VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15 SP7

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7

Vulnerabilities (2,262)

  • CVE-2023-53999Dec 24, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix internal port memory leak The flow rule can be splited, and the extra post_act rules are added to post_act table. It's possible to trigger memleak when the rule forwards packets from internal

  • CVE-2023-53998Dec 24, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on data_avail and actual data The virtio rng device kicks off a new entropy request whenever the data available reaches zero. When a new request occurs at the end of a read operation,

  • CVE-2023-53997Dec 24, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: thermal: of: fix double-free on unregistration Since commit 3d439b1a2ad3 ("thermal/core: Alloc-copy-free the thermal zone parameters structure"), thermal_zone_device_register() allocates a copy of the tzp argum

  • CVE-2023-53996Dec 24, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make enc_dec_hypercall() accept a size instead of npages enc_dec_hypercall() accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused p

  • CVE-2023-53995Dec 24, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bond0 to become free. Usage count = 2 It can be repoduced via: ip link add bond0

  • CVE-2023-53994Dec 24, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: ionic: remove WARN_ON to prevent panic_on_warn Remove unnecessary early code development check and the WARN_ON that it uses. The irq alloc and free paths have long been cleaned up and this check shouldn't have

  • CVE-2023-53992Dec 24, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a simple check.

  • CVE-2023-53989Dec 24, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: mm: fix VA-range sanity check Both create_mapping_noalloc() and update_mapping_prot() sanity-check their 'virt' parameter, but the check itself doesn't make much sense. The condition used today appears t

  • CVE-2025-68725Dec 24, 2025
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skb_warn_bad_offload() from netif_skb_features() -> gso_features_check(). When

  • CVE-2025-68365Dec 24, 2025
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfs_read_hdr (3) - KMSAN: uninit-value in bcmp (3) Memory is allocated by __ge

  • CVE-2025-68351Dec 24, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix refcount leak in exfat_find Fix refcount leaks in `exfat_find` related to `exfat_get_dentry_set`. Function `exfat_get_dentry_set` would increase the reference counter of `es->bh` on success. Therefo

  • CVE-2025-68339Dec 23, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200e_open() Protect access to fore200e->available_cell_rate with rate_mtx lock in the error handling path of fore200e_open() to prevent a data race. The field fore20

  • CVE-2025-68340Dec 23, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of team_port_add Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device header_ops. In the case of the s

  • CVE-2025-68337Dec 22, 2025
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted There's issue when file system corrupted: ------------[ cut here ]------------ kernel BUG at fs/jbd2/transaction.c:1289! Oops: i

  • CVE-2025-68335Dec 22, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() Syzbot identified an issue [1] in pcl818_ai_cancel(), which stems from the fact that in case of early device detach via pcl818_detach(), subdevice dev->r

  • CVE-2025-68332Dec 22, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: comedi: c6xdigio: Fix invalid PNP driver unregistration The Comedi low-level driver "c6xdigio" seems to be for a parallel port connected device. When the Comedi core calls the driver's Comedi "attach" handler

  • CVE-2025-68331Dec 22, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cau

  • CVE-2025-68330Dec 22, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: iio: accel: bmc150: Fix irq assumption regression The code in bmc150-accel-core.c unconditionally calls bmc150_accel_set_interrupt() in the iio_buffer_setup_ops, such as on the runtime PM resume path giving a k

  • CVE-2025-68328Dec 22, 2025
    affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controller data Fix the incorrect usage of platform_set_drvdata and dev_set_drvdata. They both are of the same data and overrides each other. This resulted in the rmmo

  • CVE-2025-68327Dec 22, 2025
    affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1

    In the Linux kernel, the following vulnerability has been resolved: usb: renesas_usbhs: Fix synchronous external abort on unbind A synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is executed after the configuration sequence described above: modprobe usb_f

Page 22 of 114