CVE-2023-53597

In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection. But we do not return the mi...

CVE-2023-53593

In the Linux kernel, the following vulnerability has been resolved: cifs: Release folio lock on fscache read hit. Under the current code, when cifsreadpageworker is called, the call contract is that the callee should unlock the page. This is documented in the readfolio section of...

CVE-2023-53589

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware nchannels If the firmware sends us a corrupted MCC response with nchannels much larger than the command response can be, we might copy far too much uninitialized memory and even crash if t...

CVE-2022-50505

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in pprnotifier As comment of pcigetdomainbusandslot says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling...

CVE-2022-50502

Removed by vendor...

CVE-2022-50501

In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcodairamalloc As the codairamalloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others...

CVE-2022-50497

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: fix shift-out-of-bounds in checkspecialflags UBSAN reported a shift-out-of-bounds warning: left shift of 1 by 31 places cannot be represented in type 'int' Call Trace: dumpstack lib/dumpstack.c:88 inline...

CVE-2022-50496

In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in destroy...

CVE-2023-53574

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtwcoredeinit', shrink critical section in the latter by freeing...

CVE-2023-53573

In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Fix suspend/resume Disabling the cache in commit 2ff4ba9e3702 "clk: rs9: Fix I2C accessors" without removing cache synchronization in resume path results in a kernel panic as map-cacheops is unset, due to REGCACHENONE...

CVE-2023-53566

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix null deref on element insertion There is no guarantee that rbprev will not return NULL in nftrbtreegcelem: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 1 PREEM...

CVE-2023-53550

In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix global sysfs attribute type In commit 3666062b87ec "cpufreq: amd-pstate: move to use busgetdevroot" the "amdpstate" attributes where moved from a dedicated kobject to the cpu root kobject. While the...

CVE-2023-53549

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When adding/deleting large number of elements in one step in ipset, it can take a reasonable amount of time and can result in soft lockup errors. The patch...

CVE-2023-53543

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add max vqp attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr pointe...

CVE-2023-53535

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for oversized packets Occasionnaly we may get oversized packets from the hardware which exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early check which drops the packet to avoid...

CVE-2023-53533

In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpitsprobe rpifirmwareget take reference, we need to release it in error paths as well. Use devmrpifirmwareget helper to handling the resources. Also remove the existing rpifirmwareput...

CVE-2022-50487

Removed by vendor...

CVE-2022-50484

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, when -ENOMEM hits at th...

CVE-2022-50481

In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlguestinitafu|adapter If deviceregister fails in cxlregisterafu|adapter, the device is not added, deviceunregister can not be called in the error path, otherwise it will cause a null-ptr-dere...

CVE-2022-50471

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized PV Xen domains: User process sets up a gntdev mapping composed of two grant...