suse/kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4

Vulnerabilities (2,830)

• CVE-2022-50719Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6_midi_transmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PO

• CVE-2022-50718Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by

• CVE-2022-50717Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds check to avoid out-of-bounds access.

• CVE-2022-50716Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out syzkaller reported use-after-free with the stack trace like below [1]: [ 38.960489][ C3] ========================================================

• CVE-2022-50715Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdx_raid1 thread were not stop, Even if the associated resources have

• CVE-2025-68732Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no threa

• CVE-2023-54042Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix VAS mm use after free The refcount on mm is dropped before the coprocessor is detached.

• CVE-2023-54040Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: ice: fix wrong fallback logic for FDIR When adding a FDIR filter, if ice_vc_fdir_set_irq_ctx returns failure, the inserted fdir entry will not be removed and if ice_vc_fdir_write_fltr returns failure, the fdir

• CVE-2023-54039Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access In the j1939_tp_tx_dat_new() function, an out-of-bounds memory access could occur during the memcpy() operation if the size of skb->cb is large

• CVE-2023-54036Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU The wifi + bluetooth combo chip RTL8723BU can leak memory (especially?) when it's connected to a bluetooth audio device. The busy bluetooth traffic gen

• CVE-2023-54028Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxe_cleanup_task" In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, internally things like rxe_init_task are not setup

• CVE-2023-54026Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazy_opp_tables after probe deferral When dev_pm_opp_of_find_icc_paths() in _allocate_opp_table() returns -EPROBE_DEFER, the opp_table is freed again, to wait until all the interconne

• CVE-2023-54025Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled In case WoWlan was never configured during the operation of the system, the hw->wiphy->wowlan_config will be NULL. rsi_config_wowlan() checks w

• CVE-2023-54024Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy target device if coalesced MMIO unregistration fails Destroy and free the target coalesced MMIO device if unregistering said device fails. As clearly noted in the code, kvm_io_bus_unregister_dev()

• CVE-2023-54021Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: set goal start correctly in ext4_mb_normalize_request We need to set ac_g_ex to notify the goal start used in ext4_mb_find_by_goal. Set ac_g_ex instead of ac_f_ex in ext4_mb_normalize_request. Besides we

• CVE-2023-54020Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: dmaengine: sf-pdma: pdma_desc memory leak fix Commit b2cc5c465c2c ("dmaengine: sf-pdma: Add multithread support for a DMA channel") changed sf_pdma_prep_dma_memcpy() to unconditionally allocate a new sf_pdma_de

• CVE-2023-54019Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroup_file_release causes UAF issues when a cgroup is removed from under a polling process. This is happening because c

• CVE-2023-54018Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: Add missing check for alloc_ordered_workqueue Add check for the return value of alloc_ordered_workqueue as it may return NULL pointer and cause NULL pointer dereference in `hdmi_hdcp.c` and `hdmi_

• CVE-2023-54015Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device In case devcom allocation is failed, mlx5 is always freeing the priv. However, this priv might have been allocated by a different thread, and free

• CVE-2023-54014Dec 24, 2025
  affected < 5.14.21-150400.24.194.1fixed 5.14.21-150400.24.194.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be dereferenced. rport returned by call to fc_bsg_to_rport() could be NULL and dereferenced.