CVE-2022-50490

Summary: CVE-2022-50490 affects the Linux kernel bpf path in __htab_map_lookup_and_delete_batch, where a failed htab_lock_bucket() returning -EBUSY could cause silent bucket-skips, out-of-bounds memory access, or kernel memory exposure to userspace. Root cause: error from htab_lock_bucket() not p...

CVE-2022-50466

CVE-2022-50466 affects the Linux kernel, specifically the fs/binfmt_elf path in the load_elf_binary() function. The issue is a memory leak reported by kmemleak involving an unreferenced file object that can persist if memory allocation for the interpreter fails. The documented remediation in the ...

CVE-2022-50509

CVE-2022-50509 is a Linux kernel vulnerability in media: coda where kmalloc return value is not checked, risking NULL pointer dereference. The issue was fixed by adding a return-value check to kmalloc usage to prevent dereferencing a NULL pointer. Affected component: Linux kernel (media: coda) wi...

CVE-2023-53168

In the Linux kernel, CVE-2023-53168 affects the usb: ucsi_acpi timeout handling. The root cause was an increased command completion timeout (5s -> 60s) during alternate mode discovery, which was later reduced to 1s after switching to polled mode, causing issues on Lenovo ThinkPad X1 Yoga gen7 ...

CVE-2023-53175

CVE-2023-53175 — Linux kernel hv_pci_restore_msi_msg() panic during hibernation (Hyper-V guest). Affected component: Linux kernel PCI Hyper-V integration. Root cause: when a VM with an assigned PCI device hibernates and MSI-X/MSI is not yet enabled, hv_pci_restore_msi_msg() panics because pdev-&g...

CVE-2023-53176

CVE-2023-53176 affects the Linux kernel serial subsystem (8250) where unbinding a port-specific 8250 driver leaves port->pm in use; serial8250_pm() then calls the now-gone driver, causing a hang/oops roughly 10 seconds later. The fix implements serial8250_set_defaults() in serial8250_unregiste...

CVE-2023-53200

CVE-2023-53200 (Linux kernel) : The vulnerability is in netfilter: x_tables where a percpu counter block allocated for a new netns is leaked if xt_register_table() fails during table creation. The stack path shows allocation via __alloc_percpu → xt_percpu_counter_alloc → translate_table, then fai...

CVE-2023-53217

Summary (CVE-2023-53217): Linux kernel vulnerability affecting the nubus subsystem where reading files under /proc/bus/nubus could segfault. The issue stems from a regression introduced during the conversion of proc_create_single_data() usage, making single_open() calls with nubus_proc_rsrc_show(...

CVE-2023-53229

CVE-2023-53229 : In the Linux kernel, the wifi/mac80211 path was fixed to address invalid drv_sta_pre_rcu_remove calls for non-uploaded stations, which could cause data corruption due to uninitialized driver private data structures. Affected component: Linux kernel wireless stack (mac80211). Root...

CVE-2023-53237

Summary: CVE-2023-53237 relates to the AMDGPU driver in the Linux kernel, where an improper call to amdgpu_irq_put during gmc_v11_0_hw_fini led to an unnecessary call trace. The root cause is that gmc.ecc_irq is enabled by firmware via IFWI, and the host driver isn’t privileged to enable/disable ...

CVE-2023-53242

Summary of CVE-2023-53242 : In the Linux kernel, the hi3660 thermal sensor path (thermal/drivers/hisi) could panic due to a misbehaving allocation in hi3660_thermal_probe. The root cause: memory allocated for one sensors[] entry was attempted to be filled for a second entry, triggering a BRK hand...

CVE-2023-53257

CVE-2023-53257 is a Linux kernel vulnerability in wifi/mac80211: check S1G action frame size. The fix ensures the action frame exists before inspecting its code, addressing a potential improper memory handling in the frame processing path. The CVSS v3.1 base score is 7.8 (HIGH), with LOCAL attack...

CVE-2023-53259

CVE-2023-53259 (Linux kernel) is a local vulnerability in VMCI where vmci_host_setup_notify() may dereference a NULL context->notify_page after get_user_pages_fast(), causing a general protection fault. The fix, as documented in the advisory, is to validate context->notify_page and return a...

CVE-2023-53263

CVE-2023-53263 : In the Linux kernel, the drm/nouveau/disp path fixes a use-after-free in error handling of nouveau_connector_create. The bug arises because freeing the connector could happen before cleaning up the DRM side, potentially causing memory corruption when an error path is taken after ...

CVE-2023-53277

CVE-2023-53277 is a Linux kernel vulnerability in the wifi iwl3945 driver. The issue arises from missing validation of the return value of create_singlethread_workqueue, which can lead to a NULL pointer dereference. Public advisories (Unity Linux UTSA-2025-992797/992386/992212; SUSE-SU-2025:03615...

CVE-2023-53298

CVE-2023-53298 – Linux kernel : The issue is a memory leak in the NFC subsystem. The se_io callback context allocated inside nfc_genl_se_io is not always freed on several error paths, risking a leak. The patch adds explicit cb_context freeing on those error paths. No exploit details are provided ...

CVE-2023-53301

CVE-2023-53301 affects the Linux kernel f2fs subsystem. The root cause is a NULL pointer dereference when io->bio is NULL inside __submit_merged_write_cond, which can cause a kernel panic during f2fs_checkpoint/write paths. A fix was implemented to return when io->bio is NULL before proceed...

CVE-2023-53302

CVE-2023-53302 affects the Linux kernel wifi iwl4965 driver. The vulnerability stems from a missing check of the return value of create_singlethread_workqueue(), which can lead to a NULL pointer dereference. The provided connected documents confirm the fix was applied in the kernel to add the nec...

CVE-2023-53320

CVE-2023-53320 (Linux kernel) relates to scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info(). The patch fixes four issues in mpi3mr_get_all_tgt_info(): (1) valid entry length now uses the correct header size (sizeof(u64) instead of sizeof(u32)); (2) kern_entrylen no longer subtracts one from nu...

CVE-2023-53321

CVE-2023-53321 affects the Linux kernel wireless stack, specifically wifi: mac80211_hwsim. The issue arises when short frames are processed in ways that could forward incomplete 3-address headers, risking access to invalid memory if shorter frames slip through (even though some control frames lik...

CVE-2023-53333

CVE-2023-53333 affects the Linux kernel netfilter/conntrack for DCCP. The root cause is that nf_conntrack_dccp_packet() copies the full DCCP header into a stack buffer (via skb_header_pointer) rather than only the basic header, allowing a read past the allocated buffer (OOB read). The vulnerabili...

CVE-2023-53341

CVE-2023-53341 refers to a Linux kernel memory initialization fix: the function early_init_dt_scan_memory now returns 1 when memory is found and 0 if none, allowing other memory setup paths to run. This changes the control flow after the ramips plat_mem_setup call, addressing scenarios where memo...

CVE-2023-53347

CVE-2023-53347 (Linux kernel, net/mlx5e offloads): The issue arises from incorrect ordering between E-switch unpairing and uplink vport unload when switching modes or removing devices, causing a use-after-free during peer-flow cleanup and a kernel oops. The fix is to handle pairing of the E-switc...

CVE-2023-53348

The CVE-2023-53348 issue affects the Linux kernel's Btrfs relocation workflow. Specifically, when relocating a block group, the scrub operation is paused during relocation and may deadlock if a transactional commit enters the critical section with a paused scrub. The vulnerability is resolved by ...

CVE-2023-53364

Technical details about CVE-2023-53364 are not publicly available in the provided documents; no affected products, impact, or fixes are specified here. Monitor for updates.

CVE-2023-53367

CVE-2023-53367 concerns a memory leak in the Linux kernel’s accel/habanalabs code path (mem mappings in user_mappings) that could occur when clearing user_mappings during rapid context reuse. The connected OSV entries indicate Rootio‑Linux patches fixing this CVE across Root:Ubuntu:22.04 and Root...

CVE-2023-53381

The CVE relates to the Linux kernel vulnerability CVE-2023-53381 where the reference count for nfsd4_ssc_umount_item was not decremented on error paths, preventing unmounting of the source file’s vfsmount (the “laundromat” issue referenced in the advisory). The fix explicitly decrements the refer...

CVE-2023-53392

In the Linux kernel, CVE-2023-53392 describes a fix for a kernel panic in the intel-ish-hid/ISHTP path during warm resets. If a bus driver is registered after device->fw_client is set to NULL and before new firmware clients are enumerated, ishtp_cl_bus_match() dereferences device->fw_client...

CVE-2023-53394

Technical details (affected product/versions, root cause, exploitability, or patch specifics) are not provided in the connected documents. Please monitor for updates from the listed sources.

CVE-2023-53408

CVE-2023-53408 affects the Linux kernel’s trace/blktrace path. The issue is a memory leak when using debugfs_lookup(); the returned object must be dput()’d, otherwise memory leaks accumulate. The documented fix simplifies handling by replacing the call with debugfs_lookup_and_remove(), which perf...

CVE-2023-53412

The CVE-2023-53412 issue affects the Linux kernel USB gadget bcm63xx_udc where memory leaks occur when using debugfs_lookup() because the result is not dput()’d. The mitigated pattern is to call debugfs_lookup_and_remove() which handles the lookup and cleanup in one step, preventing leaks. Eviden...

CVE-2023-53414

The CVE-2023-53414 entry affects the Linux kernel scsi: snic driver. The root cause is a memory leak when using debugfs_lookup() because the returned object required a dput(), which could leak over time. The advisory notes a fix by using debugfs_lookup_and_remove() instead, which handles the look...

CVE-2023-53426

Technical details for CVE-2023-53426 are not provided in the connected documents. No affected product/version or remediation details are disclosed here. Monitor official advisories from vendors/sources for updates.

CVE-2023-53427

CVE-2023-53427 is a Linux kernel CIFS issue described in Unity Linux advisories. The vulnerability stems from not initializing MR recovery work when MR allocation fails, which can lead to a warning and use-after-free when releasing MRs. The advisory states the fix is to initialize the MR recovery...

CVE-2023-53437

CVE-2023-53437 affects the Linux kernel media: uvcvideo driver. The vulnerability arises when handling cameras with invalid descriptors, potentially enabling local attacker access due to improper link handling when a source entity has no pads. Public docs (OpenVAS/Nessus summaries) list updates t...

CVE-2023-53474

CVE-2023-53474 affects the Linux kernel’s AMD/Intel x86 Machine Check Architecture (MCA) handling. Root cause: bank_map was an unsigned int, causing shift-out-of-bounds when bank indices reached 32, triggering UBSAN. Resolution: changed bank_map to a 64-bit type and used BIT_ULL() for bit operati...

CVE-2023-53488

CVE-2023-53488 (Linux kernel) : The vulnerability affects the IB/hfi1 InfiniBand driver. During hotplug removal, a pending update-counters work could run after memory is freed, causing a possible kernel panic. The fix cancels the update-counters work before freeing memory. Evidence in the securit...

CVE-2023-53489

CVE-2023-53489 affects the Linux kernel memory handling for UDP sockets with TX timestamps and zerocopy skbs. The issue is a memory leak: clones of skbs and their ubuf references can keep a socket refcnt and skb references in the error/clock path, causing leaked sk, sock and skb when close() is c...

CVE-2023-53491

CVE-2023-53491 affects the Linux kernel: start_kernel now uses the __no_stack_protector attribute to control per-function stack-protector omission. The issue arises because boot_init_stack_canary must be compiled with stack protector unless -fno-stack-protector is used; otherwise the canary in th...

CVE-2023-53499

In CVE-2023-53499, the Linux kernel virtio_net component fixes an error unwind in XDP initialization during virtnet_open(). If an XDP init step fails, previously initialized rqs and enabled NAPI could leak; the patch rolls back earlier rq initialization to prevent leaks in the error unwinding pat...

CVE-2023-53516

The CVE-2023-53516 entry corresponds to a Linux kernel macvlan netlink policy issue. A new attribute IFLA_MACVLAN_BC_CUTOFF was added, but the nla_policy in macvlan_policy (drivers/net/macvlan.c) was not described, allowing a 4-byte integer (NLA_S32) to be faked as empty and potentially cause an ...

CVE-2023-53541

In CVE-2023-53541, the Linux kernel mtd: rawnand: brcmnand module had a potential out-of-bounds read during oob writes when the oob buffer length isn’t a multiple of word size. The fix adds a length check on the oob buffer read and fills the remainder with 0xff when the end of the buffer is reach...

CVE-2023-53578

Linux kernel CVE-2023-53578 affects the qrtr path, where an uninit access occurs in qrtr_tx_resume() due to skb->len potentially being smaller than sizeof(struct qrtr_ctrl_pkt) when QRTR_TYPE_RESUME_TX is processed. The vulnerability arises in qrtr_endpoint_post() during syzbot scenarios, trig...

CVE-2023-53634

CVE-2023-53634 (bpf, arm64 BTI) : Technical details across multiple feeds show a Linux kernel BTI-related flaw in BPF trampoline handling. When BPF_TRAMP_F_CALL_ORIG is set, trampolines jump back to the patched function via BLR. In BTI-enabled kernels, the instruction after the call site is typic...

CVE-2023-53658

CVE-2023-53658 affects the Linux kernel BCM-QSPI SPI driver (spi/bcm-qspi). If neither hif_mspi nor mspi resources exist, probe may succeed while doing nothing, then removal dereferences a NULL drvdata pointer. The fix unconditionally calls devm_ioremap_resource(), which handles NULL resources an...

CVE-2024-58241

CVE-2024-58241 is a Linux kernel vulnerability affecting the Bluetooth stack. The issue arises in Bluetooth: hci_core where, on hci_unregister_dev, submissions using disable_work_* are not disablable because the associated hci_dev is about to be freed. The provided connected documents confirm the...

CVE-2025-38647

CVE-2025-38647 affects the Linux kernel wifi/rtw89 driver. The issue is a dropped lockdep assertion in rtw89_set_sar_from_acpi during driver startup, which could trigger under early init and is resolved by the kernel fix. The vulnerability details, call trace, and affected chain are documented in...

CVE-2025-38689

CVE-2025-38689 affects the Linux kernel’s x86 FPU code. When CONFIG_X86_DEBUG_FPU is enabled, AVX-512 timestamp handling calls x86_task_fpu() without a NULL check, returning NULL for kernel threads (PF_KTHREAD) and triggering a NULL pointer dereference when reading /proc/[kthread]/arch_status. Th...

CVE-2025-39733

CVE-2025-39733 affects the Linux kernel where the issue centers on protecting the team network device. The root cause is ordering issues with lower instance locks and the team lock; the fix switches to using the rtnl lock (as done for bonding) to guard the team device, based on a patch by Tetsuo ...

CVE-2025-39771

The CVE-2025-39771 entry concerns the Linux kernel regulator driver pca9450. The issue arises in the pca9450_restart handling during module probe, where a notifier callback is already registered, leading to a kernel dump if not managed. The documented remediation is to use devm_register_sys_off_h...