suse/kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

Vulnerabilities (2,318)

• CVE-2023-53476Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep

• CVE-2023-53475Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: [ 167.057718] BUG: sleeping function called from invalid context at include/linux/sched/

• CVE-2023-53474Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bank_map Thee maximum number of MCA banks is 64 (MAX_NR_BANKS), see a0bc32b3cacf ("x86/mce: Increase maximum number of banks to 64"). However, the bank_map which contains a bitfi

• CVE-2023-53473Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4_dirhash() The ext4_dirhash() will *almost* never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, cas

• CVE-2023-53472Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm->hwpwm

• CVE-2023-53471Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras gfx9 cp_ecc_error_irq is only enabled when legacy gfx ras is assert. So in gfx_v9_0_hw_fini, interrupt disablement for cp_ecc_erro

• CVE-2023-53468Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in alloc_wbufs() kmemleak reported a sequence of memory leaks, and show them as following: unreferenced object 0xffff8881575f8400 (size 1024): comm "mount", pid 19625, jiffies 4297

• CVE-2023-53466Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit Always purge mcu skb queues in mt7915_mcu_exit routine even if mt7915_firmware_state fails.

• CVE-2023-53465Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: soundwire: qcom: fix storing port config out-of-bounds The 'qcom_swrm_ctrl->pconfig' has size of QCOM_SDW_MAX_PORTS (14), however we index it starting from 1, not 0, to match real port numbers. This can lead to

• CVE-2023-53464Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad ("scsi: iscsi: iscsi_tcp: Fix null-ptr-

• CVE-2023-53463Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reset dql stats on NON_FATAL err All ibmvnic resets, make a call to netdev_tx_reset_queue() when re-opening the device. netdev_tx_reset_queue() resets the num_queued and num_completed byte count

• CVE-2023-53458Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and buffer_finish() When the driver calls cx23885_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulting in a

• CVE-2023-53457Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Fix null-ptr-deref Read in txBegin Syzkaller reported an issue where txBegin may be called on a superblock in a read-only mounted filesystem which leads to NULL pointer deref. This could be solved b

• CVE-2023-53456Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that qla4xxx parses nlattrs: - qla4xxx_set_chap_entry() - qla4xxx_iface_set_param() - qla4xxx_sysfs_ddb_set_param() and each of

• CVE-2023-53454Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would le

• CVE-2023-53453Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: drm/radeon: free iio for atombios when driver shutdown Fix below kmemleak when unload radeon driver: unreferenced object 0xffff9f8608ede200 (size 512): comm "systemd-udevd", pid 326, jiffies 4294682822 (age

• CVE-2023-53452Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential race condition between napi_init and napi_enable A race condition can happen if netdev is registered, but NAPI isn't initialized yet, and meanwhile user space starts the netdev that w

• CVE-2023-53451Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate pointer before dereferencing the pointer.

• CVE-2023-53449Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix potential memleak in dasd_eckd_init() `dasd_reserve_req` is allocated before `dasd_vol_info_req`, and it also needs to be freed before the error returns, just like the other cases in this functio

• CVE-2023-53448Oct 1, 2025
  affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

  In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded release_mem_region Remove unnecessary release_mem_region from the error path to prevent mem region from being released twice, which could avoid resource leak or other unexpected i