BELL-CVE-2023-53461

Bulletin has no description...

BELL-CVE-2023-53480

Bulletin has no description...

BELL-CVE-2023-53456

Bulletin has no description...

BELL-CVE-2023-53457

Bulletin has no description...

BELL-CVE-2023-53458

Bulletin has no description...

MINI-J7JX-GQR8-93QM

Bulletin has no description...

DEBIAN-CVE-2025-59681

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...

DEBIAN-CVE-2023-53529

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Fix memory leak in rtw88usb Kmemleak shows the following leak arising from routine in the usb probe routine: unreferenced object 0xffff895cb29bba00 size 512: comm "udev-worker", pid 534, jiffies 4294903932 age...

DEBIAN-CVE-2023-53526

In the Linux kernel, the following vulnerability has been resolved: jbd2: check 'jh-btransaction' before removing it from checkpoint Following process will corrupt ext4 image: Step 1: jbd2journalcommittransaction jbd2journalinsertcheckpointjh, committransaction // Put jh into trans1-tcheckpointli...

DEBIAN-CVE-2023-53528

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix unsafe drain work queue code If createqp does not fully succeed it is possible for qp cleanup code to attempt to drain the send or recv work queues before the queues have been created causing a seg fault. This patch...

DEBIAN-CVE-2023-53531

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix poll request timeout handling When doing iouring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. 1 BUG: kernel NULL pointer dereference, address:...

DEBIAN-CVE-2023-53521

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in sesintfremove A fix for: BUG: KASAN: slab-out-of-bounds in sesintfremove+0x23f/0x270 ses Read of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013 When edev-components is zero, accessing...

DEBIAN-CVE-2023-53524

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: Fix integer overflow in iwlwritetouserbuf An integer overflow occurs in the iwlwritetouserbuf function, which is called by the iwldbgfsmonitordataread function. static bool iwlwritetouserbufchar user userbuf,...

DEBIAN-CVE-2023-53515

In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vmdev vmdev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vmdev struct with devres totally breaks this...

DEBIAN-CVE-2023-53508

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to start device if queue setup is interrupted In ublkctrlstartdev, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDSTARTDEV, otherwise kernel...

DEBIAN-CVE-2023-53507

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister devlink params in case interface is down Currently, in case an interface is down, mlx5 driver doesn't unregister its devlink params, which leads to this WARN1. Fix it by unregistering devlink params in that...

DEBIAN-CVE-2023-53509

In the Linux kernel, the following vulnerability has been resolved: qed: allow sleep in qedmcptracedump By default, qedmcpcmdandunion delays 10us at a time in a loop that can run 500K times, so calls to qedmcpnvmrdcmd may block the current thread for over 5s. We observed thread scheduling delays...

DEBIAN-CVE-2023-53503

In the Linux kernel, the following vulnerability has been resolved: ext4: allow ext4getgroupinfo to fail Previously, ext4getgroupinfo would treat an invalid group number as BUG, since in theory it should never happen. However, if a malicious attaker or fuzzer modifies the superblock via the block...

DEBIAN-CVE-2023-53490

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b "mptcp: fix possible divide by zero in recvmsg", the mptcp protocol is still prone to a race between disconnect or shutdown and accept. The root cause is that the...

DEBIAN-CVE-2023-53492

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not ignore genmask when looking up chain by id When adding a rule to a chain referring to its ID, if that chain had been deleted on the same batch, the rule might end up referring to a deleted chain. This...