rpm package
suse/kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Vulnerabilities (2,318)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50516 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sb_lvbptr I experience issues when putting a lkbsb on the stack and have sb_lvbptr field to a dangled pointer while not using DLM_LKF_VALBLK. It will crash with the following k | ||
| CVE-2022-50515 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue() If construction of the array of work queues to handle hpd_rx_irq offload work fails, we need to unwind. Destroy all the created workqueues and the al | ||
| CVE-2022-50514 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_hid: fix refcount leak on error path When failing to allocate report_desc, opts->refcnt has already been incremented so it needs to be decremented to avoid leaving the options structure permanent | ||
| CVE-2022-50513 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() In rtw_init_cmd_priv(), if `pcmdpriv->rsp_allocated_buf` is allocated in failure, then `pcmdpriv->cmd_allocated_buf` will be not properly r | ||
| CVE-2022-50512 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_regions() As krealloc may return NULL, in this case 'state->fc_regions' may not be freed by krealloc, but 'state->fc_regions' already set NULL. Then will lead t | ||
| CVE-2022-50511 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for get_default_font Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN | ||
| CVE-2022-50509 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for kmalloc As the kmalloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others. | ||
| CVE-2022-50493 | Med | 5.5 | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_sta | |
| CVE-2022-50472 | Med | 5.5 | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ib_query_pkey() in atomic context. WARNING: | |
| CVE-2023-53616 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount syzbot found an invalid-free in diUnmount: BUG: KASAN: double-free in slab_free mm/slub.c:3661 [inline] BUG: KASAN: double-free in __kmem_cache_free | ||
| CVE-2023-53615 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here | ||
| CVE-2023-53612 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Simplify platform device handling Coretemp's platform driver is unconventional. All the real work is done globally by the initcall and CPU hotplug notifiers, while the "driver" effectively jus | ||
| CVE-2023-53611 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age | ||
| CVE-2023-53608 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() The finalization of nilfs_segctor_thread() can race with nilfs_segctor_kill_thread() which terminates that thread, potentially causing | ||
| CVE-2023-53607 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fix BUG_ON in probe function The snd_dma_buffer.bytes field now contains the aligned size, which this snd_BUG_ON() did not account for, resulting in the following: [ 9.625915] ------------[ cu | ||
| CVE-2023-53605 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm: amd: display: Fix memory leakage This commit fixes memory leakage in dc_construct_ctx() function. | ||
| CVE-2023-53604 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path Otherwise the journal_io_cache will leak if dm_register_target() fails. | ||
| CVE-2023-53603 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NUL | ||
| CVE-2023-53601 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb mac_header is set Drivers must not assume in their ndo_start_xmit() that skbs have their mac_header set. skb->data is all what is needed. bonding seems to be one of the last offender | ||
| CVE-2023-53598 | — | < 5.14.21-150500.55.127.1 | 5.14.21-150500.55.127.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBOFF registers is outside the range of the MHI register space then an invalid address might be computed which later caus |
- CVE-2022-50516Oct 7, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sb_lvbptr I experience issues when putting a lkbsb on the stack and have sb_lvbptr field to a dangled pointer while not using DLM_LKF_VALBLK. It will crash with the following k
- CVE-2022-50515Oct 7, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue() If construction of the array of work queues to handle hpd_rx_irq offload work fails, we need to unwind. Destroy all the created workqueues and the al
- CVE-2022-50514Oct 7, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_hid: fix refcount leak on error path When failing to allocate report_desc, opts->refcnt has already been incremented so it needs to be decremented to avoid leaving the options structure permanent
- CVE-2022-50513Oct 7, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() In rtw_init_cmd_priv(), if `pcmdpriv->rsp_allocated_buf` is allocated in failure, then `pcmdpriv->cmd_allocated_buf` will be not properly r
- CVE-2022-50512Oct 7, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_regions() As krealloc may return NULL, in this case 'state->fc_regions' may not be freed by krealloc, but 'state->fc_regions' already set NULL. Then will lead t
- CVE-2022-50511Oct 7, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for get_default_font Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN
- CVE-2022-50509Oct 7, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for kmalloc As the kmalloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others.
- affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_sta
- affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ib_query_pkey() in atomic context. WARNING:
- CVE-2023-53616Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount syzbot found an invalid-free in diUnmount: BUG: KASAN: double-free in slab_free mm/slub.c:3661 [inline] BUG: KASAN: double-free in __kmem_cache_free
- CVE-2023-53615Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here
- CVE-2023-53612Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Simplify platform device handling Coretemp's platform driver is unconventional. All the real work is done globally by the initcall and CPU hotplug notifiers, while the "driver" effectively jus
- CVE-2023-53611Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age
- CVE-2023-53608Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() The finalization of nilfs_segctor_thread() can race with nilfs_segctor_kill_thread() which terminates that thread, potentially causing
- CVE-2023-53607Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fix BUG_ON in probe function The snd_dma_buffer.bytes field now contains the aligned size, which this snd_BUG_ON() did not account for, resulting in the following: [ 9.625915] ------------[ cu
- CVE-2023-53605Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: drm: amd: display: Fix memory leakage This commit fixes memory leakage in dc_construct_ctx() function.
- CVE-2023-53604Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path Otherwise the journal_io_cache will leak if dm_register_target() fails.
- CVE-2023-53603Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NUL
- CVE-2023-53601Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb mac_header is set Drivers must not assume in their ndo_start_xmit() that skbs have their mac_header set. skb->data is all what is needed. bonding seems to be one of the last offender
- CVE-2023-53598Oct 4, 2025affected < 5.14.21-150500.55.127.1fixed 5.14.21-150500.55.127.1
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBOFF registers is outside the range of the MHI register space then an invalid address might be computed which later caus
Page 28 of 116