rpm package
suse/kernel-livepatch-SLE15-SP4_Update_45&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_45&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (345)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53386 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys Similar to commit c5d2b6fa26b5 ("Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk"). We can not access k after kfree_rcu() call. | ||
| CVE-2023-53384 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiex_handle_uap_rx_forward()', always check the value returned by 'skb_copy()' to avoid potential NULL pointer dereference in 'mwifiex_uap_queue | ||
| CVE-2023-53381 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSD: fix leaked reference count of nfsd4_ssc_umount_item The reference count of nfsd4_ssc_umount_item is not decremented on error conditions. This prevents the laundromat from unmounting the vfsmount of the so | ||
| CVE-2023-53380 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request There are two check of 'mreplace' in raid10_sync_request(). In the first check, 'need_replace' will be set and 'mreplace' will be used later if n | ||
| CVE-2023-53379 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() Smatch reports: drivers/usb/phy/phy-tahvo.c: tahvo_usb_probe() warn: missing unwind goto? After geting irq, if ret < 0, it will return without error ha | ||
| CVE-2023-53377 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2_compound_op we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN | ||
| CVE-2023-53375 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: # cd | ||
| CVE-2023-53373 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller | ||
| CVE-2022-50399 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: atomisp: prevent integer overflow in sh_css_set_black_frame() The "height" and "width" values come from the user so the "height * width" multiplication can overflow. | ||
| CVE-2022-50395 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: integrity: Fix memory leakage in keyring allocation error path Key restriction is allocated in integrity_init_keyring(). However, if keyring allocation failed, it is not freed, causing memory leaks. | ||
| CVE-2022-50394 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: Fix an out-of-bounds bug in ismt_access() When the driver does not check the data from the user, the variable 'data->block[0]' may be very large to cause an out-of-bounds bug. The following log can | ||
| CVE-2022-50392 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() The node returned by of_parse_phandle() with refcount incremented, of_node_put() needs be called when finish using it. So | ||
| CVE-2022-50391 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in set_mempolicy_home_node system call When encountering any vma in the range with policy other than MPOL_BIND or MPOL_PREFERRED_MANY, an error is returned without issuing a mpol_p | ||
| CVE-2022-50389 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak In crb_acpi_add(), we get the TPM2 table to retrieve information like start method, and then assign them to the priv data, so the TPM2 table is n | ||
| CVE-2022-50388 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blk_kick_flush has NULL bio, and it may be dealt with nvme_end_req during io completion. When blktrace | ||
| CVE-2022-50386 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct | ||
| CVE-2022-50385 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfs_d_automount() When mounting from a NFSv4 referral, path->dentry can end up being a negative dentry, so derive the struct nfs_server from the dentry itself instead. | ||
| CVE-2022-50381 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempool_free There's a crash in mempool_free when running the lvm test shell/lvchange-rebuild-raid.sh. The reason for the crash is this: * super_written calls atomic_dec_and_test(&mddev->pen | ||
| CVE-2022-50379 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota enable and quota rescan ioctl When enabling quotas, at btrfs_quota_enable(), after committing the transaction, we change fs_info->quota_root to point to the quota root we created a | ||
| CVE-2022-50376 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() When insert and remove the orangefs module, there are memory leaked as below: unreferenced object 0xffff88816b0cc000 (size 2048): comm "insmod" |
- CVE-2023-53386Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys Similar to commit c5d2b6fa26b5 ("Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk"). We can not access k after kfree_rcu() call.
- CVE-2023-53384Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiex_handle_uap_rx_forward()', always check the value returned by 'skb_copy()' to avoid potential NULL pointer dereference in 'mwifiex_uap_queue
- CVE-2023-53381Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix leaked reference count of nfsd4_ssc_umount_item The reference count of nfsd4_ssc_umount_item is not decremented on error conditions. This prevents the laundromat from unmounting the vfsmount of the so
- CVE-2023-53380Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request There are two check of 'mreplace' in raid10_sync_request(). In the first check, 'need_replace' will be set and 'mreplace' will be used later if n
- CVE-2023-53379Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() Smatch reports: drivers/usb/phy/phy-tahvo.c: tahvo_usb_probe() warn: missing unwind goto? After geting irq, if ret < 0, it will return without error ha
- CVE-2023-53377Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2_compound_op we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN
- CVE-2023-53375Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: # cd
- CVE-2023-53373Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller
- CVE-2022-50399Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: prevent integer overflow in sh_css_set_black_frame() The "height" and "width" values come from the user so the "height * width" multiplication can overflow.
- CVE-2022-50395Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: integrity: Fix memory leakage in keyring allocation error path Key restriction is allocated in integrity_init_keyring(). However, if keyring allocation failed, it is not freed, causing memory leaks.
- CVE-2022-50394Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: Fix an out-of-bounds bug in ismt_access() When the driver does not check the data from the user, the variable 'data->block[0]' may be very large to cause an out-of-bounds bug. The following log can
- CVE-2022-50392Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() The node returned by of_parse_phandle() with refcount incremented, of_node_put() needs be called when finish using it. So
- CVE-2022-50391Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in set_mempolicy_home_node system call When encountering any vma in the range with policy other than MPOL_BIND or MPOL_PREFERRED_MANY, an error is returned without issuing a mpol_p
- CVE-2022-50389Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak In crb_acpi_add(), we get the TPM2 table to retrieve information like start method, and then assign them to the priv data, so the TPM2 table is n
- CVE-2022-50388Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blk_kick_flush has NULL bio, and it may be dealt with nvme_end_req during io completion. When blktrace
- CVE-2022-50386Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct
- CVE-2022-50385Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfs_d_automount() When mounting from a NFSv4 referral, path->dentry can end up being a negative dentry, so derive the struct nfs_server from the dentry itself instead.
- CVE-2022-50381Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempool_free There's a crash in mempool_free when running the lvm test shell/lvchange-rebuild-raid.sh. The reason for the crash is this: * super_written calls atomic_dec_and_test(&mddev->pen
- CVE-2022-50379Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota enable and quota rescan ioctl When enabling quotas, at btrfs_quota_enable(), after committing the transaction, we change fs_info->quota_root to point to the quota root we created a
- CVE-2022-50376Sep 18, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() When insert and remove the orangefs module, there are memory leaked as below: unreferenced object 0xffff88816b0cc000 (size 2048): comm "insmod"
Page 7 of 18