rpm package
suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (383)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50661 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. Our syzbot instance reported memory leaks in do_seccomp() [0], similar to the report [1]. It shows that we miss freeing struct seccomp_filter and some objects i | ||
| CVE-2022-50660 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fix memory leak in ipw_wdev_init() In the error path of ipw_wdev_init(), exception value is returned, and the memory applied for in the function is not released. Also the memory is not released i | ||
| CVE-2022-50658 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in the error path because we never free the speedbin buffer. This commit fixes the e | ||
| CVE-2023-53819 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offset_in_bo of drm_amdgpu_gem_va This is motivated by OOB access in amdgpu_vm_update_range when offset_in_bo+map_size overflows. v2: keep the validations in amdgpu_vm_bo_map v3: add the valid | ||
| CVE-2023-53818 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: zynq: Fix refcount leak in zynq_early_slcr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on error path. Add missing of_node_put() to avoid ref | ||
| CVE-2023-53814 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with .end = zero On r8a7791/koelsch: kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) # cat /sys/kernel/debug/kmemleak unreferenced objec | ||
| CVE-2023-53811 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to num_online_cpus() + 1 and the kernel warning stack below is shown if that number is exceeded. The | ||
| CVE-2023-53808 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix memory leak in mwifiex_histogram_read() Always free the zeroed page on return from 'mwifiex_histogram_read()'. | ||
| CVE-2023-53804 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach_log_writer(). However, | ||
| CVE-2023-53803 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() A fix for: BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses] Read of size 1 at addr ffff88a1b043a451 by task syste | ||
| CVE-2023-53802 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function It is stated that ath9k_htc_rx_msg() either frees the provided skb or passes its management to another callback function. Ho | ||
| CVE-2023-53794 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2_reconnect_server(), because it will be released soon. Note that the exiting session will stay in s | ||
| CVE-2023-53792 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_ctrl_secret Free dhchap_secret in nvme_ctrl_dhchap_ctrl_secret_store() before we return when nvme_auth_generate_key() returns error. | ||
| CVE-2023-53788 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A). static int tuning_ctl_set(...) { for (i = 0; i < T | ||
| CVE-2023-53786 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --table \ "0 `blockdev --getsize /dev/ram0` flakey /dev/ram0 0 0 1 2 corrupt_bio_by | ||
| CVE-2023-53783 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calc_lcoefs() echo max of u64 to cost.model can cause divide by 0 error. # echo 8:0 rbps=18446744073709551615 > /sys/fs/cgroup/io.cost.model divide error: 0000 [#1] PR | ||
| CVE-2023-53781 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in tcp_write_timer_handler(). With Eric's ref tracker, syzbot finally found a repro for use-after-free in tcp_write_timer_handler() by kernel TCP sockets. [0] If SMC creates a kernel so | ||
| CVE-2022-50656 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfc_target before being used Fix a slab-out-of-bounds read that occurs in nla_put() called from nfc_genl_send_target() when target->sensb_res_len, which is duplicated from an nfc_target in pn5 | ||
| CVE-2022-50653 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: atmel-mci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. I | ||
| CVE-2022-50652 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: uio: uio_dmem_genirq: Fix missing unlock in irq configuration Commit b74351287d4b ("uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()") started calling disable_irq() without holding the spi |
- CVE-2022-50661Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. Our syzbot instance reported memory leaks in do_seccomp() [0], similar to the report [1]. It shows that we miss freeing struct seccomp_filter and some objects i
- CVE-2022-50660Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fix memory leak in ipw_wdev_init() In the error path of ipw_wdev_init(), exception value is returned, and the memory applied for in the function is not released. Also the memory is not released i
- CVE-2022-50658Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in the error path because we never free the speedbin buffer. This commit fixes the e
- CVE-2023-53819Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offset_in_bo of drm_amdgpu_gem_va This is motivated by OOB access in amdgpu_vm_update_range when offset_in_bo+map_size overflows. v2: keep the validations in amdgpu_vm_bo_map v3: add the valid
- CVE-2023-53818Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ARM: zynq: Fix refcount leak in zynq_early_slcr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on error path. Add missing of_node_put() to avoid ref
- CVE-2023-53814Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with .end = zero On r8a7791/koelsch: kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) # cat /sys/kernel/debug/kmemleak unreferenced objec
- CVE-2023-53811Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to num_online_cpus() + 1 and the kernel warning stack below is shown if that number is exceeded. The
- CVE-2023-53808Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix memory leak in mwifiex_histogram_read() Always free the zeroed page on return from 'mwifiex_histogram_read()'.
- CVE-2023-53804Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach_log_writer(). However,
- CVE-2023-53803Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() A fix for: BUG: KASAN: slab-out-of-bounds in ses_enclosure_data_process+0x949/0xe30 [ses] Read of size 1 at addr ffff88a1b043a451 by task syste
- CVE-2023-53802Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function It is stated that ath9k_htc_rx_msg() either frees the provided skb or passes its management to another callback function. Ho
- CVE-2023-53794Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2_reconnect_server(), because it will be released soon. Note that the exiting session will stay in s
- CVE-2023-53792Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_ctrl_secret Free dhchap_secret in nvme_ctrl_dhchap_ctrl_secret_store() before we return when nvme_auth_generate_key() returns error.
- CVE-2023-53788Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A). static int tuning_ctl_set(...) { for (i = 0; i < T
- CVE-2023-53786Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: dm flakey: fix a crash with invalid table line This command will crash with NULL pointer dereference: dmsetup create flakey --table \ "0 `blockdev --getsize /dev/ram0` flakey /dev/ram0 0 0 1 2 corrupt_bio_by
- CVE-2023-53783Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calc_lcoefs() echo max of u64 to cost.model can cause divide by 0 error. # echo 8:0 rbps=18446744073709551615 > /sys/fs/cgroup/io.cost.model divide error: 0000 [#1] PR
- CVE-2023-53781Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in tcp_write_timer_handler(). With Eric's ref tracker, syzbot finally found a repro for use-after-free in tcp_write_timer_handler() by kernel TCP sockets. [0] If SMC creates a kernel so
- CVE-2022-50656Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfc_target before being used Fix a slab-out-of-bounds read that occurs in nla_put() called from nfc_genl_send_target() when target->sensb_res_len, which is duplicated from an nfc_target in pn5
- CVE-2022-50653Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: mmc: atmel-mci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. I
- CVE-2022-50652Dec 9, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: uio: uio_dmem_genirq: Fix missing unlock in irq configuration Commit b74351287d4b ("uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()") started calling disable_irq() without holding the spi
Page 15 of 20