rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,617)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53276 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after t | ||
| CVE-2023-53275 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is access | ||
| CVE-2023-53273 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel() assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset | ||
| CVE-2023-53272 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in b | ||
| CVE-2023-53270 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggering a warning. generic_perform_write copied = iov_iter_copy_from_user_atomic(len | ||
| CVE-2023-53268 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_mqs: move of_node_put() to the correct location of_node_put() should have been done directly after mqs_priv->regmap = syscon_node_to_regmap(gpr_np); otherwise it creates a reference leak on the succes | ||
| CVE-2023-53265 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: slab-out-of-bounds in c | ||
| CVE-2023-53263 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create We can't simply free the connector after calling drm_connector_init on it. We need to clean up the drm side first. It might no | ||
| CVE-2022-50334 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range [0x0000000000000 | ||
| CVE-2022-50333 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor. | ||
| CVE-2022-50331 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name( | ||
| CVE-2022-50330 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect | ||
| CVE-2022-50329 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will access 'bic->bfqq' in bic_set_bfqq(), however, bfq_exit_icq_bfqq() can free bfqq first | ||
| CVE-2022-50328 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential use-after-free in jbd2_fc_wait_bufs In 'jbd2_fc_wait_bufs' use 'bh' after put buffer head reference count which may lead to use-after-free. So judge buffer if uptodate before put buffer head | ||
| CVE-2022-50327 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subje | ||
| CVE-2022-50325 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGE_CONFIG_GET, memcpy_fromio() could end up copying too many bytes. Fix by utilizing min_t(). | ||
| CVE-2022-50324 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: maps: pxa2xx-flash: fix memory leak in probe Free 'info' upon remapping error to avoid a memory leak. [<miquel.raynal@bootlin.com>: Reword the commit log] | ||
| CVE-2022-50323 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: do not sense pfmemalloc status in skb_append_pagefrags() skb_append_pagefrags() is used by af_unix and udp sendpage() implementation so far. In commit 326140063946 ("tcp: TX zerocopy should not sense pfme | ||
| CVE-2022-50321 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit() The brcmf_netdev_start_xmit() returns NETDEV_TX_OK without freeing skb in case of pskb_expand_head() fails, add dev_kfree_skb() to fix it. | ||
| CVE-2022-50320 | — | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address On a Packard Bell Dot SC (Intel Atom N2600 model) there is a FPDT table which contains invalid physical addresses, with high bits set |
- CVE-2023-53276Sep 16, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after t
- CVE-2023-53275Sep 16, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is access
- CVE-2023-53273Sep 16, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel() assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset
- CVE-2023-53272Sep 16, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in b
- CVE-2023-53270Sep 16, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggering a warning. generic_perform_write copied = iov_iter_copy_from_user_atomic(len
- CVE-2023-53268Sep 16, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_mqs: move of_node_put() to the correct location of_node_put() should have been done directly after mqs_priv->regmap = syscon_node_to_regmap(gpr_np); otherwise it creates a reference leak on the succes
- CVE-2023-53265Sep 16, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: slab-out-of-bounds in c
- CVE-2023-53263Sep 16, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create We can't simply free the connector after calling drm_connector_init on it. We need to clean up the drm side first. It might no
- CVE-2022-50334Sep 15, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range [0x0000000000000
- CVE-2022-50333Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor.
- CVE-2022-50331Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name(
- CVE-2022-50330Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect
- CVE-2022-50329Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will access 'bic->bfqq' in bic_set_bfqq(), however, bfq_exit_icq_bfqq() can free bfqq first
- CVE-2022-50328Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential use-after-free in jbd2_fc_wait_bufs In 'jbd2_fc_wait_bufs' use 'bh' after put buffer head reference count which may lead to use-after-free. So judge buffer if uptodate before put buffer head
- CVE-2022-50327Sep 15, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subje
- CVE-2022-50325Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGE_CONFIG_GET, memcpy_fromio() could end up copying too many bytes. Fix by utilizing min_t().
- CVE-2022-50324Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: mtd: maps: pxa2xx-flash: fix memory leak in probe Free 'info' upon remapping error to avoid a memory leak. [<miquel.raynal@bootlin.com>: Reword the commit log]
- CVE-2022-50323Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: net: do not sense pfmemalloc status in skb_append_pagefrags() skb_append_pagefrags() is used by af_unix and udp sendpage() implementation so far. In commit 326140063946 ("tcp: TX zerocopy should not sense pfme
- CVE-2022-50321Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit() The brcmf_netdev_start_xmit() returns NETDEV_TX_OK without freeing skb in case of pskb_expand_head() fails, add dev_kfree_skb() to fix it.
- CVE-2022-50320Sep 15, 2025affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address On a Packard Bell Dot SC (Intel Atom N2600 model) there is a FPDT table which contains invalid physical addresses, with high bits set
Page 43 of 231