rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6
Vulnerabilities (421)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53865 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix warning when putting transaction with qgroups enabled after abort If we have a transaction abort with qgroups enabled we get a warning triggered when doing the final put on the transaction, like this | ||
| CVE-2023-53864 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/mxsfb: Disable overlay plane in mxsfb_plane_overlay_atomic_disable() When disabling overlay plane in mxsfb_plane_overlay_atomic_update(), overlay plane's framebuffer pointer is NULL. So, dereferencing it w | ||
| CVE-2023-53863 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address [1] Replace ETH_ALEN by dev->addr_len. [1] (Case of a device where dev->addr | ||
| CVE-2023-53861 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will access memory of grp and will trigger kernel crash if grp is NULL. So do NULL check before corruption check. | ||
| CVE-2023-53860 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm: don't attempt to queue IO under RCU protection dm looks up the table for IO based on the request type, with an assumption that if the request is marked REQ_NOWAIT, it's fine to attempt to submit that IO whi | ||
| CVE-2023-53858 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed. | ||
| CVE-2023-53857 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_sk_storage: Fix invalid wait context lockdep report './test_progs -t test_local_storage' reported a splat: [ 27.137569] ============================= [ 27.138122] [ BUG: Invalid wait context ] [ | ||
| CVE-2023-53856 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call of_changeset_init() early When of_overlay_fdt_apply() fails, the changeset may be partially applied, and the caller is still expected to call of_overlay_remove() to clean up this partial state | ||
| CVE-2023-53855 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove When the tagging protocol in current use is "ocelot-8021q" and we unbind the driver, we see this splat: $ echo '0000:00:00.2 | ||
| CVE-2023-53852 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_secret_store Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 (size 64): comm "chec | ||
| CVE-2023-53851 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Drop aux devices together with DP controller Using devres to depopulate the aux bus made sure that upon a probe deferral the EDP panel device would be destroyed and recreated upon next attempt. But | ||
| CVE-2023-53850 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavf_reset_task() is running, __LINK_STATE_START will be cleared and netif_running() will return false in iavf_reinit_ | ||
| CVE-2023-53848 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") introduce a new problem: // caller hold reconfig_mutex r5l_exit_log flush_work(&lo | ||
| CVE-2023-53847 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alauda_tran | ||
| CVE-2023-53846 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncate_dnode() syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fs_truncate_data_blocks_range+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at a | ||
| CVE-2023-53844 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on swapout move error If moving the bo to system for swapout failed, we were leaking a resource. Fix. | ||
| CVE-2023-53843 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) refactored the handling of pre-assigned ifindexes and let syzbot surface a latent p | ||
| CVE-2023-53842 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove The MBHC resources must be released on component probe failure and removal so can not be tied to the lifetime of the component device. This is | ||
| CVE-2023-53841 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: devlink: report devlink_port_type_warn source device devlink_port_type_warn is scheduled for port devlink and warning when the port type is not set. But from this warning it is not easy found out which device ( | ||
| CVE-2023-53839 | — | < 6.4.0-150600.23.84.1.150600.12.38.1 | 6.4.0-150600.23.84.1.150600.12.38.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp->dccps_mss_cache dccp_sendmsg() reads dp->dccps_mss_cache before locking the socket. Same thing in do_dccp_getsockopt(). Add READ_ONCE()/WRITE_ONCE() annotations, and change dccp_ |
- CVE-2023-53865Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix warning when putting transaction with qgroups enabled after abort If we have a transaction abort with qgroups enabled we get a warning triggered when doing the final put on the transaction, like this
- CVE-2023-53864Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: drm/mxsfb: Disable overlay plane in mxsfb_plane_overlay_atomic_disable() When disabling overlay plane in mxsfb_plane_overlay_atomic_update(), overlay plane's framebuffer pointer is NULL. So, dereferencing it w
- CVE-2023-53863Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address [1] Replace ETH_ALEN by dev->addr_len. [1] (Case of a device where dev->addr
- CVE-2023-53861Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will access memory of grp and will trigger kernel crash if grp is NULL. So do NULL check before corruption check.
- CVE-2023-53860Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: dm: don't attempt to queue IO under RCU protection dm looks up the table for IO based on the request type, with an assumption that if the request is marked REQ_NOWAIT, it's fine to attempt to submit that IO whi
- CVE-2023-53858Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed.
- CVE-2023-53857Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_sk_storage: Fix invalid wait context lockdep report './test_progs -t test_local_storage' reported a splat: [ 27.137569] ============================= [ 27.138122] [ BUG: Invalid wait context ] [
- CVE-2023-53856Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call of_changeset_init() early When of_overlay_fdt_apply() fails, the changeset may be partially applied, and the caller is still expected to call of_overlay_remove() to clean up this partial state
- CVE-2023-53855Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove When the tagging protocol in current use is "ocelot-8021q" and we unbind the driver, we see this splat: $ echo '0000:00:00.2
- CVE-2023-53852Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_secret_store Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 (size 64): comm "chec
- CVE-2023-53851Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Drop aux devices together with DP controller Using devres to depopulate the aux bus made sure that upon a probe deferral the EDP panel device would be destroyed and recreated upon next attempt. But
- CVE-2023-53850Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavf_reset_task() is running, __LINK_STATE_START will be cleared and netif_running() will return false in iavf_reinit_
- CVE-2023-53848Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") introduce a new problem: // caller hold reconfig_mutex r5l_exit_log flush_work(&lo
- CVE-2023-53847Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alauda_tran
- CVE-2023-53846Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncate_dnode() syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fs_truncate_data_blocks_range+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at a
- CVE-2023-53844Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on swapout move error If moving the bo to system for swapout failed, we were leaking a resource. Fix.
- CVE-2023-53843Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) refactored the handling of pre-assigned ifindexes and let syzbot surface a latent p
- CVE-2023-53842Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove The MBHC resources must be released on component probe failure and removal so can not be tied to the lifetime of the component device. This is
- CVE-2023-53841Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: devlink: report devlink_port_type_warn source device devlink_port_type_warn is scheduled for port devlink and warning when the port type is not set. But from this warning it is not easy found out which device (
- CVE-2023-53839Dec 9, 2025affected < 6.4.0-150600.23.84.1.150600.12.38.1fixed 6.4.0-150600.23.84.1.150600.12.38.1
In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp->dccps_mss_cache dccp_sendmsg() reads dp->dccps_mss_cache before locking the socket. Same thing in do_dccp_getsockopt(). Add READ_ONCE()/WRITE_ONCE() annotations, and change dccp_
Page 15 of 22