5.5
CVE-2023-53127 - scsi: mpi3mr: Fix expander node leak in mpi3mr_remove()
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix expander node leak in mpi3mr_remove() Add a missing resource clean up in .remove.
5.5
CVE-2023-53061 - ksmbd: fix possible refcount leak in smb2_open()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible refcount leak in smb2_open() Reference count of acls will leak when memory allocation fails. Fix this by adding the missing posix_acl_release().
4.4
CVE-2025-47201 -
In Intrexx Portal Server before 12.0.4, multiple Velocity-Scripts are susceptible to the execution of unrequested JavaScript code in HTML, aka XSS.
7.8
CVE-2025-37797 - net_sched: hfsc: Fix a UAF vulnerability in class handling
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc_change_class() wheβ¦
5.5
CVE-2023-53103 - bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails
In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails syzbot reported a warning[1] where the bond device itself is a slave and we try to enslave a non-ethernet device as the first slave which fails but then in theβ¦
7.8
CVE-2023-53037 - scsi: mpi3mr: Bad drive in topology results kernel crash
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an internaβ¦
7.1
CVE-2023-53057 - Bluetooth: HCI: Fix global-out-of-bounds
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hci_init_stage_sync(stage) considers that stage[i] is valid as long as stage[i-1].func is valid. Thus, the last element of stage[].func should be intentionβ¦
7.8
CVE-2023-53072 - mptcp: use the workqueue to destroy unaccepted sockets
In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in __token_bucket_busy+0x253/0x260β¦
5.5
CVE-2023-53104 - kernel: net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7.8
CVE-2023-53142 - ice: copy last block omitted in ice_get_module_eeprom()
In the Linux kernel, the following vulnerability has been resolved: ice: copy last block omitted in ice_get_module_eeprom() ice_get_module_eeprom() is broken since commit e9c9692c8a81 ("ice: Reimplement module reads used by ethtool") In this refactor, ice_get_module_eeprom() reads the eeprom in bβ¦