all allocated q_vectors[], but potentially do netif_napi_del() for part of them, then kfree q_vectors and...

Information Disclosure Linux Memory Corruption Use After Free Red Hat +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53555 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damo_filter->list from damos_new_filter() damos_new_filter() is not initializing the list field of newly allocated filter object.

Denial Of Service Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53554 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user.

Buffer Overflow Linux Memory Corruption Red Hat Suse +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53553 MEDIUM PATCH This Month

CVE-2023-53553 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Buffer Overflow Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53552 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free References to i915_requests may be trapped by userspace inside a sync_file or dmabuf (dma-resv) and held...

Information Disclosure Linux Memory Corruption Use After Free Red Hat +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53551 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Add null pointer check in gserial_resume Consider a case where gserial_disconnect has already cleared gser->ioport.

Denial Of Service Null Pointer Dereference Linux Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53550 MEDIUM PATCH This Month

CVE-2023-53550 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Amd
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53549 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When adding/deleting large number of elements in one step in ipset, it can take a reasonable amount of...

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53548 MEDIUM PATCH This Month

CVE-2023-53548 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Google Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53547 MEDIUM PATCH This Month

CVE-2023-53547 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Canonical Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53546 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory pointed by 'in' is not released, which will...

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53545 MEDIUM PATCH This Month

CVE-2023-53545 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Amd
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53544 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driver().

Denial Of Service Linux Memory Corruption Use After Free Red Hat +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53543 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg.

Buffer Overflow Linux Memory Corruption
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53542 MEDIUM PATCH This Month

CVE-2023-53542 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Samsung Information Disclosure Linux Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53541 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on...

Buffer Overflow Linux Memory Corruption Red Hat Suse +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53540 MEDIUM PATCH This Month

CVE-2023-53540 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53539 MEDIUM PATCH This Month

CVE-2023-53539 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53538 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: insert tree mod log move in push_node_left There is a fairly unlikely race condition in tree mod log rewind that can result in a kernel panic which has the following...

Denial Of Service Null Pointer Dereference Linux Red Hat Suse +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53537 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free for cached IPU bio xfstest generic/019 reports a bug: kernel BUG at mm/filemap.c:1619!

Information Disclosure Linux Memory Corruption Use After Free Red Hat +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53536 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blk_crypto_evict_key() more robust If blk_crypto_evict_key() sees that the key is still in-use (due to a bug) or that ->keyslot_evict failed, it currently just...

Information Disclosure Linux Memory Corruption Use After Free Red Hat +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2023-53535 MEDIUM PATCH This Month

CVE-2023-53535 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat Suse Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2023-53534 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference.

Denial Of Service Null Pointer Dereference Linux Mediatek Red Hat +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A memory leak vulnerability exists in the Linux kernel's AMD GPU (amdgpu) driver within the hpd_rx_irq_create_workqueue() function, where allocated memory for work queue structures fails to be properly freed if workqueue construction fails partway through initialization. This affects all Linux kernel versions with the vulnerable amdgpu driver code and requires local access with low privileges to trigger. An attacker can repeatedly trigger this condition to exhaust kernel memory and cause a denial of service, though the EPSS score of 0.01% indicates this is rarely exploited in practice. Patches are available from the Linux kernel stable branches.

Linux Memory Corruption Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A reference count leak exists in the Linux kernel's USB HID gadget driver (f_hid module) where the opts->refcnt is incremented but not properly decremented when report_desc allocation fails, leaving the options structure permanently locked and causing a denial of service condition. This affects all Linux kernel versions running the vulnerable USB gadget code path and requires local privilege to trigger. While the CVSS score is 5.5 (medium) and EPSS is extremely low at 0.01th percentile, patches are available from multiple stable kernel branches, indicating this is a real but low-priority issue with no known active exploitation.

Linux Denial Of Service Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A memory leak vulnerability exists in the Linux kernel's rtl8723bs WiFi driver initialization function rtw_init_cmd_priv(), where failure to allocate the response command buffer leaves the command buffer allocation unreleased. This affects all Linux kernel versions containing the vulnerable staging driver code and can be exploited by local attackers with low privileges to cause a denial of service through memory exhaustion. The vulnerability has a vendor-provided patch available across multiple stable kernel branches, and the EPSS score of 0.01% indicates minimal real-world exploitation probability despite the moderate CVSS 5.5 rating.

Linux Memory Corruption Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A memory leak vulnerability exists in the Linux kernel's ext4 fast commit (fc) implementation within the ext4_fc_record_regions() function. The vulnerability occurs when krealloc() fails and returns NULL, causing the function to improperly handle the state->fc_regions pointer, leaving allocated memory unreferenced and unable to be freed. This affects all Linux kernel versions with the vulnerable code path, allowing local attackers with unprivileged user access to exhaust kernel memory and trigger denial of service conditions. While the EPSS score of 0.01% indicates low real-world exploitation probability and no active exploitation is tracked in KEV data, the availability impact is high (CVSS score 5.5), and patches have been made available across multiple stable kernel branches.

Linux Memory Corruption Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

This vulnerability is an undefined behavior issue in the Linux kernel's font handling code where a signed 32-bit left shift by 31 bits violates C language semantics, detected by UBSAN (Undefined Behavior Sanitizer). The vulnerability affects multiple Linux kernel versions starting from 2.6.23 and can be triggered by local users with low privileges during framebuffer console initialization, leading to denial of service through undefined behavior exploitation. While the EPSS score is extremely low at 0.01% (percentile 3%), patches are available from the kernel vendor and the issue has been resolved in stable releases.

Linux Integer Overflow Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A resource cleanup vulnerability exists in the Linux kernel's ARM SMMUv3 Performance Monitoring Unit (PMU) initialization code where a CPU hotplug callback registered via cpuhp_setup_state_multi() is not properly removed if platform_driver_register() fails, leading to a use-after-free condition. This affects Linux kernel versions across multiple stable branches and can be exploited by local attackers with limited privileges to trigger a denial of service through kernel panic or memory corruption. The vulnerability has a patch available from multiple kernel branches, with an EPSS score of 0.01% indicating low real-world exploitation probability despite the moderate CVSS 5.5 score.

Linux Denial Of Service Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A null pointer dereference vulnerability exists in the Linux kernel's Coda media driver due to missing validation of kmalloc return values. An unprivileged local attacker can trigger a denial of service condition by causing the kernel to dereference a null pointer, resulting in a system crash or hang. The vulnerability affects multiple Linux kernel versions across stable branches, though exploitation likelihood is low (EPSS 0.01%) and patches are readily available from vendors.

Linux Null Pointer Dereference Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount syzbot found an invalid-free in diUnmount: BUG: KASAN: double-free in slab_free mm/slub.c:3661 [inline] BUG: KASAN:...

Information Disclosure Linux Google +3
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption.

Denial Of Service Race Condition Linux +3
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix race with VMA iteration and mm_struct teardown exit_mmap() will tear down the VMAs and maple tree with the mmap_lock held in write mode.

Race Condition Information Disclosure Linux +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: dax: Fix dax_mapping_release() use after free A CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region provider (like modprobe -r dax_hmem) yields: kobject:...

Denial Of Service Linux Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Simplify platform device handling Coretemp's platform driver is unconventional.

Denial Of Service Null Pointer Dereference Linux +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid...

Information Disclosure Linux Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53610 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

CVE-2023-53609 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.

Information Disclosure Linux Linux Kernel +2
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() The finalization of nilfs_segctor_thread() can race with nilfs_segctor_kill_thread() which terminates...

Information Disclosure Linux Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fix BUG_ON in probe function The snd_dma_buffer.bytes field now contains the aligned size, which this snd_BUG_ON() did not account for, resulting in the...

Authentication Bypass Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53606 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm: amd: display: Fix memory leakage This commit fixes memory leakage in dc_construct_ctx() function.

Information Disclosure Linux Amd +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

CVE-2023-53604 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced.

Denial Of Service Null Pointer Dereference Linux +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

CVE-2023-53601 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.

Information Disclosure Linux Google +3
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in...

Buffer Overflow Information Disclosure Linux +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix missing initialisation affecting gcm-aes-s390 Fix af_alg_alloc_areq() to initialise areq->first_rsgl.sgl.sgt.sgl to point to the scatterlist array in...

Denial Of Service Null Pointer Dereference Linux +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBOFF registers is outside the range of the MHI register space then an invalid address...

Denial Of Service Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT),...

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only gets called if the device has a bus and has been probed.

Information Disclosure Linux
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: mcs: Fix NULL pointer dereferences When system is rebooted after creating macsec interface below NULL pointer dereference crashes occurred.

Denial Of Service Null Pointer Dereference Linux +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: driver core: fix resource leak in device_add() When calling kobject_add() failed in device_add(), it will call cleanup_glue_dir() to free resource.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53593 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53592 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlock in tc route query code Cited commit causes ABBA deadlock[0] when peer flows are created while holding the devcom rw semaphore.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop With this refcnt added in sctp_stream_priorities, we don't need to traverse all streams to check if the prio is...

Buffer Overflow Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware n_channels If the firmware sends us a corrupted MCC response with n_channels much larger than the command response can be, we might copy...

Denial Of Service Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53588 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works before buffer destruction If something was written to the buffer just before destruction, it may be possible

Denial Of Service Linux Memory Corruption +4
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUN_RESET handling This fixes a bug where an initiator thinks a LUN_RESET has cleaned up running commands when it hasn't.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53585 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifs_releasepage: Remove ubifs_assert(0) to valid this process There are two states for ubifs writing pages: 1.

Denial Of Service Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53583 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Buffer Overflow Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated...

Buffer Overflow Denial Of Service Null Pointer Dereference +4
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the necessary lock.

Denial Of Service Race Condition Linux +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: core: Help prevent panic during UVC unconfigure Avichal Rakesh reported a kernel panic that occurred when the UVC gadget driver was removed from a gadget's...

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach.

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() Syzbot reported a bug as following: ===================================================== BUG: KMSAN:...

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdp_redirect_cpu with some RT threads: ...

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: null_blk: Always check queue mode setting from configfs Make sure to check device queue mode in the null_validate_conf() and return error for NULL_Q_RQ as we don't allow legacy...

Denial Of Service Null Pointer Dereference Linux +3
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWL_SEC_WEP_KEY_OFFSET when needed while verifying key_len size in iwl_mvm_sec_key_add().

Buffer Overflow Information Disclosure Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in...

Denial Of Service Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53573 is a security vulnerability (CVSS 5.5) that allows flat cache again. Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use _safe list iterator to avoid a use after free This loop is freeing "clk" so it needs to use list_for_each_entry_safe().

Denial Of Service Linux Memory Corruption +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53571 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems() nl80211_parse_mbssid_elems() uses a u8 variable num_elems to count the number of MBSSID elements in the nested...

Buffer Overflow Linux Integer Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

CVE-2023-53569 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.

Buffer Overflow Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if dev_set_name() fails When dev_set_name() fails, zcdn_create() doesn't free the newly allocated resources.

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: spi: qup: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong.

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix null deref on element insertion There is no guarantee that rb_prev() will not return NULL in nft_rbtree_gc_elem(): general protection fault,...

Denial Of Service Null Pointer Dereference Linux +4
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check for probe() id argument being NULL The probe() id argument may be NULL in 2 scenarios: 1. brcmf_pcie_pm_leave_D3() calling brcmf_pcie_probe() to reprobe ...

Denial Of Service Null Pointer Dereference Linux +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di ...

Denial Of Service Linux Oracle +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53563 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Amd +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix vram leak on bind errors Make sure to release the VRAM buffer also in a case a subcomponent fails to bind.

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix NULL pointer dereference when removing device In suspend and resume cycle, the removal and rescan of device ends up in NULL pointer dereference.

Denial Of Service Null Pointer Dereference Linux +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to hist_vars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields.

Information Disclosure Linux Memory Corruption +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing.

Information Disclosure Linux Memory Corruption +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53558 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53557 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Canonical +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix use-after-free in free_netdev We do netif_napi_add() for all allocated q_vectors[], but potentially do netif_napi_del() for part of them, then kfree q_vectors and...

Information Disclosure Linux Memory Corruption +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damo_filter->list from damos_new_filter() damos_new_filter() is not initializing the list field of newly allocated filter object.

Denial Of Service Linux Red Hat +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user.

Buffer Overflow Linux Memory Corruption +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53553 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Buffer Overflow Linux Red Hat +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free References to i915_requests may be trapped by userspace inside a sync_file or dmabuf (dma-resv) and held...

Information Disclosure Linux Memory Corruption +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Add null pointer check in gserial_resume Consider a case where gserial_disconnect has already cleared gser->ioport.

Denial Of Service Null Pointer Dereference Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53550 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Amd
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When adding/deleting large number of elements in one step in ipset, it can take a reasonable amount of...

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53548 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Google +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53547 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Canonical +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory pointed by 'in' is not released, which will...

Information Disclosure Linux Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53545 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Amd
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driver().

Denial Of Service Linux Memory Corruption +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg.

Buffer Overflow Linux Memory Corruption
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53542 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Samsung Information Disclosure Linux +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on...

Buffer Overflow Linux Memory Corruption +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53540 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53539 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: btrfs: insert tree mod log move in push_node_left There is a fairly unlikely race condition in tree mod log rewind that can result in a kernel panic which has the following...

Denial Of Service Null Pointer Dereference Linux +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free for cached IPU bio xfstest generic/019 reports a bug: kernel BUG at mm/filemap.c:1619!

Information Disclosure Linux Memory Corruption +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blk_crypto_evict_key() more robust If blk_crypto_evict_key() sees that the key is still in-use (due to a bug) or that ->keyslot_evict failed, it currently just...

Information Disclosure Linux Memory Corruption +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2023-53535 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Information Disclosure Linux Red Hat +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference.

Denial Of Service Null Pointer Dereference Linux +4
NVD
Prev Page 36 of 143 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy