suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4

Vulnerabilities (2,843)

• CVE-2023-53288Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm]

• CVE-2023-53286Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. W

• CVE-2023-53282Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-free read warning is logged from the lpfc_wr_object() routine: BUG: KFENCE: us

• CVE-2023-53281Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Commit 041879b12ddb ("drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle()") besides fixing the deadlock also modifi

• CVE-2023-53280Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up gets called for uninitialized wait queue sp->nvme_ls_waitq. qla2xxx [0000:3

• CVE-2023-53277Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_workqueue in order to avoid NULL pointer dereference.

• CVE-2023-53276Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after t

• CVE-2023-53275Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is access

• CVE-2023-53273Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel() assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset

• CVE-2023-53272Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in b

• CVE-2023-53270Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggering a warning. generic_perform_write copied = iov_iter_copy_from_user_atomic(len

• CVE-2023-53268Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_mqs: move of_node_put() to the correct location of_node_put() should have been done directly after mqs_priv->regmap = syscon_node_to_regmap(gpr_np); otherwise it creates a reference leak on the succes

• CVE-2023-53265Sep 16, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: slab-out-of-bounds in c

• CVE-2022-50334Sep 15, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range [0x0000000000000

• CVE-2022-50333Sep 15, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor.

• CVE-2022-50331Sep 15, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name(

• CVE-2022-50330Sep 15, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect

• CVE-2022-50329Sep 15, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will access 'bic->bfqq' in bic_set_bfqq(), however, bfq_exit_icq_bfqq() can free bfqq first

• CVE-2022-50328Sep 15, 2025
  affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

  In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential use-after-free in jbd2_fc_wait_bufs In 'jbd2_fc_wait_bufs' use 'bh' after put buffer head reference count which may lead to use-after-free. So judge buffer if uptodate before put buffer head

• CVE-2022-50327Sep 15, 2025
  affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

  In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subje