rpm package
suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (1,678)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53659 | — | < 5.3.18-150300.229.2 | 5.3.18-150300.229.2 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix out-of-bounds when setting channels on remove If we set channels greater during iavf_remove(), and waiting reset done would be timeout, then returned with error but changed num_active_queues directly, | ||
| CVE-2022-50549 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata Following concurrent processes: P1(drop cache) P2(kworker) drop_caches_sysctl_handler drop_slab shrink_slab | ||
| CVE-2022-50546 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4_evict_inode' Syzbot found the following issue: ===================================================== BUG: KMSAN: uninit-value in ext4_evict_inode+0xdd/0x26b0 fs/ext4/ino | ||
| CVE-2022-50544 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() xhci_alloc_stream_info() allocates stream context array for stream_info ->stream_ctx_array with xhci_alloc_stream_ctx(). When some error oc | ||
| CVE-2023-53619 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free If nf_conntrack_init_start() fails (for example due to a register_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini() clean-up path frees th | ||
| CVE-2022-50534 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd->root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung t | ||
| CVE-2022-50532 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() returns error, sas_rphy_free() needs be called to free the resource allocated in sas | ||
| CVE-2022-50516 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sb_lvbptr I experience issues when putting a lkbsb on the stack and have sb_lvbptr field to a dangled pointer while not using DLM_LKF_VALBLK. It will crash with the following k | ||
| CVE-2022-50513 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() In rtw_init_cmd_priv(), if `pcmdpriv->rsp_allocated_buf` is allocated in failure, then `pcmdpriv->cmd_allocated_buf` will be not properly r | ||
| CVE-2022-50504 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtas_os_term() It's unsafe to use rtas_busy_delay() to handle a busy status from the ibm,os-term RTAS function in rtas_os_term(): Kernel panic - not syncing: Attempted to kill | ||
| CVE-2022-50496 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy(). | ||
| CVE-2022-50494 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash When CPU 0 is offline and intel_powerclamp is used to inject idle, it generates kernel BUG: BUG: using smp_processor_id() i | ||
| CVE-2022-50493 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_sta | ||
| CVE-2022-50489 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of mipi_dsi_host_unregister() loops over every device currently found on that bus and will unregister it. | ||
| CVE-2022-50488 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ================================================================== BUG: KASAN: use-after-free in bfq_select_queue+0x3 | ||
| CVE-2023-53574 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtw_core_deinit()', shrink critical section i | ||
| CVE-2023-53566 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix null deref on element insertion There is no guarantee that rb_prev() will not return NULL in nft_rbtree_gc_elem(): general protection fault, probably for non-canonical address 0x | ||
| CVE-2023-53564 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di + ocfs2_split_extent //sub- | ||
| CVE-2023-53559 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may | ||
| CVE-2022-50484 | — | < 5.3.18-150300.226.1 | 5.3.18-150300.226.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, whe |
- CVE-2023-53659Oct 7, 2025affected < 5.3.18-150300.229.2fixed 5.3.18-150300.229.2
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix out-of-bounds when setting channels on remove If we set channels greater during iavf_remove(), and waiting reset done would be timeout, then returned with error but changed num_active_queues directly,
- CVE-2022-50549Oct 7, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata Following concurrent processes: P1(drop cache) P2(kworker) drop_caches_sysctl_handler drop_slab shrink_slab
- CVE-2022-50546Oct 7, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4_evict_inode' Syzbot found the following issue: ===================================================== BUG: KMSAN: uninit-value in ext4_evict_inode+0xdd/0x26b0 fs/ext4/ino
- CVE-2022-50544Oct 7, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() xhci_alloc_stream_info() allocates stream context array for stream_info ->stream_ctx_array with xhci_alloc_stream_ctx(). When some error oc
- CVE-2023-53619Oct 7, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free If nf_conntrack_init_start() fails (for example due to a register_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini() clean-up path frees th
- CVE-2022-50534Oct 7, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd->root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung t
- CVE-2022-50532Oct 7, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() returns error, sas_rphy_free() needs be called to free the resource allocated in sas
- CVE-2022-50516Oct 7, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sb_lvbptr I experience issues when putting a lkbsb on the stack and have sb_lvbptr field to a dangled pointer while not using DLM_LKF_VALBLK. It will crash with the following k
- CVE-2022-50513Oct 7, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() In rtw_init_cmd_priv(), if `pcmdpriv->rsp_allocated_buf` is allocated in failure, then `pcmdpriv->cmd_allocated_buf` will be not properly r
- CVE-2022-50504Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtas_os_term() It's unsafe to use rtas_busy_delay() to handle a busy status from the ibm,os-term RTAS function in rtas_os_term(): Kernel panic - not syncing: Attempted to kill
- CVE-2022-50496Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy().
- CVE-2022-50494Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash When CPU 0 is offline and intel_powerclamp is used to inject idle, it generates kernel BUG: BUG: using smp_processor_id() i
- CVE-2022-50493Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_sta
- CVE-2022-50489Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of mipi_dsi_host_unregister() loops over every device currently found on that bus and will unregister it.
- CVE-2022-50488Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ================================================================== BUG: KASAN: use-after-free in bfq_select_queue+0x3
- CVE-2023-53574Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtw_core_deinit()', shrink critical section i
- CVE-2023-53566Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix null deref on element insertion There is no guarantee that rb_prev() will not return NULL in nft_rbtree_gc_elem(): general protection fault, probably for non-canonical address 0x
- CVE-2023-53564Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di + ocfs2_split_extent //sub-
- CVE-2023-53559Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may
- CVE-2022-50484Oct 4, 2025affected < 5.3.18-150300.226.1fixed 5.3.18-150300.226.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, whe
Page 6 of 84