Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2023-2124 Kyle Zeng, Akshay Ajayan and Fish Wang discovered that missing metadata validation may result in denial of service or potential privilege escalation if a corrupted XFS disk image is mounted. CVE-2023-2156 It was discovered that the IPv6 RPL protocol implementation in the Linux kernel did not properly handled user-supplied data, resulting in a triggerable assertion. An unauthenticated remote attacker can take advantage of this flaw for denial of service. CVE-2023-2269 Zheng Zhang reported that improper handling of locking in the device mapper implementation may result in denial of service. CVE-2023-3090 It was discovered that missing initialization in ipvlan networking may lead to an out-of-bounds write vulnerability, resulting in denial of service or potentially the execution of arbitrary code. CVE-2023-3212 Yang Lan that missing validation in the GFS2 filesystem could result in denial of service via a NULL pointer dereference when mounting a malformed GFS2 filesystem. CVE-2023-3268 It was discovered that an out-of-bounds memory access in relayfs could result in denial of service or an information leak. CVE-2023-3269 Ruihan Li discovered that incorrect lock handling for accessing and updating virtual memory areas may result in privilege escalation. CVE-2023-3390 A use-after-free flaw in the netfilter subsystem caused by incorrect error path handling may result in denial of service or privilege escalation. CVE-2023-31084 It was discovered that the DVB Core driver does not properly handle locking of certain events, allowing a local user to cause a denial of service. CVE-2023-32250 / CVE-2023-32254 Quentin Minster discovered two race conditions in KSMBD, a kernel server which implements the SMB3 protocol, which could result in denial of service or potentially the execution of arbitrary code. CVE-2023-35788 Hangyu Hua discovered an out-of-bounds write vulnerability in the Flower classifier which may result in denial of service or the execution of arbitrary code.