rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
Vulnerabilities (2,843)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53288 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm] | |
| CVE-2023-53286 | Hig | 7.8 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. W | |
| CVE-2023-53282 | Hig | 7.8 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-free read warning is logged from the lpfc_wr_object() routine: BUG: KFENCE: us | |
| CVE-2023-53281 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Commit 041879b12ddb ("drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle()") besides fixing the deadlock also modifi | |
| CVE-2023-53280 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up gets called for uninitialized wait queue sp->nvme_ls_waitq. qla2xxx [0000:3 | |
| CVE-2023-53277 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_workqueue in order to avoid NULL pointer dereference. | |
| CVE-2023-53276 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after t | |
| CVE-2023-53275 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is access | |
| CVE-2023-53273 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel() assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset | |
| CVE-2023-53272 | Hig | 7.1 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in b | |
| CVE-2023-53270 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggering a warning. generic_perform_write copied = iov_iter_copy_from_user_atomic(len | |
| CVE-2023-53268 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_mqs: move of_node_put() to the correct location of_node_put() should have been done directly after mqs_priv->regmap = syscon_node_to_regmap(gpr_np); otherwise it creates a reference leak on the succes | |
| CVE-2023-53265 | Hig | 7.1 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: slab-out-of-bounds in c | |
| CVE-2023-53259 | Hig | 7.1 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF The call to get_user_pages_fast() in vmci_host_setup_notify() can return NULL context->notify_page causing a GPF. To avoid GPF c | |
| CVE-2023-53255 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool() svc_create_memory_pool() is only called from stratix10_svc_drv_probe(). Most of resources in the probe are managed, but not thi | |
| CVE-2023-53254 | Hig | 7.1 | < 5.14.21-150400.24.194.1 | 5.14.21-150400.24.194.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels The cacheinfo sets up the shared_cpu_map by checking whether the caches with the same index are shared between CPUs. However, this will | |
| CVE-2023-53251 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler() rxq can be NULL only when trans_pcie->rxq is NULL and entry->entry is zero. For the case when entry->entry is not equal to 0, | |
| CVE-2023-53250 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 1373 Comm: modprob | |
| CVE-2023-53249 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe Use devm_of_iomap() instead of of_iomap() to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc() wil | |
| CVE-2023-53246 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL When compiled with CONFIG_CIFS_DFS_UPCALL disabled, cifs_dfs_d_automount is NULL. cifs.ko logic for mapping CIFS_FATTR_DFS_REFERRAL attributes to S_AU |
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm]
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. W
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-free read warning is logged from the lpfc_wr_object() routine: BUG: KFENCE: us
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Commit 041879b12ddb ("drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle()") besides fixing the deadlock also modifi
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up gets called for uninitialized wait queue sp->nvme_ls_waitq. qla2xxx [0000:3
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_workqueue in order to avoid NULL pointer dereference.
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after t
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is access
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel() assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in b
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggering a warning. generic_perform_write copied = iov_iter_copy_from_user_atomic(len
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_mqs: move of_node_put() to the correct location of_node_put() should have been done directly after mqs_priv->regmap = syscon_node_to_regmap(gpr_np); otherwise it creates a reference leak on the succes
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: slab-out-of-bounds in c
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF The call to get_user_pages_fast() in vmci_host_setup_notify() can return NULL context->notify_page causing a GPF. To avoid GPF c
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool() svc_create_memory_pool() is only called from stratix10_svc_drv_probe(). Most of resources in the probe are managed, but not thi
- affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1
In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Fix shared_cpu_map to handle shared caches at different levels The cacheinfo sets up the shared_cpu_map by checking whether the caches with the same index are shared between CPUs. However, this will
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler() rxq can be NULL only when trans_pcie->rxq is NULL and entry->entry is zero. For the case when entry->entry is not equal to 0,
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 1373 Comm: modprob
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe Use devm_of_iomap() instead of of_iomap() to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc() wil
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL When compiled with CONFIG_CIFS_DFS_UPCALL disabled, cifs_dfs_d_automount is NULL. cifs.ko logic for mapping CIFS_FATTR_DFS_REFERRAL attributes to S_AU
Page 37 of 143