rpm package
suse/kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS
Vulnerabilities (2,310)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50640 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, whi | ||
| CVE-2022-50638 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:203! in | ||
| CVE-2022-50636 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pci_device_is_present() for VFs by checking PF pci_device_is_present() previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't p | ||
| CVE-2022-50635 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() I found a null pointer reference in arch_prepare_kprobe(): # echo 'p cmdline_proc_show' > kprobe_events # echo 'p cmdline_proc_show+16' | ||
| CVE-2022-50633 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init of_icc_get() alloc resources for path handle, we should release it when not need anymore. Like the release in dwc3_qcom_interconnect_exit() functi | ||
| CVE-2023-53769 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integ | ||
| CVE-2023-53766 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only mounted filesystem in txBegin before starting a transaction potentially saving from NULL pointer deref. | ||
| CVE-2023-53761 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a user submits an ioctl for a 0-length control transfer, the driver does not check tha | ||
| CVE-2023-53755 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling pt_cmd_callback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exercised. The issue was the | ||
| CVE-2023-53754 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() When if_type equals zero and pci_resource_start(pdev, PCI_64BIT_BAR4) returns false, drbl_regs_memmap_p is not remapped. This passes a NULL pointer to | ||
| CVE-2023-53753 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address [Why] There is an issue mapping non-allocated location of memory. It would allocate gpio registers from an array out of bounds. [How] Patch correct numbers | ||
| CVE-2023-53751 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then p | ||
| CVE-2023-53747 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF After a call to console_unlock() in vcs_write() the vc_data struct can be freed by vc_port_destruct(). Because of that, the struct vc | ||
| CVE-2023-53746 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfio_ap device driver The device release callback function invoked to release the matrix device uses the dev_get_drvdata(device *dev) function to retrieve the pointer to the vfi | ||
| CVE-2023-53744 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe wkup_m3_ipc_get() takes refcount, which should be freed by wkup_m3_ipc_put(). Add missing refcount release in the error paths. | ||
| CVE-2023-53743 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: Free released resource after coalescing release_resource() doesn't actually free the resource or resource list entry so free the resource list entry to avoid a leak. | ||
| CVE-2022-50630 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlb_handle_userfault The vma_lock and hugetlb_fault_mutex are dropped before handling userfault and reacquire them again after handle_userfault(), but reacquire the vma_lock could le | ||
| CVE-2022-50629 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsi_coex_attach() The coex_cb needs to be freed when rsi_create_kthread() failed in rsi_coex_attach(). | ||
| CVE-2022-50626 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is due to not accounting for and freeing current iteration's adapter->priv in case of | ||
| CVE-2022-50625 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1] documentation describes a generic UART interface. Such generic UART does not su |
- CVE-2022-50640Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, whi
- CVE-2022-50638Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad boot loader inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:203! in
- CVE-2022-50636Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pci_device_is_present() for VFs by checking PF pci_device_is_present() previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't p
- CVE-2022-50635Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() I found a null pointer reference in arch_prepare_kprobe(): # echo 'p cmdline_proc_show' > kprobe_events # echo 'p cmdline_proc_show+16'
- CVE-2022-50633Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init of_icc_get() alloc resources for path handle, we should release it when not need anymore. Like the release in dwc3_qcom_interconnect_exit() functi
- CVE-2023-53769Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integ
- CVE-2023-53766Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only mounted filesystem in txBegin before starting a transaction potentially saving from NULL pointer deref.
- CVE-2023-53761Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a user submits an ioctl for a 0-length control transfer, the driver does not check tha
- CVE-2023-53755Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling pt_cmd_callback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exercised. The issue was the
- CVE-2023-53754Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() When if_type equals zero and pci_resource_start(pdev, PCI_64BIT_BAR4) returns false, drbl_regs_memmap_p is not remapped. This passes a NULL pointer to
- CVE-2023-53753Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address [Why] There is an issue mapping non-allocated location of memory. It would allocate gpio registers from an array out of bounds. [How] Patch correct numbers
- CVE-2023-53751Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then p
- CVE-2023-53747Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF After a call to console_unlock() in vcs_write() the vc_data struct can be freed by vc_port_destruct(). Because of that, the struct vc
- CVE-2023-53746Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfio_ap device driver The device release callback function invoked to release the matrix device uses the dev_get_drvdata(device *dev) function to retrieve the pointer to the vfi
- CVE-2023-53744Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe wkup_m3_ipc_get() takes refcount, which should be freed by wkup_m3_ipc_put(). Add missing refcount release in the error paths.
- CVE-2023-53743Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Free released resource after coalescing release_resource() doesn't actually free the resource or resource list entry so free the resource list entry to avoid a leak.
- CVE-2022-50630Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlb_handle_userfault The vma_lock and hugetlb_fault_mutex are dropped before handling userfault and reacquire them again after handle_userfault(), but reacquire the vma_lock could le
- CVE-2022-50629Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsi_coex_attach() The coex_cb needs to be freed when rsi_create_kthread() failed in rsi_coex_attach().
- CVE-2022-50626Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is due to not accounting for and freeing current iteration's adapter->priv in case of
- CVE-2022-50625Dec 8, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1] documentation describes a generic UART interface. Such generic UART does not su
Page 20 of 116