rpm package
suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (383)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54072 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper l | ||
| CVE-2023-54064 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function ca | ||
| CVE-2023-54058 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Check if ffa_driver remove is present before executing Currently ffa_drv->remove() is called unconditionally from ffa_device_remove(). Since the driver registration doesn't check for it and a | ||
| CVE-2023-54055 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix memory leak of PBLE objects On rmmod of irdma, the PBLE object memory is not being freed. PBLE object memory are not statically pre-allocated at function initialization time unlike other HMC obj | ||
| CVE-2023-54053 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix possible NULL pointer dereference It is possible that iwl_pci_probe() will fail and free the trans, then afterwards iwl_pci_remove() will be called and crash by trying to access trans w | ||
| CVE-2023-54051 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: do not allow gso_size to be set to GSO_BY_FRAGS One missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again [1] Do not allow gso_size to be set to GSO_BY_FRAGS (0xffff), because thi | ||
| CVE-2023-54050 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memleak when insert_old_idx() failed Following process will cause a memleak for copied up znode: dirty_cow_znode zn = copy_znode(c, znode); err = insert_old_idx(c, zbr->lnum, zbr->offs); if (u | ||
| CVE-2023-54049 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. | ||
| CVE-2023-54048 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Driver should not be scheduling any more completion handlers for this QP, after the QP | ||
| CVE-2023-54046 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Handle EBUSY correctly As it is essiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller | ||
| CVE-2023-54045 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: audit: fix possible soft lockup in __audit_inode_child() Tracefs or debugfs maybe cause hundreds to thousands of PATH records, too many PATH records maybe cause soft lockup. For example: 1. CONFIG_KASAN=y && | ||
| CVE-2022-50782 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:202! invalid | ||
| CVE-2022-50781 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is capped at 2 but not checked for negative values so it results in an out of bound | ||
| CVE-2022-50779 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() When insert and remove the orangefs module, then debug_help_string will be leaked: unreferenced object 0xffff8881652ba000 (size 4096): com | ||
| CVE-2022-50777 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore. | ||
| CVE-2022-50776 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in st_of_quadfs_setup() If st_clk_register_quadfs_pll() fails, @lock should be freed before goto @err_exit, otherwise will cause meory leak issue, fix it. | ||
| CVE-2022-50774 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix DMA transfer direction When CONFIG_DMA_API_DEBUG is selected, while running the crypto self test on the QAT crypto algorithms, the function add_dma_entry() reports a warning similar to the one | ||
| CVE-2022-50773 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt I got a null-ptr-defer error report when I do the following tests on the qemu platform: make defconfig and CONFIG_PARPORT=m, CONFIG_PARPORT_PC=m, | ||
| CVE-2022-50770 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_mount_volume() There is a memory leak reported by kmemleak: unreferenced object 0xffff88810cc65e60 (size 32): comm "mount.ocfs2", pid 23753, jiffies 4302528942 (age 34735. | ||
| CVE-2022-50769 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash |
- CVE-2023-54072Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against too many buffer allocations. However, the check is performed without a proper l
- CVE-2023-54064Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function ca
- CVE-2023-54058Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Check if ffa_driver remove is present before executing Currently ffa_drv->remove() is called unconditionally from ffa_device_remove(). Since the driver registration doesn't check for it and a
- CVE-2023-54055Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix memory leak of PBLE objects On rmmod of irdma, the PBLE object memory is not being freed. PBLE object memory are not statically pre-allocated at function initialization time unlike other HMC obj
- CVE-2023-54053Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix possible NULL pointer dereference It is possible that iwl_pci_probe() will fail and free the trans, then afterwards iwl_pci_remove() will be called and crash by trying to access trans w
- CVE-2023-54051Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: net: do not allow gso_size to be set to GSO_BY_FRAGS One missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again [1] Do not allow gso_size to be set to GSO_BY_FRAGS (0xffff), because thi
- CVE-2023-54050Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memleak when insert_old_idx() failed Following process will cause a memleak for copied up znode: dirty_cow_znode zn = copy_znode(c, znode); err = insert_old_idx(c, zbr->lnum, zbr->offs); if (u
- CVE-2023-54049Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: rpmsg: glink: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.
- CVE-2023-54048Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Driver should not be scheduling any more completion handlers for this QP, after the QP
- CVE-2023-54046Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Handle EBUSY correctly As it is essiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller
- CVE-2023-54045Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: audit: fix possible soft lockup in __audit_inode_child() Tracefs or debugfs maybe cause hundreds to thousands of PATH records, too many PATH records maybe cause soft lockup. For example: 1. CONFIG_KASAN=y &&
- CVE-2022-50782Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:202! invalid
- CVE-2022-50781Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is capped at 2 but not checked for negative values so it results in an out of bound
- CVE-2022-50779Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() When insert and remove the orangefs module, then debug_help_string will be leaked: unreferenced object 0xffff8881652ba000 (size 4096): com
- CVE-2022-50777Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore.
- CVE-2022-50776Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in st_of_quadfs_setup() If st_clk_register_quadfs_pll() fails, @lock should be freed before goto @err_exit, otherwise will cause meory leak issue, fix it.
- CVE-2022-50774Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix DMA transfer direction When CONFIG_DMA_API_DEBUG is selected, while running the crypto self test on the QAT crypto algorithms, the function add_dma_entry() reports a warning similar to the one
- CVE-2022-50773Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt I got a null-ptr-defer error report when I do the following tests on the qemu platform: make defconfig and CONFIG_PARPORT=m, CONFIG_PARPORT_PC=m,
- CVE-2022-50770Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_mount_volume() There is a memory leak reported by kmemleak: unreferenced object 0xffff88810cc65e60 (size 32): comm "mount.ocfs2", pid 23753, jiffies 4302528942 (age 34735.
- CVE-2022-50769Dec 24, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash
Page 9 of 20