rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
Vulnerabilities (2,843)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53311 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach_log_writer(). Previous | ||
| CVE-2023-53309 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uni | ||
| CVE-2023-53307 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails If getting an ID or setting up a work queue in rbd_dev_create() fails, use-after-free on rbd_dev->rbd_client, rbd_dev->spec and rbd_dev->opt | ||
| CVE-2023-53305 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2cap_le_command_rej. | ||
| CVE-2023-53304 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with tests/shell/tes | ||
| CVE-2022-50351 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked. | ||
| CVE-2022-50349 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() If device_register() returns error in tifm_7xx1_switch_media(), name of kobject which is allocated in dev_set_name() called in device_add() is le | ||
| CVE-2022-50348 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix a memory leak in an error handling path If this memdup_user() call fails, the memory allocated in a previous call a few lines above should be freed. Otherwise it leaks. | ||
| CVE-2022-50347 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kern | ||
| CVE-2022-50346 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: init quota for 'old.inode' in 'ext4_rename' Syzbot found the following issue: ext4_parse_param: s_want_extra_isize=128 ext4_inode_info_init: s_want_extra_isize=32 ext4_rename: old.inode=ffff88823869a2c8 o | ||
| CVE-2022-50344 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4_write_info I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range [0x0000000000000068-0x0000 | ||
| CVE-2022-50342 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unreferenced object 0xffff888115ed25a0 (size 8): comm "modprobe", pid 727, jiffies | ||
| CVE-2022-50340 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimc_init() fails In vimc_init(), when platform_driver_register(&vimc_pdrv) fails, platform_driver_unregister(&vimc_pdrv) is wrongly called rather than platform_devic | ||
| CVE-2025-39824 | Hig | 7.8 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HID_CLAIMED_INPUT validation After hid_hw_start() is called hidinput_connect() will eventually be called to set up the device with the input layer since the HID_CONNECT_DEFAULT connect ma | |
| CVE-2025-39823 | Hig | 7.8 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use array_index_nospec with indices that come from guest min and dest_id are guest-controlled indices. Using array_index_nospec() after the bounds checks clamps these values to mitigate speculative ex | |
| CVE-2023-53302 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for create_singlethread_workqueue() Add the check for the return value of the create_singlethread_workqueue() in order to avoid NULL pointer dereference. | ||
| CVE-2023-53299 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio->remaining' for recovery raid10_sync_request() will add 'r10bio->remaining' for both rdev and replacement rdev. However, if the read io fails, recovery_request_write() returns wit | ||
| CVE-2023-53298 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of se_io context in nfc_genl_se_io The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfc_genl_se_io and supposed to be eventually free | ||
| CVE-2023-53297 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' is triggered. | ||
| CVE-2023-53295 | — | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we still updated length of inline data as if the whole write succeeded. Fix the update |
- CVE-2023-53311Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach_log_writer(). Previous
- CVE-2023-53309Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uni
- CVE-2023-53307Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails If getting an ID or setting up a work queue in rbd_dev_create() fails, use-after-free on rbd_dev->rbd_client, rbd_dev->spec and rbd_dev->opt
- CVE-2023-53305Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2cap_le_command_rej.
- CVE-2023-53304Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with tests/shell/tes
- CVE-2022-50351Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked.
- CVE-2022-50349Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() If device_register() returns error in tifm_7xx1_switch_media(), name of kobject which is allocated in dev_set_name() called in device_add() is le
- CVE-2022-50348Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix a memory leak in an error handling path If this memdup_user() call fails, the memory allocated in a previous call a few lines above should be freed. Otherwise it leaks.
- CVE-2022-50347Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kern
- CVE-2022-50346Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ext4: init quota for 'old.inode' in 'ext4_rename' Syzbot found the following issue: ext4_parse_param: s_want_extra_isize=128 ext4_inode_info_init: s_want_extra_isize=32 ext4_rename: old.inode=ffff88823869a2c8 o
- CVE-2022-50344Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4_write_info I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range [0x0000000000000068-0x0000
- CVE-2022-50342Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unreferenced object 0xffff888115ed25a0 (size 8): comm "modprobe", pid 727, jiffies
- CVE-2022-50340Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimc_init() fails In vimc_init(), when platform_driver_register(&vimc_pdrv) fails, platform_driver_unregister(&vimc_pdrv) is wrongly called rather than platform_devic
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HID_CLAIMED_INPUT validation After hid_hw_start() is called hidinput_connect() will eventually be called to set up the device with the input layer since the HID_CONNECT_DEFAULT connect ma
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use array_index_nospec with indices that come from guest min and dest_id are guest-controlled indices. Using array_index_nospec() after the bounds checks clamps these values to mitigate speculative ex
- CVE-2023-53302Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for create_singlethread_workqueue() Add the check for the return value of the create_singlethread_workqueue() in order to avoid NULL pointer dereference.
- CVE-2023-53299Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio->remaining' for recovery raid10_sync_request() will add 'r10bio->remaining' for both rdev and replacement rdev. However, if the read io fails, recovery_request_write() returns wit
- CVE-2023-53298Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of se_io context in nfc_genl_se_io The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfc_genl_se_io and supposed to be eventually free
- CVE-2023-53297Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' is triggered.
- CVE-2023-53295Sep 16, 2025affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we still updated length of inline data as if the whole write succeeded. Fix the update
Page 36 of 143