rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.3
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
Vulnerabilities (3,027)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54083 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy th | ||
| CVE-2023-54079 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx: Fix poll_interval handling and races on remove Before this patch bq27xxx_battery_teardown() was setting poll_interval = 0 to avoid bq27xxx_battery_update() requeuing the delayed_work ite | ||
| CVE-2023-54078 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: max9286: Free control handler The control handler is leaked in some probe-time error paths, as well as in the remove path. Fix it. | ||
| CVE-2023-54076 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifs_smb_ses_inc_refcount() helper to get an active reference of @ses and @ses->dfs_root_ses (if set). This will prevent @ses->dfs_root_ses of being put in the n | ||
| CVE-2023-54072 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper l | ||
| CVE-2023-54064 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function ca | ||
| CVE-2023-54058 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Check if ffa_driver remove is present before executing Currently ffa_drv->remove() is called unconditionally from ffa_device_remove(). Since the driver registration doesn't check for it and a | ||
| CVE-2023-54055 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix memory leak of PBLE objects On rmmod of irdma, the PBLE object memory is not being freed. PBLE object memory are not statically pre-allocated at function initialization time unlike other HMC obj | ||
| CVE-2023-54053 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix possible NULL pointer dereference It is possible that iwl_pci_probe() will fail and free the trans, then afterwards iwl_pci_remove() will be called and crash by trying to access trans w | ||
| CVE-2023-54051 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: do not allow gso_size to be set to GSO_BY_FRAGS One missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again [1] Do not allow gso_size to be set to GSO_BY_FRAGS (0xffff), because thi | ||
| CVE-2023-54050 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memleak when insert_old_idx() failed Following process will cause a memleak for copied up znode: dirty_cow_znode zn = copy_znode(c, znode); err = insert_old_idx(c, zbr->lnum, zbr->offs); if (u | ||
| CVE-2023-54049 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. | ||
| CVE-2023-54048 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Driver should not be scheduling any more completion handlers for this QP, after the QP | ||
| CVE-2023-54046 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Handle EBUSY correctly As it is essiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller | ||
| CVE-2023-54045 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: audit: fix possible soft lockup in __audit_inode_child() Tracefs or debugfs maybe cause hundreds to thousands of PATH records, too many PATH records maybe cause soft lockup. For example: 1. CONFIG_KASAN=y && | ||
| CVE-2022-50782 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:202! invalid | ||
| CVE-2022-50781 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is capped at 2 but not checked for negative values so it results in an out of bound | ||
| CVE-2022-50779 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() When insert and remove the orangefs module, then debug_help_string will be leaked: unreferenced object 0xffff8881652ba000 (size 4096): com | ||
| CVE-2022-50777 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore. | ||
| CVE-2022-50776 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in st_of_quadfs_setup() If st_clk_register_quadfs_pll() fails, @lock should be freed before goto @err_exit, otherwise will cause meory leak issue, fix it. |
- CVE-2023-54083Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and use the port dev driver as the dev driver of usb-phy. When we try to destroy th
- CVE-2023-54079Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: power: supply: bq27xxx: Fix poll_interval handling and races on remove Before this patch bq27xxx_battery_teardown() was setting poll_interval = 0 to avoid bq27xxx_battery_update() requeuing the delayed_work ite
- CVE-2023-54078Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: media: max9286: Free control handler The control handler is leaked in some probe-time error paths, as well as in the remove path. Fix it.
- CVE-2023-54076Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifs_smb_ses_inc_refcount() helper to get an active reference of @ses and @ses->dfs_root_ses (if set). This will prevent @ses->dfs_root_ses of being put in the n
- CVE-2023-54072Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper l
- CVE-2023-54064Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function ca
- CVE-2023-54058Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Check if ffa_driver remove is present before executing Currently ffa_drv->remove() is called unconditionally from ffa_device_remove(). Since the driver registration doesn't check for it and a
- CVE-2023-54055Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix memory leak of PBLE objects On rmmod of irdma, the PBLE object memory is not being freed. PBLE object memory are not statically pre-allocated at function initialization time unlike other HMC obj
- CVE-2023-54053Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix possible NULL pointer dereference It is possible that iwl_pci_probe() will fail and free the trans, then afterwards iwl_pci_remove() will be called and crash by trying to access trans w
- CVE-2023-54051Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: net: do not allow gso_size to be set to GSO_BY_FRAGS One missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again [1] Do not allow gso_size to be set to GSO_BY_FRAGS (0xffff), because thi
- CVE-2023-54050Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memleak when insert_old_idx() failed Following process will cause a memleak for copied up znode: dirty_cow_znode zn = copy_znode(c, znode); err = insert_old_idx(c, zbr->lnum, zbr->offs); if (u
- CVE-2023-54049Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.
- CVE-2023-54048Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Driver should not be scheduling any more completion handlers for this QP, after the QP
- CVE-2023-54046Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Handle EBUSY correctly As it is essiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller
- CVE-2023-54045Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: audit: fix possible soft lockup in __audit_inode_child() Tracefs or debugfs maybe cause hundreds to thousands of PATH records, too many PATH records maybe cause soft lockup. For example: 1. CONFIG_KASAN=y &&
- CVE-2022-50782Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:202! invalid
- CVE-2022-50781Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is capped at 2 but not checked for negative values so it results in an out of bound
- CVE-2022-50779Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() When insert and remove the orangefs module, then debug_help_string will be leaked: unreferenced object 0xffff8881652ba000 (size 4096): com
- CVE-2022-50777Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore.
- CVE-2022-50776Dec 24, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in st_of_quadfs_setup() If st_clk_register_quadfs_pll() fails, @lock should be freed before goto @err_exit, otherwise will cause meory leak issue, fix it.
Page 10 of 152