rpm package
suse/kernel-livepatch-SLE15-SP5_Update_27&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_27&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (218)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53140 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier Remove the /proc/scsi/${proc_name} directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug int | ||
| CVE-2023-53139 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties devm_kmalloc_array may fails, *fw_vsc_cfg might be null and cause out-of-bounds write in device_property_read_u8_array later. | ||
| CVE-2023-53134 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA (GRO/LRO) completions on the aggregation ring. On P5 chips, the maximum number of concurr | ||
| CVE-2023-53131 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever getting called. If that happens the svc_rqst will not be cleaned up. | ||
| CVE-2023-53128 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttle_groups memory leak Add a missing kfree(). | ||
| CVE-2023-53125 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network | ||
| CVE-2023-53124 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may | ||
| CVE-2023-53123 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functions may be hotplugged individually even when they belong to a multi-function device. In particular on an SR-IOV device | ||
| CVE-2023-53119 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533_out_arg properly struct pn533_out_arg used as a temporary context for out_urb is not initialized properly. Its uninitialized 'phy' field can be dereferenced in error cases in | ||
| CVE-2023-53118 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a procfs host directory removal regression scsi_proc_hostdir_rm() decreases a reference counter and hence must only be called once per host that is removed. This change does not require a scsi_a | ||
| CVE-2023-53116 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free the request passed as argument. Such implementation potentially could result in a use after | ||
| CVE-2023-53114 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during reboot when adapter is in recovery mode If the driver detects during probe that firmware is in recovery mode then i40e_init_recovery_mode() is called and the rest of probe function | ||
| CVE-2023-53112 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access It seems that commit bc3c5e0809ae ("drm/i915/sseu: Don't try to store EU mask internally in UAPI format") exposed a potential out-of-bounds acce | ||
| CVE-2023-53111 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues do_req_filebacked() calls blk_mq_complete_request() synchronously or asynchronously when using asynchronous I/O unless memory allocation fails. Hence, modify loop_handle_cmd() su | ||
| CVE-2023-53109 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: tunnels: annotate lockless accesses to dev->needed_headroom IP tunnels can apparently update dev->needed_headroom in their xmit path. This patch takes care of three tunnels xmit, and also the core LL_RESE | ||
| CVE-2023-53108 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucv_irq_data needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG dm | ||
| CVE-2023-53106 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition This bug influences both st_nci_i2c_remove and st_nci_spi_remove. Take st_nci_i2c_remove as an example. In st_nci_i2c_probe, it called n | ||
| CVE-2023-53105 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix cleanup null-ptr deref on encap lock During module is unloaded while a peer tc flow is still offloaded, first the peer uplink rep profile is changed to a nic profile, and so neigh encap lock is d | ||
| CVE-2023-53102 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: xsk: disable txq irq before flushing hw ice_qp_dis() intends to stop a given queue pair that is a target of xsk pool attach/detach. One of the steps is to disable interrupts on these queues. It currently i | ||
| CVE-2023-53101 | — | < 1-150500.11.7.1 | 1-150500.11.7.1 | May 2, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: zero i_disksize when initializing the bootloader inode If the boot loader inode has never been used before, the EXT4_IOC_SWAP_BOOT inode will initialize it, including setting the i_size to 0. However, if |
- CVE-2023-53140May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier Remove the /proc/scsi/${proc_name} directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug int
- CVE-2023-53139May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties devm_kmalloc_array may fails, *fw_vsc_cfg might be null and cause out-of-bounds write in device_property_read_u8_array later.
- CVE-2023-53134May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA (GRO/LRO) completions on the aggregation ring. On P5 chips, the maximum number of concurr
- CVE-2023-53131May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever getting called. If that happens the svc_rqst will not be cleaned up.
- CVE-2023-53128May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttle_groups memory leak Add a missing kfree().
- CVE-2023-53125May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network
- CVE-2023-53124May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may
- CVE-2023-53123May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functions may be hotplugged individually even when they belong to a multi-function device. In particular on an SR-IOV device
- CVE-2023-53119May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533_out_arg properly struct pn533_out_arg used as a temporary context for out_urb is not initialized properly. Its uninitialized 'phy' field can be dereferenced in error cases in
- CVE-2023-53118May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a procfs host directory removal regression scsi_proc_hostdir_rm() decreases a reference counter and hence must only be called once per host that is removed. This change does not require a scsi_a
- CVE-2023-53116May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free the request passed as argument. Such implementation potentially could result in a use after
- CVE-2023-53114May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during reboot when adapter is in recovery mode If the driver detects during probe that firmware is in recovery mode then i40e_init_recovery_mode() is called and the rest of probe function
- CVE-2023-53112May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access It seems that commit bc3c5e0809ae ("drm/i915/sseu: Don't try to store EU mask internally in UAPI format") exposed a potential out-of-bounds acce
- CVE-2023-53111May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues do_req_filebacked() calls blk_mq_complete_request() synchronously or asynchronously when using asynchronous I/O unless memory allocation fails. Hence, modify loop_handle_cmd() su
- CVE-2023-53109May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: net: tunnels: annotate lockless accesses to dev->needed_headroom IP tunnels can apparently update dev->needed_headroom in their xmit path. This patch takes care of three tunnels xmit, and also the core LL_RESE
- CVE-2023-53108May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucv_irq_data needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG dm
- CVE-2023-53106May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition This bug influences both st_nci_i2c_remove and st_nci_spi_remove. Take st_nci_i2c_remove as an example. In st_nci_i2c_probe, it called n
- CVE-2023-53105May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix cleanup null-ptr deref on encap lock During module is unloaded while a peer tc flow is still offloaded, first the peer uplink rep profile is changed to a nic profile, and so neigh encap lock is d
- CVE-2023-53102May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: ice: xsk: disable txq irq before flushing hw ice_qp_dis() intends to stop a given queue pair that is a target of xsk pool attach/detach. One of the steps is to disable interrupts on these queues. It currently i
- CVE-2023-53101May 2, 2025affected < 1-150500.11.7.1fixed 1-150500.11.7.1
In the Linux kernel, the following vulnerability has been resolved: ext4: zero i_disksize when initializing the bootloader inode If the boot loader inode has never been used before, the EXT4_IOC_SWAP_BOOT inode will initialize it, including setting the i_size to 0. However, if
Page 3 of 11