rpm package
suse/kernel-livepatch-SLE15-SP4_Update_46&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_46&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (178)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53680 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL OPDESC() simply indexes into nfsd4_ops[] by the op's operation number, without range checking that value. It assumes callers are careful to avoid calli | ||
| CVE-2023-53679 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer dereference in 'mt7601u_rx_skb_from_seg()'. The variable 'dma_len' in the URB packet could be manipulated, which cou | ||
| CVE-2023-53675 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible desc_ptr out-of-bounds accesses Sanitize possible desc_ptr out-of-bounds accesses in ses_enclosure_data_process(). | ||
| CVE-2023-53674 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devm_clk_notifier_register() devm_clk_notifier_register() allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on | ||
| CVE-2023-53670 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix dev_pm_qos memleak Call dev_pm_qos_hide_latency_tolerance() in the error unwind patch to avoid following kmemleak:- blktests (master) # kmemleak-clear; ./check nvme/044; blktests (master) # kmem | ||
| CVE-2023-53668 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix deadloop issue on reading trace_pipe Soft lockup occurs when reading file 'trace_pipe': watchdog: BUG: soft lockup - CPU#6 stuck for 22s! [cat:4488] [...] RIP: 0010:ring_buffer_empty_cpu | ||
| CVE-2023-53667 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize Currently in cdc_ncm_check_tx_max(), if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets tx_max to dwNtbO | ||
| CVE-2023-53662 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} If the filename casefolding fails, we'll be leaking memory from the fscrypt_name struct, namely from the 'crypto_buf.name' member. Make sure | ||
| CVE-2023-53659 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix out-of-bounds when setting channels on remove If we set channels greater during iavf_remove(), and waiting reset done would be timeout, then returned with error but changed num_active_queues directly, | ||
| CVE-2023-53658 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: spi: bcm-qspi: return error if neither hif_mspi nor mspi is available If neither a "hif_mspi" nor "mspi" resource is present, the driver will just early exit in probe but still return success. Apart from not do | ||
| CVE-2022-50553 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx' When generate a synthetic event with many params and then create a trace action for it [1], kernel panic happened [2]. It is because that in tr | ||
| CVE-2022-50551 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() This patch fixes a shift-out-of-bounds in brcmfmac that occurs in BIT(chiprev) when a 'chiprev' provided by the device is too large. | ||
| CVE-2022-50549 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata Following concurrent processes: P1(drop cache) P2(kworker) drop_caches_sysctl_handler drop_slab shrink_slab | ||
| CVE-2022-50546 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4_evict_inode' Syzbot found the following issue: ===================================================== BUG: KMSAN: uninit-value in ext4_evict_inode+0xdd/0x26b0 fs/ext4/ino | ||
| CVE-2022-50545 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: r6040: Fix kmemleak in probe and remove There is a memory leaks reported by kmemleak: unreferenced object 0xffff888116111000 (size 2048): comm "modprobe", pid 817, jiffies 4294759745 (age 76.502s) he | ||
| CVE-2022-50544 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() xhci_alloc_stream_info() allocates stream context array for stream_info ->stream_ctx_array with xhci_alloc_stream_ctx(). When some error oc | ||
| CVE-2022-50542 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: si470x: Fix use-after-free in si470x_int_in_callback() syzbot reported use-after-free in si470x_int_in_callback() [1]. This indicates that urb->context, which contains struct si470x_device object, is fr | ||
| CVE-2022-50541 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow UDMA_CHAN_RT_*BCNT_REG stores the real-time channel bytecount statistics. These registers are 32-bit hardware counters and the driver | ||
| CVE-2022-50537 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() In rpi_firmware_probe(), if mbox_request_channel() fails, the 'fw' will not be freed through rpi_firmware_delete(), fix this leak by calli | ||
| CVE-2022-50535 | — | < 1-150400.9.5.1 | 1-150400.9.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null-deref in dm_resume [Why] Fixing smatch error: dm_resume() error: we previously assumed 'aconnector->dc_link' could be null [How] Check if dc_link null at the beginning of th |
- CVE-2023-53680Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL OPDESC() simply indexes into nfsd4_ops[] by the op's operation number, without range checking that value. It assumes callers are careful to avoid calli
- CVE-2023-53679Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer dereference in 'mt7601u_rx_skb_from_seg()'. The variable 'dma_len' in the URB packet could be manipulated, which cou
- CVE-2023-53675Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible desc_ptr out-of-bounds accesses Sanitize possible desc_ptr out-of-bounds accesses in ses_enclosure_data_process().
- CVE-2023-53674Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devm_clk_notifier_register() devm_clk_notifier_register() allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on
- CVE-2023-53670Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix dev_pm_qos memleak Call dev_pm_qos_hide_latency_tolerance() in the error unwind patch to avoid following kmemleak:- blktests (master) # kmemleak-clear; ./check nvme/044; blktests (master) # kmem
- CVE-2023-53668Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix deadloop issue on reading trace_pipe Soft lockup occurs when reading file 'trace_pipe': watchdog: BUG: soft lockup - CPU#6 stuck for 22s! [cat:4488] [...] RIP: 0010:ring_buffer_empty_cpu
- CVE-2023-53667Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize Currently in cdc_ncm_check_tx_max(), if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets tx_max to dwNtbO
- CVE-2023-53662Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} If the filename casefolding fails, we'll be leaking memory from the fscrypt_name struct, namely from the 'crypto_buf.name' member. Make sure
- CVE-2023-53659Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix out-of-bounds when setting channels on remove If we set channels greater during iavf_remove(), and waiting reset done would be timeout, then returned with error but changed num_active_queues directly,
- CVE-2023-53658Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: spi: bcm-qspi: return error if neither hif_mspi nor mspi is available If neither a "hif_mspi" nor "mspi" resource is present, the driver will just early exit in probe but still return success. Apart from not do
- CVE-2022-50553Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx' When generate a synthetic event with many params and then create a trace action for it [1], kernel panic happened [2]. It is because that in tr
- CVE-2022-50551Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() This patch fixes a shift-out-of-bounds in brcmfmac that occurs in BIT(chiprev) when a 'chiprev' provided by the device is too large.
- CVE-2022-50549Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata Following concurrent processes: P1(drop cache) P2(kworker) drop_caches_sysctl_handler drop_slab shrink_slab
- CVE-2022-50546Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4_evict_inode' Syzbot found the following issue: ===================================================== BUG: KMSAN: uninit-value in ext4_evict_inode+0xdd/0x26b0 fs/ext4/ino
- CVE-2022-50545Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: r6040: Fix kmemleak in probe and remove There is a memory leaks reported by kmemleak: unreferenced object 0xffff888116111000 (size 2048): comm "modprobe", pid 817, jiffies 4294759745 (age 76.502s) he
- CVE-2022-50544Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() xhci_alloc_stream_info() allocates stream context array for stream_info ->stream_ctx_array with xhci_alloc_stream_ctx(). When some error oc
- CVE-2022-50542Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: media: si470x: Fix use-after-free in si470x_int_in_callback() syzbot reported use-after-free in si470x_int_in_callback() [1]. This indicates that urb->context, which contains struct si470x_device object, is fr
- CVE-2022-50541Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow UDMA_CHAN_RT_*BCNT_REG stores the real-time channel bytecount statistics. These registers are 32-bit hardware counters and the driver
- CVE-2022-50537Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() In rpi_firmware_probe(), if mbox_request_channel() fails, the 'fw' will not be freed through rpi_firmware_delete(), fix this leak by calli
- CVE-2022-50535Oct 7, 2025affected < 1-150400.9.5.1fixed 1-150400.9.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null-deref in dm_resume [Why] Fixing smatch error: dm_resume() error: we previously assumed 'aconnector->dc_link' could be null [How] Check if dc_link null at the beginning of th
Page 4 of 9