rpm package
suse/kernel-64kb&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
Vulnerabilities (2,262)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68758 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a | ||
| CVE-2025-68757 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put(). | ||
| CVE-2025-68753 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite | ||
| CVE-2023-54326 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Free IRQs before removing the device In pci_endpoint_test_remove(), freeing the IRQs after removing the device creates a small race window for IRQs to be received with the test device m | ||
| CVE-2023-54324 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrieve_deps There's a race condition in the multipath target when retrieve_deps races with multipath_message calling dm_get_device and dm_put_device. retrieve_deps walks the list o | ||
| CVE-2023-54322 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: set __exception_irq_entry with __irq_entry as a default filter_irq_stacks() is supposed to cut entries which are related irq entries from its call stack. And in_irqentry_text() which is called by filter_ | ||
| CVE-2023-54319 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91-pio4: check return value of devm_kasprintf() devm_kasprintf() returns a pointer to dynamically allocated memory. Pointer could be NULL in case allocation fails. Check pointer validity. Identified | ||
| CVE-2023-54318 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add While doing smcr_port_add, there maybe linkgroup add into or delete from smc_lgr_list.list at the same time, which may result | ||
| CVE-2023-54316 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of wait_queue_head_t Running the refscale test occasionally crashes the kernel with the following error: [ 8569.952896] BUG: unable to handle page fault for address: ffffffffffff | ||
| CVE-2023-54315 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/sriov: perform null check on iov before dereferencing iov Currently pointer iov is being dereferenced before the null check of iov which can lead to null pointer dereference errors. Fix this by | ||
| CVE-2023-54314 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005_i2c_xfer In af9005_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data fi | ||
| CVE-2023-54313 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovl_get_acl_rcu() Following process: P1 P2 path_openat link_path_walk may_lookup inode_permission(rcu) ovl_permission acl_p | ||
| CVE-2023-54312 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix buffer overflow in tcp_basertt Using sizeof(nv) or strlen(nv)+1 is correct. | ||
| CVE-2023-54309 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by | ||
| CVE-2023-54304 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: meson_sm: fix to avoid potential NULL pointer dereference of_match_device() may fail and returns a NULL pointer. Fix this by checking the return value of of_match_device. | ||
| CVE-2023-54303 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_perf_event_output The nesting protection in bpf_perf_event_output relies on disabled preemption, which is guaranteed for kprobes and tracepoints. However bpf_perf_event_output ca | ||
| CVE-2023-54302 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdma_wait_event and irdma_check_cqp_progress while it can be updated in the completion thread irdma_sc_ccq_get_cq | ||
| CVE-2023-54300 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx For the reasons also described in commit b383e8abed41 ("wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()"), ath9k_htc_rx_msg() should | ||
| CVE-2023-54299 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs will negotiate DisplayPort Alt mode with the device but will then negotiate a data role swap after entering the alt mode. The data | ||
| CVE-2023-54297 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix memory leak after finding block group with super blocks At exclude_super_stripes(), if we happen to find a block group that has super blocks mapped to it and we are on a zoned filesystem, we e |
- CVE-2025-68758Jan 5, 2026affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a
- CVE-2025-68757Jan 5, 2026affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put().
- CVE-2025-68753Jan 5, 2026affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite
- CVE-2023-54326Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Free IRQs before removing the device In pci_endpoint_test_remove(), freeing the IRQs after removing the device creates a small race window for IRQs to be received with the test device m
- CVE-2023-54324Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrieve_deps There's a race condition in the multipath target when retrieve_deps races with multipath_message calling dm_get_device and dm_put_device. retrieve_deps walks the list o
- CVE-2023-54322Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: arm64: set __exception_irq_entry with __irq_entry as a default filter_irq_stacks() is supposed to cut entries which are related irq entries from its call stack. And in_irqentry_text() which is called by filter_
- CVE-2023-54319Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91-pio4: check return value of devm_kasprintf() devm_kasprintf() returns a pointer to dynamically allocated memory. Pointer could be NULL in case allocation fails. Check pointer validity. Identified
- CVE-2023-54318Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add While doing smcr_port_add, there maybe linkgroup add into or delete from smc_lgr_list.list at the same time, which may result
- CVE-2023-54316Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of wait_queue_head_t Running the refscale test occasionally crashes the kernel with the following error: [ 8569.952896] BUG: unable to handle page fault for address: ffffffffffff
- CVE-2023-54315Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/sriov: perform null check on iov before dereferencing iov Currently pointer iov is being dereferenced before the null check of iov which can lead to null pointer dereference errors. Fix this by
- CVE-2023-54314Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005_i2c_xfer In af9005_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious data fi
- CVE-2023-54313Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovl_get_acl_rcu() Following process: P1 P2 path_openat link_path_walk may_lookup inode_permission(rcu) ovl_permission acl_p
- CVE-2023-54312Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix buffer overflow in tcp_basertt Using sizeof(nv) or strlen(nv)+1 is correct.
- CVE-2023-54309Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by
- CVE-2023-54304Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: firmware: meson_sm: fix to avoid potential NULL pointer dereference of_match_device() may fail and returns a NULL pointer. Fix this by checking the return value of of_match_device.
- CVE-2023-54303Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_perf_event_output The nesting protection in bpf_perf_event_output relies on disabled preemption, which is guaranteed for kprobes and tracepoints. However bpf_perf_event_output ca
- CVE-2023-54302Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdma_wait_event and irdma_check_cqp_progress while it can be updated in the completion thread irdma_sc_ccq_get_cq
- CVE-2023-54300Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx For the reasons also described in commit b383e8abed41 ("wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()"), ath9k_htc_rx_msg() should
- CVE-2023-54299Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: bus: verify partner exists in typec_altmode_attention Some usb hubs will negotiate DisplayPort Alt mode with the device but will then negotiate a data role swap after entering the alt mode. The data
- CVE-2023-54297Dec 30, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix memory leak after finding block group with super blocks At exclude_super_stripes(), if we happen to find a block group that has super blocks mapped to it and we are on a zoned filesystem, we e
Page 13 of 114