rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7

Vulnerabilities (2,262)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-53528	Med	5.5	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix unsafe drain work queue code If create_qp does not fully succeed it is possible for qp cleanup code to attempt to drain the send or recv work queues before the queues have been created causing a s
CVE-2023-53526	Med	5.5	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: jbd2: check 'jh->b_transaction' before removing it from checkpoint Following process will corrupt ext4 image: Step 1: jbd2_journal_commit_transaction __jbd2_journal_insert_checkpoint(jh, commit_transaction) /
CVE-2023-53523	Med	5.5	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: fix time stamp counter initialization If the gs_usb device driver is unloaded (or unbound) before the interface is shut down, the USB stack first calls the struct usb_driver::disconnect and then th
CVE-2023-53520	Med	4.7	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hci_suspend_sync crash If hci_unregister_dev() frees the hci_dev object but hci_suspend_notifier may still be accessing it, it can cause the program to crash. Here's the call trace: <4>[102152.
CVE-2023-53519	Med	5.5	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: add lock to protect parameter num_rdy Getting below error when using KCSAN to check the driver. Adding lock to protect parameter num_rdy when getting the value with function: v4l2_m2m_num_s
CVE-2023-53516	Hig	7.8	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF The previous commit 954d1fa1ac93 ("macvlan: Add netlink attribute for broadcast cutoff") added one additional attribute named IFLA_MACVLAN_BC_CUTOFF
CVE-2023-53515	Hig	7.8	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vm_dev vm_dev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vm_dev struct with devr
CVE-2023-53510	Hig	7.8	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp->cmd ufshcd_queuecommand() may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a
CVE-2023-53531		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: null_blk: fix poll request timeout handling When doing io_uring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. [1] BUG: kernel NULL pointer de
CVE-2023-53530		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC{0}: controller connect complete localhost kernel: BUG: using
CVE-2023-53527		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix memory leak in tb_handle_dp_bandwidth_request() The memory allocated in tb_queue_dp_bandwidth_request() needs to be released once the request is handled to avoid leaking it.
CVE-2023-53518		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.
CVE-2023-53508		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: ublk: fail to start device if queue setup is interrupted In ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLK_
CVE-2023-53507		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister devlink params in case interface is down Currently, in case an interface is down, mlx5 driver doesn't unregister its devlink params, which leads to this WARN[1]. Fix it by unregistering dev
CVE-2023-53505		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: clk: tegra: tegra124-emc: Fix potential memory leak The tegra and tegra needs to be freed in the error handling path, otherwise it will be leaked.
CVE-2023-53504		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Properly order ib_device_unalloc() to avoid UAF ib_dealloc_device() should be called only after device cleanup. Fix the dealloc sequence.
CVE-2023-53501		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: iommu/amd/iommu_v2: Fix pasid_state refcount dec hit 0 warning on pasid unbind When unbinding pasid - a race condition exists vs outstanding page faults. To prevent this, the pasid_state object contains a refc
CVE-2023-53500		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decode_session6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when
CVE-2023-53496		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socket<=>node lookups. But when nr_cpus is set to a smaller number th
CVE-2023-53495		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Oct 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mvpp2_main: fix possible OOB write in mvpp2_ethtool_get_rxnfc() rules is allocated in ethtool_get_rxnfc and the size is determined by rule_cnt from user space. So rule_cnt needs to be check befor

CVE-2023-53528MedOct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix unsafe drain work queue code If create_qp does not fully succeed it is possible for qp cleanup code to attempt to drain the send or recv work queues before the queues have been created causing a s
CVE-2023-53526MedOct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: check 'jh->b_transaction' before removing it from checkpoint Following process will corrupt ext4 image: Step 1: jbd2_journal_commit_transaction __jbd2_journal_insert_checkpoint(jh, commit_transaction) /
CVE-2023-53523MedOct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: fix time stamp counter initialization If the gs_usb device driver is unloaded (or unbound) before the interface is shut down, the USB stack first calls the struct usb_driver::disconnect and then th
CVE-2023-53520MedOct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hci_suspend_sync crash If hci_unregister_dev() frees the hci_dev object but hci_suspend_notifier may still be accessing it, it can cause the program to crash. Here's the call trace: <4>[102152.
CVE-2023-53519MedOct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: add lock to protect parameter num_rdy Getting below error when using KCSAN to check the driver. Adding lock to protect parameter num_rdy when getting the value with function: v4l2_m2m_num_s
CVE-2023-53516HigOct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF The previous commit 954d1fa1ac93 ("macvlan: Add netlink attribute for broadcast cutoff") added one additional attribute named IFLA_MACVLAN_BC_CUTOFF
CVE-2023-53515HigOct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vm_dev vm_dev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vm_dev struct with devr
CVE-2023-53510HigOct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp->cmd ufshcd_queuecommand() may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a
CVE-2023-53531Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix poll request timeout handling When doing io_uring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. [1] BUG: kernel NULL pointer de
CVE-2023-53530Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC{0}: controller connect complete localhost kernel: BUG: using
CVE-2023-53527Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix memory leak in tb_handle_dp_bandwidth_request() The memory allocated in tb_queue_dp_bandwidth_request() needs to be released once the request is handled to avoid leaking it.
CVE-2023-53518Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.
CVE-2023-53508Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: ublk: fail to start device if queue setup is interrupted In ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLK_
CVE-2023-53507Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister devlink params in case interface is down Currently, in case an interface is down, mlx5 driver doesn't unregister its devlink params, which leads to this WARN[1]. Fix it by unregistering dev
CVE-2023-53505Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: clk: tegra: tegra124-emc: Fix potential memory leak The tegra and tegra needs to be freed in the error handling path, otherwise it will be leaked.
CVE-2023-53504Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Properly order ib_device_unalloc() to avoid UAF ib_dealloc_device() should be called only after device cleanup. Fix the dealloc sequence.
CVE-2023-53501Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: iommu/amd/iommu_v2: Fix pasid_state refcount dec hit 0 warning on pasid unbind When unbinding pasid - a race condition exists vs outstanding page faults. To prevent this, the pasid_state object contains a refc
CVE-2023-53500Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decode_session6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when
CVE-2023-53496Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socket<=>node lookups. But when nr_cpus is set to a smaller number th
CVE-2023-53495Oct 1, 2025
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mvpp2_main: fix possible OOB write in mvpp2_ethtool_get_rxnfc() rules is allocated in ethtool_get_rxnfc and the size is determined by rule_cnt from user space. So rule_cnt needs to be check befor

Page 47 of 114