rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53488 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the update counters work might be pending, and may run after memory has been freed. Cancel the update counters work be | |
| CVE-2023-53487 | Hig | 7.8 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas_flash: allow user copy to flash block cache objects With hardened usercopy enabled (CONFIG_HARDENED_USERCOPY=y), using the /proc/powerpc/rtas/firmware_update interface to prepare a system firmware | |
| CVE-2023-53485 | Hig | 7.8 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:1965:6 index -84 is out of range for type 's8[341]' | |
| CVE-2023-53482 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu: Fix error unwind in iommu_group_alloc() If either iommu_group_grate_file() fails then the iommu_group is leaked. Destroy it on these error paths. Found by kselftest/iommu/iommufd_fail_nth | |
| CVE-2023-53480 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: kobject: Add sanity check for kset->kobj.ktype in kset_register() When I register a kset in the following way: static struct kset my_kset; kobject_set_name(&my_kset.kobj, "my_kset"); ret = kset_regist | |
| CVE-2023-53476 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep | |
| CVE-2023-53475 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: [ 167.057718] BUG: sleeping function called from invalid context at include/linux/sched/ | |
| CVE-2023-53474 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bank_map Thee maximum number of MCA banks is 64 (MAX_NR_BANKS), see a0bc32b3cacf ("x86/mce: Increase maximum number of banks to 64"). However, the bank_map which contains a bitfi | |
| CVE-2023-53473 | Hig | 7.8 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4_dirhash() The ext4_dirhash() will *almost* never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, cas | |
| CVE-2023-53472 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm->hwpwm | |
| CVE-2023-53471 | Hig | 7.8 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras gfx9 cp_ecc_error_irq is only enabled when legacy gfx ras is assert. So in gfx_v9_0_hw_fini, interrupt disablement for cp_ecc_erro | |
| CVE-2023-53468 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in alloc_wbufs() kmemleak reported a sequence of memory leaks, and show them as following: unreferenced object 0xffff8881575f8400 (size 1024): comm "mount", pid 19625, jiffies 4297 | |
| CVE-2023-53466 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit Always purge mcu skb queues in mt7915_mcu_exit routine even if mt7915_firmware_state fails. | |
| CVE-2023-53465 | Hig | 7.1 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: soundwire: qcom: fix storing port config out-of-bounds The 'qcom_swrm_ctrl->pconfig' has size of QCOM_SDW_MAX_PORTS (14), however we index it starting from 1, not 0, to match real port numbers. This can lead to | |
| CVE-2023-53464 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad ("scsi: iscsi: iscsi_tcp: Fix null-ptr- | |
| CVE-2023-53463 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reset dql stats on NON_FATAL err All ibmvnic resets, make a call to netdev_tx_reset_queue() when re-opening the device. netdev_tx_reset_queue() resets the num_queued and num_completed byte count | |
| CVE-2023-53458 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and buffer_finish() When the driver calls cx23885_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a | |
| CVE-2023-53457 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Fix null-ptr-deref Read in txBegin Syzkaller reported an issue where txBegin may be called on a superblock in a read-only mounted filesystem which leads to NULL pointer deref. This could be solved b | |
| CVE-2023-53456 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that qla4xxx parses nlattrs: - qla4xxx_set_chap_entry() - qla4xxx_iface_set_param() - qla4xxx_sysfs_ddb_set_param() and each of | |
| CVE-2023-53454 | Hig | 7.8 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Oct 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would le |
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the update counters work might be pending, and may run after memory has been freed. Cancel the update counters work be
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas_flash: allow user copy to flash block cache objects With hardened usercopy enabled (CONFIG_HARDENED_USERCOPY=y), using the /proc/powerpc/rtas/firmware_update interface to prepare a system firmware
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:1965:6 index -84 is out of range for type 's8[341]'
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: iommu: Fix error unwind in iommu_group_alloc() If either iommu_group_grate_file() fails then the iommu_group is leaked. Destroy it on these error paths. Found by kselftest/iommu/iommufd_fail_nth
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: kobject: Add sanity check for kset->kobj.ktype in kset_register() When I register a kset in the following way: static struct kset my_kset; kobject_set_name(&my_kset.kobj, "my_kset"); ret = kset_regist
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: [ 167.057718] BUG: sleeping function called from invalid context at include/linux/sched/
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bank_map Thee maximum number of MCA banks is 64 (MAX_NR_BANKS), see a0bc32b3cacf ("x86/mce: Increase maximum number of banks to 64"). However, the bank_map which contains a bitfi
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4_dirhash() The ext4_dirhash() will *almost* never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, cas
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm->hwpwm
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras gfx9 cp_ecc_error_irq is only enabled when legacy gfx ras is assert. So in gfx_v9_0_hw_fini, interrupt disablement for cp_ecc_erro
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in alloc_wbufs() kmemleak reported a sequence of memory leaks, and show them as following: unreferenced object 0xffff8881575f8400 (size 1024): comm "mount", pid 19625, jiffies 4297
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit Always purge mcu skb queues in mt7915_mcu_exit routine even if mt7915_firmware_state fails.
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: soundwire: qcom: fix storing port config out-of-bounds The 'qcom_swrm_ctrl->pconfig' has size of QCOM_SDW_MAX_PORTS (14), however we index it starting from 1, not 0, to match real port numbers. This can lead to
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad ("scsi: iscsi: iscsi_tcp: Fix null-ptr-
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reset dql stats on NON_FATAL err All ibmvnic resets, make a call to netdev_tx_reset_queue() when re-opening the device. netdev_tx_reset_queue() resets the num_queued and num_completed byte count
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and buffer_finish() When the driver calls cx23885_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Fix null-ptr-deref Read in txBegin Syzkaller reported an issue where txBegin may be called on a superblock in a read-only mounted filesystem which leads to NULL pointer deref. This could be solved b
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that qla4xxx parses nlattrs: - qla4xxx_set_chap_entry() - qla4xxx_iface_set_param() - qla4xxx_sysfs_ddb_set_param() and each of
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would le
Page 33 of 236