suse/kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

Vulnerabilities (2,830)

• CVE-2023-53564Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di + ocfs2_split_extent //sub-

• CVE-2023-53560Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to hist_vars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables

• CVE-2023-53559Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may

• CVE-2023-53556Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: iavf: Fix use-after-free in free_netdev We do netif_napi_add() for all allocated q_vectors[], but potentially do netif_napi_del() for part of them, then kfree q_vectors and leave invalid pointers at dev->napi_l

• CVE-2023-53554Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user. If it's over IW_ENCODING_TOKEN_MAX (64) that could lead to memory corruption.

• CVE-2023-53553Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: avoid struct memcpy overrun warning A previous patch addressed the fortified memcpy warning for most builds, but I still see this one with gcc-9: In file included from include/linux/string.h:254,

• CVE-2023-53552Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free References to i915_requests may be trapped by userspace inside a sync_file or dmabuf (dma-resv) and held indefinitely across different pro

• CVE-2023-53551Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Add null pointer check in gserial_resume Consider a case where gserial_disconnect has already cleared gser->ioport. And if a wakeup interrupt triggers afterwards, gserial_resume gets call

• CVE-2023-53548Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb The syzbot fuzzer identified a problem in the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 754 at drivers/usb/core/

• CVE-2023-53542Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy For some reason, the driver adding support for Exynos5420 MIPI phy back in 2016 wasn't used on Exynos5420, which caused a kernel panic. Add the

• CVE-2023-53541Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on the oob source buffer at the las

• CVE-2023-53534Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference.

• CVE-2023-53533Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe rpi_firmware_get() take reference, we need to release it in error paths as well. Use devm_rpi_firmware_get() helper to handling the resources. Also remo

• CVE-2022-50485Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad in

• CVE-2022-50484Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, whe

• CVE-2022-50482Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there w

• CVE-2022-50480Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() The break of for_each_available_child_of_node() needs a corresponding of_node_put() when the reference 'child' is not used anymore. Here we do not n

• CVE-2022-50478Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() Patch series "nilfs2: fix UBSAN shift-out-of-bounds warnings on mount time". The first patch fixes a bug reported by syzbot, and the second on

• CVE-2022-50475Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ib_port" is valid when access sysfs node The "ib_port" structure must be set before adding the sysfs kobject, and reset after removing it, otherwise it may crash when accessing the sysfs n

• CVE-2022-50472Oct 4, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ib_query_pkey() in atomic context. WARNING: