suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.4

Vulnerabilities (2,965)

• CVE-2023-53295Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we still updated length of inline data as if the whole write succeeded. Fix the update

• CVE-2023-53288Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm]

• CVE-2023-53286Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. W

• CVE-2023-53282Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-free read warning is logged from the lpfc_wr_object() routine: BUG: KFENCE: us

• CVE-2023-53281Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Commit 041879b12ddb ("drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle()") besides fixing the deadlock also modifi

• CVE-2023-53280Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up gets called for uninitialized wait queue sp->nvme_ls_waitq. qla2xxx [0000:3

• CVE-2023-53277Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_workqueue in order to avoid NULL pointer dereference.

• CVE-2023-53276Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after t

• CVE-2023-53275Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is access

• CVE-2023-53273Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel() assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset

• CVE-2023-53272Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in b

• CVE-2023-53270Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggering a warning. generic_perform_write copied = iov_iter_copy_from_user_atomic(len

• CVE-2023-53268Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_mqs: move of_node_put() to the correct location of_node_put() should have been done directly after mqs_priv->regmap = syscon_node_to_regmap(gpr_np); otherwise it creates a reference leak on the succes

• CVE-2023-53265Sep 16, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: slab-out-of-bounds in c

• CVE-2022-50334Sep 15, 2025
  affected < 5.14.21-150400.15.136.1fixed 5.14.21-150400.15.136.1

  In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range [0x0000000000000

• CVE-2022-50333Sep 15, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor.

• CVE-2022-50331Sep 15, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name(

• CVE-2022-50330Sep 15, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect

• CVE-2022-50329Sep 15, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will access 'bic->bfqq' in bic_set_bfqq(), however, bfq_exit_icq_bfqq() can free bfqq first

• CVE-2022-50328Sep 15, 2025
  affected < 5.14.21-150400.15.133.1fixed 5.14.21-150400.15.133.1

  In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential use-after-free in jbd2_fc_wait_bufs In 'jbd2_fc_wait_bufs' use 'bh' after put buffer head reference count which may lead to use-after-free. So judge buffer if uptodate before put buffer head