rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.3
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
Vulnerabilities (3,027)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50668 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4_xattr_block_set() where we constantly keep finding xattr block for reuse in mbca | ||
| CVE-2022-50666 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siw | ||
| CVE-2022-50664 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: fix leak of memory fw | ||
| CVE-2022-50662 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: fix memory leak in hns_roce_alloc_mr() When hns_roce_mr_enable() failed in hns_roce_alloc_mr(), mr_key is not released. Compiled test only. | ||
| CVE-2022-50661 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. Our syzbot instance reported memory leaks in do_seccomp() [0], similar to the report [1]. It shows that we miss freeing struct seccomp_filter and some objects i | ||
| CVE-2022-50660 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fix memory leak in ipw_wdev_init() In the error path of ipw_wdev_init(), exception value is returned, and the memory applied for in the function is not released. Also the memory is not released i | ||
| CVE-2022-50658 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in the error path because we never free the speedbin buffer. This commit fixes the e | ||
| CVE-2023-53819 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offset_in_bo of drm_amdgpu_gem_va This is motivated by OOB access in amdgpu_vm_update_range when offset_in_bo+map_size overflows. v2: keep the validations in amdgpu_vm_bo_map v3: add the valid | ||
| CVE-2023-53818 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: zynq: Fix refcount leak in zynq_early_slcr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on error path. Add missing of_node_put() to avoid ref | ||
| CVE-2023-53814 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with .end = zero On r8a7791/koelsch: kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) # cat /sys/kernel/debug/kmemleak unreferenced objec | ||
| CVE-2023-53811 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to num_online_cpus() + 1 and the kernel warning stack below is shown if that number is exceeded. The | ||
| CVE-2023-53808 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix memory leak in mwifiex_histogram_read() Always free the zeroed page on return from 'mwifiex_histogram_read()'. | ||
| CVE-2023-53804 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach_log_writer(). However, | ||
| CVE-2023-53803 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() A fix for: BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses] Read of size 1 at addr ffff88a1b043a451 by task syste | ||
| CVE-2023-53802 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function It is stated that ath9k_htc_rx_msg() either frees the provided skb or passes its management to another callback function. Ho | ||
| CVE-2023-53794 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2_reconnect_server(), because it will be released soon. Note that the exiting session will stay in s | ||
| CVE-2023-53792 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_ctrl_secret Free dhchap_secret in nvme_ctrl_dhchap_ctrl_secret_store() before we return when nvme_auth_generate_key() returns error. | ||
| CVE-2023-53788 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A). static int tuning_ctl_set(...) { for (i = 0; i < T | ||
| CVE-2023-53786 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --table \ "0 `blockdev --getsize /dev/ram0` flakey /dev/ram0 0 0 1 2 corrupt_bio_by | ||
| CVE-2023-53783 | — | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calc_lcoefs() echo max of u64 to cost.model can cause divide by 0 error. # echo 8:0 rbps=18446744073709551615 > /sys/fs/cgroup/io.cost.model divide error: 0000 [#1] PR |
- CVE-2022-50668Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4_xattr_block_set() where we constantly keep finding xattr block for reuse in mbca
- CVE-2022-50666Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siw
- CVE-2022-50664Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: fix leak of memory fw
- CVE-2022-50662Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: fix memory leak in hns_roce_alloc_mr() When hns_roce_mr_enable() failed in hns_roce_alloc_mr(), mr_key is not released. Compiled test only.
- CVE-2022-50661Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. Our syzbot instance reported memory leaks in do_seccomp() [0], similar to the report [1]. It shows that we miss freeing struct seccomp_filter and some objects i
- CVE-2022-50660Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fix memory leak in ipw_wdev_init() In the error path of ipw_wdev_init(), exception value is returned, and the memory applied for in the function is not released. Also the memory is not released i
- CVE-2022-50658Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in the error path because we never free the speedbin buffer. This commit fixes the e
- CVE-2023-53819Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offset_in_bo of drm_amdgpu_gem_va This is motivated by OOB access in amdgpu_vm_update_range when offset_in_bo+map_size overflows. v2: keep the validations in amdgpu_vm_bo_map v3: add the valid
- CVE-2023-53818Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: ARM: zynq: Fix refcount leak in zynq_early_slcr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on error path. Add missing of_node_put() to avoid ref
- CVE-2023-53814Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with .end = zero On r8a7791/koelsch: kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) # cat /sys/kernel/debug/kmemleak unreferenced objec
- CVE-2023-53811Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to num_online_cpus() + 1 and the kernel warning stack below is shown if that number is exceeded. The
- CVE-2023-53808Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix memory leak in mwifiex_histogram_read() Always free the zeroed page on return from 'mwifiex_histogram_read()'.
- CVE-2023-53804Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach_log_writer(). However,
- CVE-2023-53803Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() A fix for: BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses] Read of size 1 at addr ffff88a1b043a451 by task syste
- CVE-2023-53802Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function It is stated that ath9k_htc_rx_msg() either frees the provided skb or passes its management to another callback function. Ho
- CVE-2023-53794Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2_reconnect_server(), because it will be released soon. Note that the exiting session will stay in s
- CVE-2023-53792Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_ctrl_secret Free dhchap_secret in nvme_ctrl_dhchap_ctrl_secret_store() before we return when nvme_auth_generate_key() returns error.
- CVE-2023-53788Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A). static int tuning_ctl_set(...) { for (i = 0; i < T
- CVE-2023-53786Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --table \ "0 `blockdev --getsize /dev/ram0` flakey /dev/ram0 0 0 1 2 corrupt_bio_by
- CVE-2023-53783Dec 9, 2025affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calc_lcoefs() echo max of u64 to cost.model can cause divide by 0 error. # echo 8:0 rbps=18446744073709551615 > /sys/fs/cgroup/io.cost.model divide error: 0000 [#1] PR
Page 16 of 152