RHSA-2023:7077HighCVSS 7.8

Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Published
November 14, 2023
Last Modified
June 17, 2026

🔗 CVE IDs covered (321)

CVE-2022-50829CVE-2022-50847CVE-2022-50617CVE-2022-50784CVE-2023-53320CVE-2023-53755CVE-2023-54294CVE-2023-54308CVE-2022-50532CVE-2023-53296CVE-2022-50464CVE-2022-50626CVE-2023-53400CVE-2022-50842CVE-2022-50844CVE-2023-1252CVE-2023-3611CVE-2023-53437CVE-2023-53639CVE-2022-49675CVE-2022-50279CVE-2023-4155CVE-2023-53710CVE-2023-54202CVE-2023-52937CVE-2023-53197CVE-2023-53229CVE-2023-54286CVE-2022-50246CVE-2023-2513CVE-2023-53056CVE-2023-53188CVE-2022-49180CVE-2023-53036CVE-2023-53185CVE-2023-53213CVE-2023-53524CVE-2022-50628CVE-2023-3609CVE-2023-53372CVE-2024-57876CVE-2022-49028CVE-2022-50354CVE-2023-52981CVE-2023-53050CVE-2023-53112CVE-2023-53430CVE-2023-54234CVE-2022-50003CVE-2022-50816CVE-2023-1989CVE-2023-53376CVE-2023-53605CVE-2023-53780CVE-2023-54317CVE-2022-40133CVE-2022-50390CVE-2022-50440CVE-2023-53254CVE-2023-53765CVE-2023-54011CVE-2023-54098CVE-2023-54275CVE-2022-50148CVE-2022-49944CVE-2022-50556CVE-2022-50740CVE-2023-1075CVE-2023-53132CVE-2023-53624CVE-2022-49773CVE-2022-50066CVE-2023-3772CVE-2023-53090CVE-2023-53582CVE-2023-53607CVE-2023-53110CVE-2022-4744CVE-2023-3161CVE-2023-4206CVE-2023-54265CVE-2022-38457CVE-2022-49752CVE-2022-50247CVE-2022-50287CVE-2023-1206CVE-2023-31084CVE-2023-53042CVE-2023-53793CVE-2022-49995CVE-2022-50389CVE-2022-50489CVE-2023-1998CVE-2023-35824CVE-2023-53108CVE-2023-53625CVE-2022-50406CVE-2022-50562CVE-2023-0597CVE-2022-3640CVE-2022-49903CVE-2022-50369CVE-2023-4732CVE-2023-54191CVE-2022-50535CVE-2023-1855CVE-2023-53071CVE-2023-54123CVE-2023-54325CVE-2022-50677CVE-2022-49827CVE-2022-49401CVE-2023-30456CVE-2022-50520CVE-2022-50700CVE-2022-50717CVE-2023-1079CVE-2023-35823CVE-2023-52997CVE-2023-53084CVE-2023-53232CVE-2022-50861CVE-2023-28328CVE-2023-53147CVE-2023-53409CVE-2023-53602CVE-2023-53764CVE-2023-53086CVE-2023-54131CVE-2022-50781CVE-2022-50819CVE-2023-53095CVE-2023-53233CVE-2023-53390CVE-2023-53578CVE-2023-3212CVE-2023-53051CVE-2023-53077CVE-2023-54029 · pendingCVE-2023-54216CVE-2022-50882CVE-2023-53085CVE-2023-53421CVE-2023-53453CVE-2022-50475CVE-2023-53124CVE-2023-54040CVE-2022-50878CVE-2023-53288CVE-2022-40982CVE-2022-45887CVE-2022-50527CVE-2022-50544CVE-2023-52734 · pendingCVE-2023-53398CVE-2023-53556CVE-2022-50824CVE-2022-48988CVE-2022-50528CVE-2022-50718CVE-2023-53675CVE-2023-53832CVE-2023-54206CVE-2023-54259CVE-2021-43975CVE-2022-50760CVE-2023-54071CVE-2022-45869CVE-2022-50393CVE-2022-50473CVE-2023-4132CVE-2023-52938CVE-2023-54091CVE-2022-50750CVE-2023-53443CVE-2023-53717CVE-2023-53245CVE-2023-53410CVE-2023-53641CVE-2023-53786CVE-2023-53803CVE-2022-50667CVE-2022-50701CVE-2023-53679CVE-2022-49639CVE-2022-49647CVE-2022-50269CVE-2023-53126CVE-2023-53769CVE-2023-54321CVE-2022-50317CVE-2023-4208CVE-2023-53512CVE-2022-50699CVE-2023-54262CVE-2022-3594CVE-2022-49080CVE-2023-52977CVE-2023-53013CVE-2023-53026CVE-2023-53521CVE-2023-53646CVE-2023-54074CVE-2023-3141CVE-2023-53021CVE-2023-53466CVE-2023-54238CVE-2023-54270CVE-2022-48997CVE-2022-50470CVE-2022-50710CVE-2023-53816CVE-2024-0443CVE-2022-50365CVE-2022-50733CVE-2023-4128 · pendingCVE-2023-53532CVE-2023-54053CVE-2022-50619CVE-2023-1073CVE-2023-26545CVE-2023-53002CVE-2023-53594CVE-2022-50479CVE-2022-50728CVE-2022-50822CVE-2022-49890CVE-2022-50452CVE-2022-50555CVE-2023-28772CVE-2023-52991CVE-2023-53009CVE-2023-53678CVE-2023-54015CVE-2022-49853CVE-2022-50356CVE-2022-50412CVE-2023-53553CVE-2022-50046CVE-2023-33951CVE-2023-53767CVE-2023-54055CVE-2022-50396CVE-2023-0590CVE-2023-3268CVE-2023-53078CVE-2023-54108CVE-2022-49862CVE-2023-1382CVE-2023-53039CVE-2023-53058CVE-2022-50258CVE-2023-53105CVE-2023-53211CVE-2023-53359CVE-2023-54144CVE-2022-50778CVE-2022-50083 · pendingCVE-2022-50318CVE-2022-49864CVE-2022-28388CVE-2023-53598CVE-2023-53620CVE-2023-53753CVE-2023-33203CVE-2023-52931CVE-2023-54036CVE-2022-49356CVE-2022-50388CVE-2022-50472CVE-2022-50881CVE-2023-0458CVE-2023-1074CVE-2023-53044CVE-2023-54233CVE-2022-50809CVE-2023-53060CVE-2023-53079CVE-2023-53087CVE-2023-53120CVE-2023-53422CVE-2023-53677CVE-2023-53844CVE-2022-42895CVE-2022-49492CVE-2022-50275CVE-2022-50884CVE-2023-31436CVE-2023-53575CVE-2023-54037CVE-2022-50515CVE-2023-53241CVE-2023-53517CVE-2023-23455CVE-2023-33952CVE-2023-53028CVE-2023-53299CVE-2023-54300CVE-2025-38393CVE-2022-50290 · pendingCVE-2022-50303CVE-2023-1118CVE-2023-2269CVE-2023-51043CVE-2023-53431CVE-2023-53866CVE-2023-54102CVE-2022-50348CVE-2022-50578CVE-2022-50297CVE-2022-50385CVE-2023-35825 · pendingCVE-2023-53010CVE-2023-53015CVE-2023-53102CVE-2023-53591CVE-2022-50405CVE-2022-50627CVE-2022-50735CVE-2023-4207CVE-2023-53113

📋 Description

CVE-2021-43975 — kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c CVE-2022-3594 — kernel: Rate limit overflow messages in r8152 in intr_callback CVE-2022-3640 — kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c CVE-2022-4744 — kernel: tun: avoid double free in tun_free_netdev CVE-2022-28388 — kernel: double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c CVE-2022-38457 — kernel: vmwgfx: use-after-free in vmw_cmd_res_check CVE-2022-40133 — kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context CVE-2022-40982 — hw: Intel: Gather Data Sampling (GDS) side channel vulnerability CVE-2022-42895 — kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c CVE-2022-45869 — kernel: KVM: x86/mmu: race condition in direct_page_fault() CVE-2022-45887 — kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c CVE-2022-48988 — kernel: memcg: fix possible use-after-free in memcg_write_event_control() CVE-2022-48997 — kernel: char: tpm: Protect tpm_pm_suspend with locks CVE-2022-49028 — kernel: ixgbevf: Fix resource leak in ixgbevf_init_module() CVE-2022-49080 — kernel: mm/mempolicy: fix mpol_new leak in shared_policy_replace CVE-2022-49180 — kernel: LSM: general protection fault in legacy_parse_param CVE-2022-49356 — kernel: SUNRPC: Trap RDMA segment overflows CVE-2022-49401 — kernel: mm/page_owner: use strscpy() instead of strlcpy() CVE-2022-49492 — kernel: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags CVE-2022-49639 — kernel: cipso: Fix data-races around sysctl. CVE-2022-49647 — kernel: cgroup: Use separate src/dst nodes when preloading css_sets for migration CVE-2022-49675 — kernel: tick/nohz: unexport __init-annotated tick_nohz_full_setup() CVE-2022-49752 — kernel: device property: fix of node refcount leak in fwnode_graph_get_next_endpoint() CVE-2022-49773 — kernel: drm/amd/display: Fix optc2_configure warning on dcn314 CVE-2022-49827 — kernel: drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() CVE-2022-49853 — kernel: net: macvlan: fix memory leaks of macvlan_common_newlink CVE-2022-49862 — kernel: tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header CVE-2022-49864 — kernel: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() CVE-2022-49890 — kernel: capabilities: fix potential memleak on error path from vfs_getxattr_alloc() CVE-2022-49903 — kernel: ipv6: fix WARNING in ip6_route_net_exit_late() CVE-2022-49944 — kernel: Revert "usb: typec: ucsi: add a common function ucsi_unregister_connectors()" CVE-2022-49995 — kernel: writeback: avoid use-after-free after removing device CVE-2022-50003 — kernel: ice: xsk: prohibit usage of non-balanced queue id CVE-2022-50046 — kernel: net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change() CVE-2022-50066 — kernel: net: atlantic: fix aq_vec index out of range error CVE-2022-50083 — kernel: ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h CVE-2022-50148 — kernel: kernfs: fix potential NULL dereference in __kernfs_remove CVE-2022-50246 — kernel: usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() CVE-2022-50247 — kernel: usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq CVE-2022-50258 — kernel: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() CVE-2022-50269 — kernel: drm/vkms: Fix memory leak in vkms_init() CVE-2022-50275 — kernel: drm/radeon: Add the missed acpi_put_table() to fix memory leak CVE-2022-50279 — kernel: wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() CVE-2022-50287 — kernel: drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs CVE-2022-50290 — kernel: wifi: mac80211: fix memory leak in ieee80211_if_add() CVE-2022-50297 — kernel: wifi: ath9k: verify the expected usb_endpoints are present CVE-2022-50303 — kernel: drm/amdkfd: Fix double release compute pasid CVE-2022-50317 — kernel: drm/bridge: megachips: Fix a null pointer dereference bug CVE-2022-50318 — kernel: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() CVE-2022-50348 — kernel: nfsd: Fix a memory leak in an error handling path CVE-2022-50354 — kernel: Linux kernel: NULL pointer dereference in drm/amdkfd leads to Denial of Service CVE-2022-50356 — kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails CVE-2022-50365 — kernel: Linux kernel: Local denial of service in skbuff due to improper network buffer handling CVE-2022-50369 — kernel: drm/vkms: Fix null-ptr-deref in vkms_release() CVE-2022-50385 — kernel: NFS: Fix an Oops in nfs_d_automount() CVE-2022-50388 — kernel: nvme: fix multipath crash caused by flush request when blktrace is enabled CVE-2022-50389 — kernel: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak CVE-2022-50390 — kernel: Linux kernel: Denial of Service and information disclosure via undefined bit shift in drm/ttm CVE-2022-50393 — kernel: drm/amdgpu: SDMA update use unlocked iterator CVE-2022-50396 — kernel: net: sched: fix memory leak in tcindex_set_parms CVE-2022-50405 — kernel: net/tunnel: wait until all sk_user_data reader finish before releasing the sock CVE-2022-50406 — kernel: iomap: iomap: fix memory corruption when recording errors during writeback CVE-2022-50412 — kernel: drm: bridge: adv7511: unregister cec i2c device after cec adapter CVE-2022-50440 — kernel: Linux kernel: Denial of Service in vmwgfx due to invalid DMA surface copies CVE-2022-50452 — kernel: net: sched: cake: fix null pointer access issue when cake_init() fails CVE-2022-50464 — kernel: mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2() CVE-2022-50470 — kernel: xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50472 — kernel: IB/mad: Don't call to function that might sleep while in atomic context CVE-2022-50473 — kernel: cpufreq: Init completion before kobject_init_and_add() CVE-2022-50475 — kernel: RDMA/core: Make sure "ib_port" is valid when access sysfs node CVE-2022-50479 — kernel: drm/amd: fix potential memory leak CVE-2022-50489 — kernel: drm/mipi-dsi: Detach devices when removing the host CVE-2022-50515 — kernel: drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue() CVE-2022-50520 — kernel: drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() CVE-2022-50527 — kernel: drm/amdgpu: Fix size validation for non-exclusive domains (v4) CVE-2022-50528 — kernel: drm/amdkfd: Fix memory leakage CVE-2022-50532 — kernel: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() CVE-2022-50535 — kernel: drm/amd/display: Fix potential null-deref in dm_resume CVE-2022-50544 — kernel: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() CVE-2022-50555 — kernel: tipc: fix a null-ptr-deref in tipc_topsrv_accept CVE-2022-50556 — kernel: drm: Fix potential null-ptr-deref due to drmm_mode_config_init() CVE-2022-50562 — kernel: tpm: acpi: Call acpi_put_table() to fix memory leak CVE-2022-50578 — kernel: Linux kernel: Memory leak in __class_register() CVE-2022-50617 — kernel: drm/amdgpu/powerplay/psm: Fix memory leak in power state init CVE-2022-50619 — kernel: drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() CVE-2022-50626 — kernel: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() CVE-2022-50627 — kernel: wifi: ath11k: fix monitor mode bringup crash CVE-2022-50628 — kernel: drm/gud: Fix UBSAN warning CVE-2022-50667 — kernel: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl() CVE-2022-50677 — kernel: ipmi: fix use after free in _ipmi_destroy_user() CVE-2022-50699 — kernel: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() CVE-2022-50700 — kernel: wifi: ath10k: Delay the unmapping of the buffer CVE-2022-50701 — kernel: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host CVE-2022-50710 — kernel: Linux kernel: Denial of Service in ice driver via uninitialized transmit rings CVE-2022-50717 — kernel: nvmet-tcp: add bounds check on Transfer Tag CVE-2022-50718 — kernel: Linux kernel: Denial of Service due to PCI device reference count leak CVE-2022-50728 — kernel: Linux kernel: Denial of Service in s390/lcs network driver due to incompatible function pointer type CVE-2022-50733 — kernel: usb: idmouse: fix an uninit-value in idmouse_open CVE-2022-50735 — kernel: wifi: mt76: do not run mt76u_status_worker if the device is not running CVE-2022-50740 — kernel: Linux kernel: Denial of Service in ath9k Wi-Fi driver due to URB memory leak CVE-2022-50750 — kernel: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure CVE-2022-50760 — kernel: Linux kernel: Resource exhaustion in amdgpu due to PCI device reference count leak CVE-2022-50778 — kernel: fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL CVE-2022-50781 — kernel: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() CVE-2022-50784 — kernel: wifi: fix potential NULL-ptr deref after clone CVE-2022-50809 — kernel: Linux kernel xHCI DbC: Denial of Service via memory leak CVE-2022-50816 — kernel: ipv6: ensure sane device mtu in tunnels CVE-2022-50819 — kernel: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails CVE-2022-50822 — kernel: Linux kernel: Memory leak in RDMA restrack leads to Denial of Service CVE-2022-50824 — kernel: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak CVE-2022-50829 — kernel: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() CVE-2022-50842 — kernel: drm/virtio: Check whether transferred 2D BO is shmem CVE-2022-50844 — kernel: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback CVE-2022-50847 — kernel: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe CVE-2022-50861 — kernel: NFSD: Finish converting the NFSv2 GETACL result encoder CVE-2022-50878 — kernel: Linux kernel: Denial of service in lontium-lt9611 GPU driver due to NULL pointer dereference CVE-2022-50881 — kernel: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() CVE-2022-50882 — kernel: media: uvcvideo: Fix memory leak in uvc_gpio_parse CVE-2022-50884 — kernel: drm: Prevent drm_copy_field() to attempt copying a NULL pointer CVE-2023-0458 — kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c CVE-2023-0590 — kernel: use-after-free due to race condition in qdisc_graft() CVE-2023-0597 — kernel: x86/mm: Randomize per-cpu entry area CVE-2023-1073 — kernel: HID: check empty report_list in hid_validate_values() CVE-2023-1074 — kernel: sctp: fail if no bound addresses can be used for a given scope CVE-2023-1075 — kernel: net/tls: tls_is_tx_ready() checked list_entry CVE-2023-1079 — kernel: hid: Use After Free in asus_remove() CVE-2023-1118 — kernel: use-after-free in drivers/media/rc/ene_ir.c due to race condition CVE-2023-1206 — kernel: hash collisions in the IPv6 connection lookup table CVE-2023-1252 — kernel: ovl: fix use after free in struct ovl_aio_req CVE-2023-1382 — kernel: denial of service in tipc_conn_close CVE-2023-1855 — kernel: use-after-free bug in remove function xgene_hwmon_remove CVE-2023-1989 — kernel: Use after free bug in btsdio_remove due to race condition CVE-2023-1998 — kernel: Spectre v2 SMT mitigations problem CVE-2023-2269 — kernel: A possible deadlock in dm_get_inactive_table in dm- ioctl.c leads to dos CVE-2023-2513 — kernel: ext4: use-after-free in ext4_xattr_set_entry() CVE-2023-3141 — kernel: Use after free bug in r592_remove CVE-2023-3161 — kernel: fbcon: shift-out-of-bounds in fbcon_set_font() CVE-2023-3212 — kernel: gfs2: NULL pointer dereference in gfs2_evict_inode() CVE-2023-3268 — kernel: out-of-bounds access in relay_file_read CVE-2023-3609 — kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails CVE-2023-3611 — kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead CVE-2023-3772 — kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params() CVE-2023-4128 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4132 — kernel: smsusb: use-after-free caused by do_submit_urb() CVE-2023-4155 — kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability CVE-2023-4206 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4207 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4208 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4732 — kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h CVE-2023-23455 — Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion CVE-2023-26545 — kernel: mpls: double free on sysctl allocation failure CVE-2023-28328 — kernel: Denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c CVE-2023-28772 — kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow CVE-2023-30456 — kernel: KVM: nVMX: missing consistency checks for CR0 and CR4 CVE-2023-31084 — kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible CVE-2023-31436 — kernel: out-of-bounds write in qfq_change_class function CVE-2023-33203 — kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove() CVE-2023-33951 — kernel: vmwgfx: race condition leading to information disclosure vulnerability CVE-2023-33952 — kernel: vmwgfx: double free within the handling of vmw_buffer_object objects CVE-2023-35823 — kernel: saa7134: race condition leading to use-after-free in saa7134_finidev() CVE-2023-35824 — kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c() CVE-2023-35825 — kernel: r592: race condition leading to use-after-free in r592_remove() CVE-2023-51043 — kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c CVE-2023-52734 — kernel: net: sched: sch: Bounds check priority CVE-2023-52931 — kernel: drm/i915: Avoid potential vm use-after-free CVE-2023-52937 — kernel: HV: hv_balloon: fix memory leak with using debugfs_lookup() CVE-2023-52938 — kernel: usb: typec: ucsi: Don't attempt to resume the ports before they exist CVE-2023-52977 — kernel: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new CVE-2023-52981 — kernel: drm/i915: Fix request ref counting during error capture & debugfs dump CVE-2023-52991 — kernel: net: fix NULL pointer in skb_segment_list CVE-2023-52997 — kernel: ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() CVE-2023-53002 — kernel: drm/i915: Fix a memory leak with reused mmap_offset CVE-2023-53009 — kernel: drm/amdkfd: Add sync after creating vram bo CVE-2023-53010 — kernel: bnxt: Do not read past the end of test names CVE-2023-53013 — kernel: ptdma: pt_core_execute_cmd() should use spinlock CVE-2023-53015 — kernel: HID: betop: check shape of output reports CVE-2023-53021 — kernel: net/sched: sch_taprio: fix possible use-after-free CVE-2023-53026 — kernel: RDMA/core: Fix ib block iterator counter overflow CVE-2023-53028 — kernel: Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()" CVE-2023-53036 — kernel: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device CVE-2023-53039 — kernel: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function CVE-2023-53042 — kernel: drm/amd/display: Do not set DRR on pipe Commit CVE-2023-53044 — kernel: dm stats: check for and propagate alloc_percpu failure CVE-2023-53050 — kernel: thunderbolt: Fix memory leak in margining CVE-2023-53051 — kernel: dm crypt: add cond_resched() to dmcrypt_write() CVE-2023-53056 — kernel: scsi: qla2xxx: Synchronize the IOCB count to be in order CVE-2023-53058 — kernel: net/mlx5: E-Switch, Fix an Oops in error handling code CVE-2023-53060 — kernel: igb: revert rtnl_lock() that causes deadlock CVE-2023-53071 — kernel: wifi: mt76: do not run mt76_unregister_device() on unregistered hw CVE-2023-53077 — kernel: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes CVE-2023-53078 — kernel: scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() CVE-2023-53079 — kernel: net/mlx5: Fix steering rules cleanup CVE-2023-53084 — kernel: drm/shmem-helper: Remove another errant put in error path CVE-2023-53085 — kernel: drm/edid: fix info leak when failing to get panel id CVE-2023-53086 — kernel: wifi: mt76: connac: do not check WED status for non-mmio devices CVE-2023-53087 — kernel: drm/i915/active: Fix misuse of non-idle barriers as fence trackers CVE-2023-53090 — kernel: drm/amdkfd: Fix an illegal memory access CVE-2023-53095 — kernel: drm/ttm: Fix a NULL pointer dereference CVE-2023-53102 — kernel: ice: xsk: disable txq irq before flushing hw CVE-2023-53105 — kernel: net/mlx5e: Fix cleanup null-ptr deref on encap lock CVE-2023-53108 — kernel: net/iucv: Fix size of interrupt data CVE-2023-53110 — kernel: net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler() CVE-2023-53112 — kernel: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access CVE-2023-53113 — kernel: wifi: nl80211: fix NULL-ptr deref in offchan check CVE-2023-53120 — kernel: scsi: mpi3mr: Fix config page DMA memory leak CVE-2023-53124 — kernel: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() CVE-2023-53126 — kernel: scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove() CVE-2023-53132 — kernel: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove() CVE-2023-53147 — kernel: xfrm: add NULL check in xfrm_update_ae_params CVE-2023-53185 — kernel: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes CVE-2023-53188 — kernel: net: openvswitch: fix race on port output CVE-2023-53197 — kernel: USB: uhci: fix memory leak with using debugfs_lookup() CVE-2023-53211 — kernel: Linux kernel: Memory leak in driver core location can lead to denial of service CVE-2023-53213 — kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() CVE-2023-53229 — kernel: wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta CVE-2023-53232 — kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data CVE-2023-53233 — kernel: Linux kernel: Denial of Service via deadlock in net/smc CVE-2023-53241 — kernel: nfsd: call op_release, even when op_func returns an error CVE-2023-53245 — kernel: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts CVE-2023-53254 — kernel: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels CVE-2023-53288 — kernel: drm/client: Fix memory leak in drm_client_modeset_probe CVE-2023-53296 — kernel: sctp: check send stream number after wait_for_sndbuf CVE-2023-53299 — kernel: md/raid10: fix leak of 'r10bio->remaining' for recovery CVE-2023-53320 — kernel: scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info() CVE-2023-53359 — kernel: USB: fix memory leak with using debugfs_lookup() CVE-2023-53372 — kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip CVE-2023-53376 — kernel: scsi: mpi3mr: Use number of bits to manage bitmap sizes CVE-2023-53390 — kernel: drivers: base: dd: fix memory leak with using debugfs_lookup() CVE-2023-53398 — kernel: mlx5: fix possible ptp queue fifo use-after-free CVE-2023-53400 — kernel: Linux kernel: ALSA HDA denial of service via array overflow CVE-2023-53409 — kernel: drivers: base: component: fix memory leak with using debugfs_lookup() CVE-2023-53410 — kernel: USB: ULPI: fix memory leak with using debugfs_lookup() CVE-2023-53421 — kernel: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() CVE-2023-53422 — kernel: wifi: iwlwifi: fw: fix memory leak in debugfs CVE-2023-53430 — kernel: wifi: mt76: dma: fix memory leak running mt76_dma_tx_cleanup CVE-2023-53431 — kernel: Linux kernel: Denial of Service in scsi_ses due to enclosure with no components CVE-2023-53437 — kernel: media: uvcvideo: Handle cameras with invalid descriptors CVE-2023-53443 — kernel: mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak CVE-2023-53453 — kernel: drm/radeon: free iio for atombios when driver shutdown CVE-2023-53466 — kernel: wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit CVE-2023-53512 — kernel: scsi: mpt3sas: Fix a memory leak CVE-2023-53517 — kernel: Linux kernel: Denial of Service via malicious MTU negotiation in TIPC CVE-2023-53521 — kernel: scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() CVE-2023-53524 — kernel: Linux kernel: Integer overflow in iwlwifi debugfs function CVE-2023-53532 — kernel: wifi: ath11k: fix deinitialization of firmware resources CVE-2023-53553 — kernel: HID: hyperv: avoid struct memcpy overrun warning CVE-2023-53556 — kernel: Linux kernel iavf driver: Denial of Service via use-after-free vulnerability CVE-2023-53575 — kernel: wifi: iwlwifi: mvm: fix potential array out of bounds access CVE-2023-53578 — kernel: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() CVE-2023-53582 — kernel: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds CVE-2023-53591 — kernel: net/mlx5e: Fix deadlock in tc route query code CVE-2023-53594 — kernel: driver core: fix resource leak in device_add() CVE-2023-53598 — kernel: bus: mhi: host: Range check CHDBOFF and ERDBOFF CVE-2023-53602 — kernel: wifi: ath11k: fix memory leak in WMI firmware stats CVE-2023-53605 — kernel: drm: amd: display: Fix memory leakage CVE-2023-53607 — kernel: ALSA: ymfpci: Fix BUG_ON in probe function CVE-2023-53620 — kernel: md: fix soft lockup in status_resync CVE-2023-53624 — kernel: net/sched: sch_fq: fix integer overflow of "credit" CVE-2023-53625 — kernel: drm/i915/gvt: fix vgpu debugfs clean in remove CVE-2023-53639 — kernel: wifi: ath6kl: reduce WARN to dev_dbg() in callback CVE-2023-53641 — kernel: wifi: ath9k: hif_usb: fix memory leak of remain_skbs CVE-2023-53646 — kernel: drm/i915/perf: add sentinel to xehp_oa_b_counters CVE-2023-53675 — kernel: scsi: ses: Fix possible desc_ptr out-of-bounds accesses CVE-2023-53677 — kernel: drm/i915: Fix memory leaks in i915 selftests CVE-2023-53678 — kernel: drm/i915: Fix system suspend without fbdev being initialized CVE-2023-53679 — kernel: wifi: mt7601u: fix an integer underflow CVE-2023-53710 — kernel: wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read CVE-2023-53717 — kernel: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() CVE-2023-53753 — kernel: drm/amd/display: fix mapping to non-allocated address CVE-2023-53755 — kernel: dmaengine: ptdma: check for null desc before calling pt_cmd_callback CVE-2023-53764 — kernel: wifi: ath12k: Handle lock during peer_id find CVE-2023-53765 — kernel: dm cache: free background tracker's queued work in btracker_destroy CVE-2023-53767 — kernel: Linux kernel: Denial of Service via memory leak in ath12k Wi-Fi driver CVE-2023-53769 — kernel: virt/coco/sev-guest: Double-buffer messages CVE-2023-53780 — kernel: drm/amd/display: fix FCLK pstate change underflow CVE-2023-53786 — kernel: dm flakey: fix a crash with invalid table line CVE-2023-53793 — kernel: perf tool x86: Fix perf_env memory leak CVE-2023-53803 — kernel: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() CVE-2023-53816 — kernel: drm/amdkfd: fix potential kgd_mem UAFs CVE-2023-53832 — kernel: md/raid10: fix null-ptr-deref in raid10_sync_request CVE-2023-53844 — kernel: drm/ttm: Don't leak a resource on swapout move error CVE-2023-53866 — kernel: ASoC: soc-compress: Reposition and add pcm_mutex CVE-2023-54011 — kernel: scsi: mpi3mr: Fix an issue found by KASAN CVE-2023-54015 — kernel: net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device CVE-2023-54029 — kernel: wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO CVE-2023-54036 — kernel: Linux kernel: Denial of Service due to memory leak in rtl8xxxu Wi-Fi driver CVE-2023-54037 — kernel: Linux kernel: Denial of Service in ice driver via ethtool reload CVE-2023-54040 — kernel: Linux kernel: Denial of Service due to incorrect FDIR filter fallback logic CVE-2023-54053 — kernel: Linux kernel: Denial of Service in iwlwifi due to NULL pointer dereference CVE-2023-54055 — kernel: Linux kernel: Memory leak in RDMA/irdma subsystem leads to Denial of Service CVE-2023-54071 — kernel: wifi: rtw88: use work to update rate to avoid RCU warning CVE-2023-54074 — kernel: Linux kernel: Denial of Service in mlx5e due to incorrect encap attribute handling CVE-2023-54091 — kernel: Linux kernel: Denial of Service due to memory leak in drm_client_target_cloned function CVE-2023-54098 — kernel: Kernel: NULL pointer dereference in Intel GVT-g debugfs during device removal CVE-2023-54102 — kernel: scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow CVE-2023-54108 — kernel: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests CVE-2023-54123 — kernel: Kernel: Denial of Service due to memory leak in RAID10 functionality CVE-2023-54131 — kernel: Linux kernel rt2x00 Wi-Fi driver: Denial of Service via memory leak during device removal CVE-2023-54144 — kernel: drm/amdkfd: Fix kernel warning during topology setup CVE-2023-54191 — kernel: Linux kernel: Memory leak in mt76 Wi-Fi driver leads to Denial of Service CVE-2023-54202 — kernel: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl CVE-2023-54206 — kernel: net/sched: flower: fix filter idr initialization CVE-2023-54216 — kernel: net/mlx5e: TC, Fix using eswitch mapping in nic mode CVE-2023-54233 — kernel: ASoC: SOF: avoid a NULL dereference with unsupported widgets CVE-2023-54234 — kernel: scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization CVE-2023-54238 — kernel: Linux kernel: Denial of Service in mlx5 driver due to memory leaks CVE-2023-54259 — kernel: soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow CVE-2023-54262 — kernel: net/mlx5e: Don't clone flow post action attributes second time CVE-2023-54265 — kernel: ipv6: Fix an uninit variable access bug in __ip6_make_skb() CVE-2023-54270 — kernel: media: usb: siano: Fix use after free bugs caused by do_submit_urb CVE-2023-54275 — kernel: Linux kernel: Memory leak in ath11k Wi-Fi driver leads to Denial of Service CVE-2023-54286 — kernel: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace CVE-2023-54294 — kernel: md/raid10: fix memleak of md thread CVE-2023-54300 — kernel: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx CVE-2023-54308 — kernel: ALSA: ymfpci: Create card with device-managed snd_devm_card_new() CVE-2023-54317 — kernel: dm flakey: don't corrupt the zero page CVE-2023-54321 — kernel: driver core: fix potential null-ptr-deref in device_add() CVE-2023-54325 — kernel: crypto: qat - fix out-of-bounds read CVE-2024-0443 — kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline. CVE-2024-57876 — kernel: drm/dp_mst: Fix resetting msg rx state after topology removal CVE-2025-38393 — kernel: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN

🔗 References (71)