[Git][security-tracker-team/security-tracker][master] Merge Linux CVE changes from kernel-sec

Tue Sep 16 14:35:06 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9fccec5c by Salvatore Bonaccorso at 2025-09-16T15:34:40+02:00
Merge Linux CVE changes from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,48 @@
+CVE-2023-53272 [net: ena: fix shift-out-of-bounds in exponential backoff]
+	- linux 6.4.11-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/1e9cb763e9bacf0c932aa948f50dcfca6f519a26 (6.5-rc2)
+CVE-2023-53271 [ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/1e591ea072df7211f64542a09482b5f81cb3ad27 (6.3-rc1)
+CVE-2023-53270 [ext4: fix i_disksize exceeding i_size problem in paritally written case]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	NOTE: https://git.kernel.org/linus/1dedde690303c05ef732b7c5c8356fdf60a4ade3 (6.4-rc1)
+CVE-2023-53269 [block: ublk: make sure that block size is set correctly]
+	- linux 6.1.25-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1d1665279a845d16c93687389e364386e3fe0f38 (6.3-rc6)
+CVE-2023-53268 [ASoC: fsl_mqs: move of_node_put() to the correct location]
+	- linux 6.3.7-1
+	[bookworm] - linux 6.1.37-1
+	[bullseye] - linux 5.10.191-1
+	NOTE: https://git.kernel.org/linus/1c34890273a020d61d6127ade3f68ed1cb21c16a (6.4-rc1)
+CVE-2023-53267 [driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event()]
+	- linux 6.1.20-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1bea534991b9b35c41848a397666ada436456beb (6.3-rc1)
+CVE-2023-53266 [arm64: acpi: Fix possible memory leak of ffh_ctxt]
+	- linux 6.3.7-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1b561d3949f8478c5403c9752b5533211a757226 (6.3-rc1)
+CVE-2023-53265 [ubi: ensure that VID header offset + VID header size <= alloc, size]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/1b42b1a36fc946f0d7088425b90d491b4257ca3e (6.3-rc1)
+CVE-2023-53264 [clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe]
+	- linux 6.4.4-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1b280598ab3bd8a2dc8b96a12530d5b1ee7a8f4a (6.5-rc1)
+CVE-2023-53263 [drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create]
+	- linux 6.4.13-1
+	[bookworm] - linux 6.1.52-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1b254b791d7b7dea6e8adc887fbbd51746d8bb27 (6.5-rc7)
 CVE-2025-9808 (The The Events Calendar plugin for WordPress is vulnerable to Informat ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-6999 (An HTTP Request Smuggling [CWE-444] vulnerability in the Authenticatio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fccec5ce48713a75e6ee04eaa84a6bf8f9a1b46

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fccec5ce48713a75e6ee04eaa84a6bf8f9a1b46
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250916/6b065b67/attachment-0001.htm>
