rpm package
suse/kernel-obs-build&distro=SUSE Linux Enterprise Module for Development Tools 15 SP7
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7
Vulnerabilities (2,262)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54134 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofs_catatonic_mode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 (size 96): comm "syz-executor399", pid 3631, jiffies 42 | ||
| CVE-2023-54133 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfp: clean mc addresses in application firmware when closing port When moving devices from one namespace to another, mc addresses are cleaned in software while not removed from application firmware. Thus the mc | ||
| CVE-2023-54127 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() Syzkaller reported the following issue: ================================================================== BUG: KASAN: double-free in slab_f | ||
| CVE-2023-54125 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Return error for inconsistent extended attributes ntfs_read_ea is called when we want to read extended attributes. There are some sanity checks for the validity of the EAs. However, it fails to return | ||
| CVE-2023-54121 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect splitting in btrfs_drop_extent_map_range In production we were seeing a variety of WARN_ON()'s in the extent_map code, specifically in btrfs_drop_extent_map_range() when we have to call add | ||
| CVE-2023-54117 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with list_add corruption Commit fb08a1908cb1 ("dax: simplify the dax_device <-> gendisk association") introduced new logic for gendisk association, requiring drivers to explicitly | ||
| CVE-2023-54115 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() When nonstatic_release_resource_db() frees all resources associated with an PCMCIA socket, it forgets to free socket_data too, causing | ||
| CVE-2023-54113 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), will dump rcu_head objects memory info, if the objects is not allocated from the slab allocator, the vmalloc_dump_obj() will be invo | ||
| CVE-2023-54112 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcm_sendmsg() syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 (size 240): comm "syz-executor186", pid 5012, jiffies 429 | ||
| CVE-2023-54106 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the error path of mlx5e_init_rep_rx, which can lead to a memory leak. Fix by freeing th | ||
| CVE-2023-54104 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied in 'fun->mchip_number' which is used to access the 'mchip_offsets' and the 'rnb_gpio' arrays. These arrays have NAND_MAX_CHIPS el | ||
| CVE-2023-54101 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: use _safe loop iterator to avoid a use after free The hash_for_each_possible() loop dereferences "eve_data" to get the next item on the list. However the loop frees eve_data so it leads to | ||
| CVE-2023-54099 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: Protect reconfiguration of sb read-write from racing writes The reconfigure / remount code takes a lot of effort to protect filesystem's reconfiguration code from racing writes on remounting read-only. Howe | ||
| CVE-2023-54096 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for soundwire device to become enumerated on the bus and initialised by their drivers, res | ||
| CVE-2023-54095 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses fail_iommu_setup() registers the fail_iommu_bus_notifier struct to both PCI and VIO buses. struct notifier_block is a linked list node, so this ca | ||
| CVE-2023-54094 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: [ 62.624003] BUG: kernel NULL pointer dereference, addres | ||
| CVE-2023-54093 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anysee_master_xfer In anysee_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious d | ||
| CVE-2023-54092 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390_replace_asce(), the index of the new ASCE should als | ||
| CVE-2023-54091 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected | ||
| CVE-2023-54089 | — | < 6.4.0-150700.53.28.1 | 6.4.0-150700.53.28.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: add the missing REQ_OP_WRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------[ cut here ]------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 s |
- CVE-2023-54134Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofs_catatonic_mode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 (size 96): comm "syz-executor399", pid 3631, jiffies 42
- CVE-2023-54133Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: nfp: clean mc addresses in application firmware when closing port When moving devices from one namespace to another, mc addresses are cleaned in software while not removed from application firmware. Thus the mc
- CVE-2023-54127Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() Syzkaller reported the following issue: ================================================================== BUG: KASAN: double-free in slab_f
- CVE-2023-54125Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Return error for inconsistent extended attributes ntfs_read_ea is called when we want to read extended attributes. There are some sanity checks for the validity of the EAs. However, it fails to return
- CVE-2023-54121Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect splitting in btrfs_drop_extent_map_range In production we were seeing a variety of WARN_ON()'s in the extent_map code, specifically in btrfs_drop_extent_map_range() when we have to call add
- CVE-2023-54117Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with list_add corruption Commit fb08a1908cb1 ("dax: simplify the dax_device <-> gendisk association") introduced new logic for gendisk association, requiring drivers to explicitly
- CVE-2023-54115Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() When nonstatic_release_resource_db() frees all resources associated with an PCMCIA socket, it forgets to free socket_data too, causing
- CVE-2023-54113Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), will dump rcu_head objects memory info, if the objects is not allocated from the slab allocator, the vmalloc_dump_obj() will be invo
- CVE-2023-54112Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcm_sendmsg() syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 (size 240): comm "syz-executor186", pid 5012, jiffies 429
- CVE-2023-54106Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the error path of mlx5e_init_rep_rx, which can lead to a memory leak. Fix by freeing th
- CVE-2023-54104Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied in 'fun->mchip_number' which is used to access the 'mchip_offsets' and the 'rnb_gpio' arrays. These arrays have NAND_MAX_CHIPS el
- CVE-2023-54101Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: use _safe loop iterator to avoid a use after free The hash_for_each_possible() loop dereferences "eve_data" to get the next item on the list. However the loop frees eve_data so it leads to
- CVE-2023-54099Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: fs: Protect reconfiguration of sb read-write from racing writes The reconfigure / remount code takes a lot of effort to protect filesystem's reconfiguration code from racing writes on remounting read-only. Howe
- CVE-2023-54096Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for soundwire device to become enumerated on the bus and initialised by their drivers, res
- CVE-2023-54095Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses fail_iommu_setup() registers the fail_iommu_bus_notifier struct to both PCI and VIO buses. struct notifier_block is a linked list node, so this ca
- CVE-2023-54094Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: [ 62.624003] BUG: kernel NULL pointer dereference, addres
- CVE-2023-54093Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anysee_master_xfer In anysee_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious d
- CVE-2023-54092Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390_replace_asce(), the index of the new ASCE should als
- CVE-2023-54091Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected
- CVE-2023-54089Dec 24, 2025affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: add the missing REQ_OP_WRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------[ cut here ]------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 s
Page 18 of 114