5.5
CVE-2023-53048 - usb: typec: tcpm: fix warning when handle discover_identity message
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix warning when handle discover_identity message Since both source and sink device can send discover_identity message in PD3, kernel may dump below warning: ------------[ cut here ]------------ WARNING: CPU: 0β¦
7.1
CVE-2023-53135 - riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode
In the Linux kernel, the following vulnerability has been resolved: riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode When CONFIG_FRAME_POINTER is unset, the stack unwinding function walk_stackframe randomly reads the stack and then, when KASAN is enabled, it can lead to the followinβ¦
5.5
CVE-2023-53132 - scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove()
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove() Free mpi3mr_hba_port at .remove.
7.1
CVE-2023-53136 - af_unix: fix struct pid leaks in OOB support
In the Linux kernel, the following vulnerability has been resolved: af_unix: fix struct pid leaks in OOB support syzbot reported struct pid leak [1]. Issue is that queue_oob() calls maybe_add_creds() which potentially holds a reference on a pid. But skb->destructor is not set (either directly oβ¦
5.5
CVE-2023-53115 - scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc()
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc() Don't allocate memory again when IOC is being reinitialized.
5.5
CVE-2023-53101 - ext4: zero i_disksize when initializing the bootloader inode
In the Linux kernel, the following vulnerability has been resolved: ext4: zero i_disksize when initializing the bootloader inode If the boot loader inode has never been used before, the EXT4_IOC_SWAP_BOOT inode will initialize it, including setting the i_size to 0. However, if the "never before β¦
5.5
CVE-2023-53127 - scsi: mpi3mr: Fix expander node leak in mpi3mr_remove()
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix expander node leak in mpi3mr_remove() Add a missing resource clean up in .remove.
5.5
CVE-2023-53061 - ksmbd: fix possible refcount leak in smb2_open()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible refcount leak in smb2_open() Reference count of acls will leak when memory allocation fails. Fix this by adding the missing posix_acl_release().
4.4
CVE-2025-47201 -
In Intrexx Portal Server before 12.0.4, multiple Velocity-Scripts are susceptible to the execution of unrequested JavaScript code in HTML, aka XSS.
7.8
CVE-2025-37797 - net_sched: hfsc: Fix a UAF vulnerability in class handling
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc_change_class() wheβ¦