suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5

Vulnerabilities (4,701)

• CVE-2023-54262Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5e_clone_flow_attr_for_post_act(). Creating another copy in mlx5e_tc_post_act_add() is a erron

• CVE-2023-54260Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbd_destroy() will directly return, then the connection info will be leake

• CVE-2023-54254Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on eviction error On eviction errors other than -EMULTIHOP we were leaking a resource. Fix. v2: - Avoid yet another goto (Andi Shyti)

• CVE-2023-54252Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI strings My previous commit introduced a memory leak where the item allocated from tlmi_setting was not freed. This commit also renames it

• CVE-2023-54251Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX. syzkaller found zero division error [0] in div_s64_rem() called from get_cycle_time_elapsed(), where sched->cycle_time is the divisor. We h

• CVE-2023-54245Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller we get below Out of Bound. "KASAN: slab-out-of-bounds Read in regcache_flat_read" Below is the backtrace of the issue:

• CVE-2023-54244Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callbac

• CVE-2023-54243Dec 30, 2025
  affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix table blob use-after-free We are not allowed to return an error at this point. Looking at the code it looks like ret is always 0 at this point, but its not. t = find_table_lock(net, re

• CVE-2023-54242Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by zero error. Fix this by continuing to the next level. This was discovered by runn

• CVE-2023-54238Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napi_consume nor by dev_kfree_skb_any. Add call to napi_consume_skb to pro

• CVE-2023-54236Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: net/net_failover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned fr

• CVE-2023-54234Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization Commit c1af985d27da ("scsi: mpi3mr: Add Event acknowledgment logic") introduced an array mrioc->evtack_cmds but initialization of the array elements w

• CVE-2023-54230Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_node, but not releases it in amba_device_release, so there is refcount leak. By us

• CVE-2023-54229Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel will fail to register:

• CVE-2023-54226Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown. KCSAN found a data race around sk->sk_shutdown where unix_release_sock() and unix_shutdown() update it under unix_state_lock(), OTOH unix_poll() and unix_dgram_po

• CVE-2023-54219Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert connection") is causing problems on OPA when DEVICE_REMOVAL is happening. ---------

• CVE-2023-54214Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling alloc_skb which may release the chan lock and reacquire later which makes it possible that

• CVE-2023-54213Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the sisusbvga driver: ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 1 PID

• CVE-2023-54211Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: tracing: Fix warning in trace_buffered_event_disable() Warning happened in trace_buffered_event_disable() at WARN_ON_ONCE(!trace_buffered_event_ref) Call Trace: ? __warn+0xa5/0x1b0 ? trace_buffered_e

• CVE-2023-54210Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor() KASAN reports that there's a use-after-free in hci_remove_adv_monitor(). Trawling through the disassembly, you can see that the comp