rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Vulnerabilities (2,318)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53009 | — | < 5.14.21-150500.55.103.1.150500.6.49.1 | 5.14.21-150500.55.103.1.150500.6.49.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. Adding sync to wait for the in | ||
| CVE-2023-53008 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential memory leaks in session setup Make sure to free cifs_ses::auth_key.response before allocating it as we might end up leaking memory in reconnect or mounting. | ||
| CVE-2023-53007 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Make sure trace_printk() can output as soon as it can be used Currently trace_printk() can be used as soon as early_trace_init() is called from start_kernel(). But if a crash happens, and "ftrace_dump_ | ||
| CVE-2023-53006 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server->smbd_conn in reconnect In smbd_destroy(), clear the server->smbd_conn pointer after freeing the smbd_connection struct that it points to so that reconnection doesn't get | ||
| CVE-2023-53005 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: trace_events_hist: add check for return value of 'create_hist_field' Function 'create_hist_field' is called recursively at trace_events_hist.c:1954 and can return NULL-value that's why we have to check it to av | ||
| CVE-2023-53002 | — | < 5.14.21-150500.55.103.1.150500.6.49.1 | 5.14.21-150500.55.103.1.150500.6.49.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix a memory leak with reused mmap_offset drm_vma_node_allow() and drm_vma_node_revoke() should be called in balanced pairs. We call drm_vma_node_allow() once per-file everytime a user calls mmap_offs | ||
| CVE-2023-53000 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from __nla_validate_parse() or validate_nla() u16 type = nla_type(nla); if (type == 0 || type > maxtype) | ||
| CVE-2023-52994 | — | < 5.14.21-150500.55.103.1.150500.6.49.1 | 5.14.21-150500.55.103.1.150500.6.49.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: acpi: Fix suspend with Xen PV Commit f1e525009493 ("x86/boot: Skip realmode init code when running as Xen PV guest") missed one code path accessing real_mode_header, leading to dereferencing NULL when suspendin | ||
| CVE-2023-52993 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL Baoquan reported that after triggering a crash the subsequent crash-kernel fails to boot about half of the time. It triggers a NULL pointer dereference in th | ||
| CVE-2023-52992 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in send_signal_common() The following kernel panic can be triggered when a task with pid=1 attaches a prog that attempts to send killing signal to itself, also see [1] for more details | ||
| CVE-2023-52989 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region This patch is fix for Linux kernel v2.6.33 or later. For request subaction to IEC 61883-1 FCP region, Linux FireWire subsyst | ||
| CVE-2023-52988 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() snd_hda_get_connections() can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux | ||
| CVE-2023-52986 | — | < 5.14.21-150500.55.103.1.150500.6.49.1 | 5.14.21-150500.55.103.1.150500.6.49.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener A listening socket linked to a sockmap has its sk_prot overridden. It points to one of the struct proto variants in tcp_bpf_prots. The varian | ||
| CVE-2023-52984 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices The probe() function is only used for the DP83822 PHY, leaving the private data pointer uninitialized for the smaller DP83825/26 models. Whi | ||
| CVE-2023-52983 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bic_set_bfqq() After commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'"), bic->bfqq will be accessed in bic_set_bfqq(), however, in some context bic->bfqq will b | ||
| CVE-2023-52982 | — | < 5.14.21-150500.55.103.1.150500.6.49.1 | 5.14.21-150500.55.103.1.150500.6.49.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: fscache: Use wait_on_bit() to wait for the freeing of relinquished volume The freeing of relinquished volume will wake up the pending volume acquisition by using wake_up_bit(), however it is mismatched with wai | ||
| CVE-2023-52981 | — | < 5.14.21-150500.55.103.1.150500.6.49.1 | 5.14.21-150500.55.103.1.150500.6.49.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix request ref counting during error capture & debugfs dump When GuC support was added to error capture, the reference counting around the request object was broken. Fix it up. The context based sea | ||
| CVE-2023-52976 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: efi: fix potential NULL deref in efi_mem_reserve_persistent When iterating on a linked list, a result of memremap is dereferenced without checking it for NULL. This patch adds a check that falls back on alloca | ||
| CVE-2023-52974 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress If during iscsi_sw_tcp_session_create() iscsi_tcp_r2tpool_alloc() fails, userspace could be accessing the host's ipaddress attr. If we th | ||
| CVE-2023-52973 | — | < 5.14.21-150500.55.100.1.150500.6.47.1 | 5.14.21-150500.55.100.1.150500.6.47.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF After a call to console_unlock() in vcs_read() the vc_data struct can be freed by vc_deallocate(). Because of that, the struct vc_data p |
- CVE-2023-53009Mar 27, 2025affected < 5.14.21-150500.55.103.1.150500.6.49.1fixed 5.14.21-150500.55.103.1.150500.6.49.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. Adding sync to wait for the in
- CVE-2023-53008Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential memory leaks in session setup Make sure to free cifs_ses::auth_key.response before allocating it as we might end up leaking memory in reconnect or mounting.
- CVE-2023-53007Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Make sure trace_printk() can output as soon as it can be used Currently trace_printk() can be used as soon as early_trace_init() is called from start_kernel(). But if a crash happens, and "ftrace_dump_
- CVE-2023-53006Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server->smbd_conn in reconnect In smbd_destroy(), clear the server->smbd_conn pointer after freeing the smbd_connection struct that it points to so that reconnection doesn't get
- CVE-2023-53005Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: trace_events_hist: add check for return value of 'create_hist_field' Function 'create_hist_field' is called recursively at trace_events_hist.c:1954 and can return NULL-value that's why we have to check it to av
- CVE-2023-53002Mar 27, 2025affected < 5.14.21-150500.55.103.1.150500.6.49.1fixed 5.14.21-150500.55.103.1.150500.6.49.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix a memory leak with reused mmap_offset drm_vma_node_allow() and drm_vma_node_revoke() should be called in balanced pairs. We call drm_vma_node_allow() once per-file everytime a user calls mmap_offs
- CVE-2023-53000Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from __nla_validate_parse() or validate_nla() u16 type = nla_type(nla); if (type == 0 || type > maxtype)
- CVE-2023-52994Mar 27, 2025affected < 5.14.21-150500.55.103.1.150500.6.49.1fixed 5.14.21-150500.55.103.1.150500.6.49.1
In the Linux kernel, the following vulnerability has been resolved: acpi: Fix suspend with Xen PV Commit f1e525009493 ("x86/boot: Skip realmode init code when running as Xen PV guest") missed one code path accessing real_mode_header, leading to dereferencing NULL when suspendin
- CVE-2023-52993Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL Baoquan reported that after triggering a crash the subsequent crash-kernel fails to boot about half of the time. It triggers a NULL pointer dereference in th
- CVE-2023-52992Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in send_signal_common() The following kernel panic can be triggered when a task with pid=1 attaches a prog that attempts to send killing signal to itself, also see [1] for more details
- CVE-2023-52989Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region This patch is fix for Linux kernel v2.6.33 or later. For request subaction to IEC 61883-1 FCP region, Linux FireWire subsyst
- CVE-2023-52988Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() snd_hda_get_connections() can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux
- CVE-2023-52986Mar 27, 2025affected < 5.14.21-150500.55.103.1.150500.6.49.1fixed 5.14.21-150500.55.103.1.150500.6.49.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener A listening socket linked to a sockmap has its sk_prot overridden. It points to one of the struct proto variants in tcp_bpf_prots. The varian
- CVE-2023-52984Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices The probe() function is only used for the DP83822 PHY, leaving the private data pointer uninitialized for the smaller DP83825/26 models. Whi
- CVE-2023-52983Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bic_set_bfqq() After commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'"), bic->bfqq will be accessed in bic_set_bfqq(), however, in some context bic->bfqq will b
- CVE-2023-52982Mar 27, 2025affected < 5.14.21-150500.55.103.1.150500.6.49.1fixed 5.14.21-150500.55.103.1.150500.6.49.1
In the Linux kernel, the following vulnerability has been resolved: fscache: Use wait_on_bit() to wait for the freeing of relinquished volume The freeing of relinquished volume will wake up the pending volume acquisition by using wake_up_bit(), however it is mismatched with wai
- CVE-2023-52981Mar 27, 2025affected < 5.14.21-150500.55.103.1.150500.6.49.1fixed 5.14.21-150500.55.103.1.150500.6.49.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix request ref counting during error capture & debugfs dump When GuC support was added to error capture, the reference counting around the request object was broken. Fix it up. The context based sea
- CVE-2023-52976Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: efi: fix potential NULL deref in efi_mem_reserve_persistent When iterating on a linked list, a result of memremap is dereferenced without checking it for NULL. This patch adds a check that falls back on alloca
- CVE-2023-52974Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress If during iscsi_sw_tcp_session_create() iscsi_tcp_r2tpool_alloc() fails, userspace could be accessing the host's ipaddress attr. If we th
- CVE-2023-52973Mar 27, 2025affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1
In the Linux kernel, the following vulnerability has been resolved: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF After a call to console_unlock() in vcs_read() the vc_data struct can be freed by vc_deallocate(). Because of that, the struct vc_data p
Page 74 of 116