VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server 15 SP5-LTSS

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS

Vulnerabilities (2,310)

  • CVE-2023-54120Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidp_session_thread There is a potential race condition in hidp_session_thread that may lead to use-after-free. For instance, the timer is active while hidp_del_timer is called

  • CVE-2023-54119Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: inotify: Avoid reporting event with invalid wd When inotify_freeing_mark() races with inotify_handle_inode_event() it can happen that inotify_handle_inode_event() sees that i_mark->wd got already reset to -1 an

  • CVE-2023-54118Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the G

  • CVE-2023-54116Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-generic: prohibit potential out-of-bounds access The fbdev test of IGT may write after EOF, which lead to out-of-bound access for drm drivers with fbdev-generic. For example, run fbdev test on a x86+a

  • CVE-2023-54115Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() When nonstatic_release_resource_db() frees all resources associated with an PCMCIA socket, it forgets to free socket_data too, causing

  • CVE-2023-54114Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() As the call trace shows, skb_panic was caused by wrong skb->mac_header in nsh_gso_segment(): invalid opcode: 0000 [#1] PREEMPT SMP KASAN

  • CVE-2023-54111Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups of_find_node_by_phandle() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add m

  • CVE-2023-54110Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: usb: rndis_host: Secure rndis_query check against int overflow Variables off and len typed as uint32 in rndis_query function are controlled by incoming RNDIS response message thus their value may be manipulated

  • CVE-2023-54108Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error [device addres

  • CVE-2023-54107Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: dropping parent refcount after pd_free_fn() is done Some cgroup policies will access parent pd through child pd even after pd_offline_fn() is done. If pd_free_fn() for parent is called before child,

  • CVE-2023-54106Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the error path of mlx5e_init_rep_rx, which can lead to a memory leak. Fix by freeing th

  • CVE-2023-54104Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied in 'fun->mchip_number' which is used to access the 'mchip_offsets' and the 'rnb_gpio' arrays. These arrays have NAND_MAX_CHIPS el

  • CVE-2023-54102Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copy_from_user() for a debugfs entry. Currently, it is possib

  • CVE-2023-54100Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qedi_remove() In qedi_probe() we call __qedi_probe() which initializes &qedi->recovery_work with qedi_recovery_handler() and &qedi->board_disable_work with qedi_board_disab

  • CVE-2023-54098Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix gvt debugfs destroy When gvt debug fs is destroyed, need to have a sane check if drm minor's debugfs root is still available or not, otherwise in case like device remove through unbinding, drm

  • CVE-2023-54097Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: regulator: stm32-pwr: fix of_iomap leak Smatch reports: drivers/regulator/stm32-pwr.c:166 stm32_pwr_regulator_probe() warn: 'base' from of_iomap() not released on lines: 151,166. In stm32_pwr_regulator_probe()

  • CVE-2023-54096Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for soundwire device to become enumerated on the bus and initialised by their drivers, res

  • CVE-2023-54095Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses fail_iommu_setup() registers the fail_iommu_bus_notifier struct to both PCI and VIO buses. struct notifier_block is a linked list node, so this ca

  • CVE-2023-54092Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390_replace_asce(), the index of the new ASCE should als

  • CVE-2023-54091Dec 24, 2025
    affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

    In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected

Page 10 of 116