rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6
Vulnerabilities (421)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68347 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdep_read() could write more bytes to the user buffer than requested, when a user provides a buffer smaller | ||
| CVE-2025-68346 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detect_stream_formats() The function detect_stream_formats() reads the stream_count value directly from a FireWire device without validating it. This can lead to out-of-bounds | ||
| CVE-2025-68345 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() The acpi_get_first_physical_node() function can return NULL, in which case the get_device() function also returns NULL, but this value | ||
| CVE-2023-54042 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix VAS mm use after free The refcount on mm is dropped before the coprocessor is detached. | ||
| CVE-2023-54038 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: return ERR_PTR instead of NULL when there is no link hci_connect_sco currently returns NULL when there is no link (i.e. when hci_conn_link() returns NULL). sco_connect() expects an ERR_PTR | ||
| CVE-2023-54037 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Calling ethtool during reload can lead to call trace, because VSI isn't configured for some time, but netdev is alive. To fix it add rtnl lock for VSI deconfig and | ||
| CVE-2023-54035 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix underflow in chain reference counter Set element addition error path decrements reference counter on chains twice: once on element release and again via nft_data_release(). Then, d6b4 | ||
| CVE-2023-54032 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting quota root from the dirty cow roots list When disabling quotas we are deleting the quota root from the list fs_info->dirty_cowonly_roots without taking the lock that protects it, w | ||
| CVE-2023-54031 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described pro | ||
| CVE-2023-54030 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: io_uring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task. | ||
| CVE-2023-54027 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there is no parent Commit 813665564b3d ("iio: core: Convert to use firmware node handle instead of OF node") switched the kind of nodes to use for label retrieval i | ||
| CVE-2023-54026 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazy_opp_tables after probe deferral When dev_pm_opp_of_find_icc_paths() in _allocate_opp_table() returns -EPROBE_DEFER, the opp_table is freed again, to wait until all the interconne | ||
| CVE-2023-54025 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled In case WoWlan was never configured during the operation of the system, the hw->wiphy->wowlan_config will be NULL. rsi_config_wowlan() checks w | ||
| CVE-2023-54023 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between balance and cancel/pause Syzbot reported a panic that looks like this: assertion failed: fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE_PAUSED, in fs/btrfs/ioctl.c:465 ------- | ||
| CVE-2023-54022 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at alloc_midi_urbs() that is called at MIDI 2.0 / UMP device are supposed to be handled at the cal | ||
| CVE-2023-54019 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroup_file_release causes UAF issues when a cgroup is removed from under a polling process. This is happening because c | ||
| CVE-2023-54017 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebus_bus_init() If device_register() returns error in ibmebus_bus_init(), name of kobject which is allocated in dev_set_name() called in device_add() is leaked. | ||
| CVE-2023-54016 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak in rx_desc and tx_desc Currently when ath12k_dp_cc_desc_init() is called we allocate memory to rx_descs and tx_descs. In ath12k_dp_cc_cleanup(), during descriptor cleanup rx_descs | ||
| CVE-2023-54014 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be dereferenced. rport returned by call to fc_bsg_to_rport() could be NULL and dereferenced. | ||
| CVE-2023-54008 | — | < 6.4.0-150600.23.84.1 | 6.4.0-150600.23.84.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio_vdpa: build affinity masks conditionally We try to build affinity mask via create_affinity_masks() unconditionally which may lead several issues: - the affinity mask is not used for parent without affin |
- CVE-2025-68347Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdep_read() could write more bytes to the user buffer than requested, when a user provides a buffer smaller
- CVE-2025-68346Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detect_stream_formats() The function detect_stream_formats() reads the stream_count value directly from a FireWire device without validating it. This can lead to out-of-bounds
- CVE-2025-68345Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() The acpi_get_first_physical_node() function can return NULL, in which case the get_device() function also returns NULL, but this value
- CVE-2023-54042Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix VAS mm use after free The refcount on mm is dropped before the coprocessor is detached.
- CVE-2023-54038Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: return ERR_PTR instead of NULL when there is no link hci_connect_sco currently returns NULL when there is no link (i.e. when hci_conn_link() returns NULL). sco_connect() expects an ERR_PTR
- CVE-2023-54037Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Calling ethtool during reload can lead to call trace, because VSI isn't configured for some time, but netdev is alive. To fix it add rtnl lock for VSI deconfig and
- CVE-2023-54035Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix underflow in chain reference counter Set element addition error path decrements reference counter on chains twice: once on element release and again via nft_data_release(). Then, d6b4
- CVE-2023-54032Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting quota root from the dirty cow roots list When disabling quotas we are deleting the quota root from the list fs_info->dirty_cowonly_roots without taking the lock that protects it, w
- CVE-2023-54031Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described pro
- CVE-2023-54030Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: io_uring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task.
- CVE-2023-54027Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there is no parent Commit 813665564b3d ("iio: core: Convert to use firmware node handle instead of OF node") switched the kind of nodes to use for label retrieval i
- CVE-2023-54026Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazy_opp_tables after probe deferral When dev_pm_opp_of_find_icc_paths() in _allocate_opp_table() returns -EPROBE_DEFER, the opp_table is freed again, to wait until all the interconne
- CVE-2023-54025Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled In case WoWlan was never configured during the operation of the system, the hw->wiphy->wowlan_config will be NULL. rsi_config_wowlan() checks w
- CVE-2023-54023Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between balance and cancel/pause Syzbot reported a panic that looks like this: assertion failed: fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE_PAUSED, in fs/btrfs/ioctl.c:465 -------
- CVE-2023-54022Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at alloc_midi_urbs() that is called at MIDI 2.0 / UMP device are supposed to be handled at the cal
- CVE-2023-54019Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroup_file_release causes UAF issues when a cgroup is removed from under a polling process. This is happening because c
- CVE-2023-54017Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebus_bus_init() If device_register() returns error in ibmebus_bus_init(), name of kobject which is allocated in dev_set_name() called in device_add() is leaked.
- CVE-2023-54016Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak in rx_desc and tx_desc Currently when ath12k_dp_cc_desc_init() is called we allocate memory to rx_descs and tx_descs. In ath12k_dp_cc_cleanup(), during descriptor cleanup rx_descs
- CVE-2023-54014Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be dereferenced. rport returned by call to fc_bsg_to_rport() could be NULL and dereferenced.
- CVE-2023-54008Dec 24, 2025affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1
In the Linux kernel, the following vulnerability has been resolved: virtio_vdpa: build affinity masks conditionally We try to build affinity mask via create_affinity_masks() unconditionally which may lead several issues: - the affinity mask is not used for parent without affin
Page 11 of 22