suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4

Vulnerabilities (2,843)

• CVE-2023-53722Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows

• CVE-2023-53719Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631. In arc_serial_p

• CVE-2023-53718Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in

• CVE-2023-53717Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wm

• CVE-2023-53715Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in bin

• CVE-2023-53711Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it sy

• CVE-2023-53709Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Handle race between rb_move_tail and rb_check_pages It seems a data race between ring_buffer writing and integrity check. That is, RB_FLAG of head_page is been updating, while at same time RB_FLAG

• CVE-2023-53708Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explic

• CVE-2023-53705Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Veri

• CVE-2023-53704Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe() Replace of_iomap() and kzalloc() with devm_of_iomap() and devm_kzalloc() which can automatically release the related memory when the device

• CVE-2023-53700Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fix memleak in max9286_v4l2_register() There is a kmemleak when testing the media/i2c/max9286.c with bpf mock device: kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) un

• CVE-2023-53696Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 (size 12288): comm "modprobe", pid 19117, jiffies 4299751452 (age

• CVE-2023-53695Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the f

• CVE-2023-53693Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_dev->count happens before invoke the raw_queue_event(), if the raw_queue_event() return error, invoke raw_release() will not trigg

• CVE-2023-53692Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-00

• CVE-2022-50582Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to poll_enabled_time that is not integer time_remaining underflows and does not exit the loop as expected. As delay could be derived from DT

• CVE-2022-50581Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in __hfs_brec_find Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_strcmp+0x117/0x190 fs/hfs/string.c:

• CVE-2022-50580Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that 'bps_limit * jiffy_elapsed_rnd' might overflow. Fix the problem by calling mul_u

• CVE-2022-50579Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: fix module PLTs with mcount Li Huafei reports that mcount-based ftrace with module PLTs was broken by commit: a6253579977e4c6f ("arm64: ftrace: consistently handle PLTs.") When a module PLTs

• CVE-2022-50578Oct 22, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in __class_register() If class_add_groups() returns error, the 'cp->subsys' need be unregister, and the 'cp' need be freed. We can not call kset_unregister() here, because the '