suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.4

Vulnerabilities (2,965)

• CVE-2022-50466Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: fs/binfmt_elf: Fix memory leak in load_elf_binary() There is a memory leak reported by kmemleak: unreferenced object 0xffff88817104ef80 (size 224): comm "xfs_admin", pid 47165, jiffies 4298708825 (age 13

• CVE-2022-50465Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix leaking uninitialized memory in fast-commit journal When space at the end of fast-commit journal blocks is unused, make sure to zero it out so that uninitialized memory is not leaked to disk.

• CVE-2022-50460Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_flock() If not flock, before return -ENOLCK, should free the xid, otherwise, the xid will be leaked.

• CVE-2022-50459Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. isc

• CVE-2022-50458Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put()

• CVE-2022-50456Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt to resolve a logical address in th

• CVE-2022-50454Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() nouveau_bo_init() is backed by ttm_bo_init() and ferries its return code back to the caller. On failures, ttm will call nouveau_bo_del_tt

• CVE-2022-50453Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbinding the GPIO device, then calling any of the system calls relevant to the GPIO char

• CVE-2022-50449Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix memory leak in _samsung_clk_register_pll() If clk_register() fails, @pll->rate_table may have allocated memory by kmemdup(), so it needs to be freed, otherwise will cause memory leak issue, th

• CVE-2023-53487Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas_flash: allow user copy to flash block cache objects With hardened usercopy enabled (CONFIG_HARDENED_USERCOPY=y), using the /proc/powerpc/rtas/firmware_update interface to prepare a system firmware

• CVE-2023-53485Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:1965:6 index -84 is out of range for type 's8[341]'

• CVE-2023-53476Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep

• CVE-2023-53475Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: [ 167.057718] BUG: sleeping function called from invalid context at include/linux/sched/

• CVE-2023-53474Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bank_map Thee maximum number of MCA banks is 64 (MAX_NR_BANKS), see a0bc32b3cacf ("x86/mce: Increase maximum number of banks to 64"). However, the bank_map which contains a bitfi

• CVE-2023-53473Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4_dirhash() The ext4_dirhash() will *almost* never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, cas

• CVE-2023-53472Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm->hwpwm

• CVE-2023-53471Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras gfx9 cp_ecc_error_irq is only enabled when legacy gfx ras is assert. So in gfx_v9_0_hw_fini, interrupt disablement for cp_ecc_erro

• CVE-2023-53468Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in alloc_wbufs() kmemleak reported a sequence of memory leaks, and show them as following: unreferenced object 0xffff8881575f8400 (size 1024): comm "mount", pid 19625, jiffies 4297

• CVE-2023-53465Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: soundwire: qcom: fix storing port config out-of-bounds The 'qcom_swrm_ctrl->pconfig' has size of QCOM_SDW_MAX_PORTS (14), however we index it starting from 1, not 0, to match real port numbers. This can lead to

• CVE-2023-53464Oct 1, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad ("scsi: iscsi: iscsi_tcp: Fix null-ptr-