rpm package
suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.4
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4
Vulnerabilities (2,965)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53313 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of max_corr_read_errors There is no input check when echo md/max_read_errors and overflow might occur. Add check of input number. | ||
| CVE-2023-53311 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach_log_writer(). Previous | ||
| CVE-2023-53309 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uni | ||
| CVE-2023-53307 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails If getting an ID or setting up a work queue in rbd_dev_create() fails, use-after-free on rbd_dev->rbd_client, rbd_dev->spec and rbd_dev->opt | ||
| CVE-2023-53305 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2cap_le_command_rej. | ||
| CVE-2023-53304 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with tests/shell/tes | ||
| CVE-2022-50351 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked. | ||
| CVE-2022-50349 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() If device_register() returns error in tifm_7xx1_switch_media(), name of kobject which is allocated in dev_set_name() called in device_add() is le | ||
| CVE-2022-50348 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix a memory leak in an error handling path If this memdup_user() call fails, the memory allocated in a previous call a few lines above should be freed. Otherwise it leaks. | ||
| CVE-2022-50347 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kern | ||
| CVE-2022-50346 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: init quota for 'old.inode' in 'ext4_rename' Syzbot found the following issue: ext4_parse_param: s_want_extra_isize=128 ext4_inode_info_init: s_want_extra_isize=32 ext4_rename: old.inode=ffff88823869a2c8 o | ||
| CVE-2022-50344 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4_write_info I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range [0x0000000000000068-0x0000 | ||
| CVE-2022-50342 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unreferenced object 0xffff888115ed25a0 (size 8): comm "modprobe", pid 727, jiffies | ||
| CVE-2022-50340 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimc_init() fails In vimc_init(), when platform_driver_register(&vimc_pdrv) fails, platform_driver_unregister(&vimc_pdrv) is wrongly called rather than platform_devic | ||
| CVE-2025-39824 | Hig | 7.8 | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HID_CLAIMED_INPUT validation After hid_hw_start() is called hidinput_connect() will eventually be called to set up the device with the input layer since the HID_CONNECT_DEFAULT connect ma | |
| CVE-2025-39823 | Hig | 7.8 | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use array_index_nospec with indices that come from guest min and dest_id are guest-controlled indices. Using array_index_nospec() after the bounds checks clamps these values to mitigate speculative ex | |
| CVE-2023-53302 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for create_singlethread_workqueue() Add the check for the return value of the create_singlethread_workqueue() in order to avoid NULL pointer dereference. | ||
| CVE-2023-53299 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio->remaining' for recovery raid10_sync_request() will add 'r10bio->remaining' for both rdev and replacement rdev. However, if the read io fails, recovery_request_write() returns wit | ||
| CVE-2023-53298 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of se_io context in nfc_genl_se_io The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfc_genl_se_io and supposed to be eventually free | ||
| CVE-2023-53297 | — | < 5.14.21-150400.15.133.1 | 5.14.21-150400.15.133.1 | Sep 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' is triggered. |
- CVE-2023-53313Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of max_corr_read_errors There is no input check when echo md/max_read_errors and overflow might occur. Add check of input number.
- CVE-2023-53311Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach_log_writer(). Previous
- CVE-2023-53309Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uni
- CVE-2023-53307Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails If getting an ID or setting up a work queue in rbd_dev_create() fails, use-after-free on rbd_dev->rbd_client, rbd_dev->spec and rbd_dev->opt
- CVE-2023-53305Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2cap_le_command_rej.
- CVE-2023-53304Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with tests/shell/tes
- CVE-2022-50351Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked.
- CVE-2022-50349Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() If device_register() returns error in tifm_7xx1_switch_media(), name of kobject which is allocated in dev_set_name() called in device_add() is le
- CVE-2022-50348Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix a memory leak in an error handling path If this memdup_user() call fails, the memory allocated in a previous call a few lines above should be freed. Otherwise it leaks.
- CVE-2022-50347Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kern
- CVE-2022-50346Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: ext4: init quota for 'old.inode' in 'ext4_rename' Syzbot found the following issue: ext4_parse_param: s_want_extra_isize=128 ext4_inode_info_init: s_want_extra_isize=32 ext4_rename: old.inode=ffff88823869a2c8 o
- CVE-2022-50344Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4_write_info I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range [0x0000000000000068-0x0000
- CVE-2022-50342Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unreferenced object 0xffff888115ed25a0 (size 8): comm "modprobe", pid 727, jiffies
- CVE-2022-50340Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimc_init() fails In vimc_init(), when platform_driver_register(&vimc_pdrv) fails, platform_driver_unregister(&vimc_pdrv) is wrongly called rather than platform_devic
- affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HID_CLAIMED_INPUT validation After hid_hw_start() is called hidinput_connect() will eventually be called to set up the device with the input layer since the HID_CONNECT_DEFAULT connect ma
- affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use array_index_nospec with indices that come from guest min and dest_id are guest-controlled indices. Using array_index_nospec() after the bounds checks clamps these values to mitigate speculative ex
- CVE-2023-53302Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for create_singlethread_workqueue() Add the check for the return value of the create_singlethread_workqueue() in order to avoid NULL pointer dereference.
- CVE-2023-53299Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio->remaining' for recovery raid10_sync_request() will add 'r10bio->remaining' for both rdev and replacement rdev. However, if the read io fails, recovery_request_write() returns wit
- CVE-2023-53298Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of se_io context in nfc_genl_se_io The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfc_genl_se_io and supposed to be eventually free
- CVE-2023-53297Sep 16, 2025affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' is triggered.
Page 36 of 149