rpm package
suse/kernel-source&distro=SUSE Manager Proxy LTS 4.3
pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Proxy%20LTS%204.3
Vulnerabilities (542)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53651 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: Input: exc3000 - properly stop timer on shutdown We need to stop the timer on driver unbind or probe failures, otherwise we get UAF/Oops. | ||
| CVE-2023-53650 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() If 'mipid_detect()' fails, we must free 'md' to avoid a memory leak. | ||
| CVE-2023-53648 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant a | ||
| CVE-2023-53644 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: radio-shark: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the radio-shark2 driver: ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU | ||
| CVE-2023-53641 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of remain_skbs hif_dev->remain_skb is allocated and used exclusively in ath9k_hif_usb_rx_stream(). It is implied that an allocated remain_skb is processed and subsequently | ||
| CVE-2023-53640 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use_after_free out of bounds When we run syzkaller we get below Out of Bounds error. "KASAN: slab-out-of-bounds Read in regcache_flat_read" Below is the backtrace of the issue: BUG | ||
| CVE-2023-53639 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to dev_dbg() in callback The warn is triggered on a known race condition, documented in the code above the test, that is correctly handled. Using WARN() hinders automated testing. Red | ||
| CVE-2023-53637 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov772x: Fix memleak in ov772x_probe() A memory leak was reported when testing ov772x with bpf mock device: AssertionError: unreferenced object 0xffff888109afa7a8 (size 8): comm "python3", pid 279 | ||
| CVE-2023-53631 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using kset_find_obj(), a reference to that attribute is returned. This means that we need to dispose it accordingly. Use kobject_p | ||
| CVE-2023-53626 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible double unlock when moving a directory | ||
| CVE-2023-53625 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when destroying vgpu, e.g in remove case drm minor's debugfs root might already be destroyed, which led to kernel oops li | ||
| CVE-2023-53622 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options(): val = sdp->sd_tune.gt_logd_ | ||
| CVE-2023-53619 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free If nf_conntrack_init_start() fails (for example due to a register_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini() clean-up path frees th | ||
| CVE-2023-53617 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: socinfo: Add kfree for kstrdup Add kfree() in the later error handling in order to avoid memory leak. | ||
| CVE-2022-50534 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd->root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung t | ||
| CVE-2022-50532 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() returns error, sas_rphy_free() needs be called to free the resource allocated in sas | ||
| CVE-2022-50530 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping() Our syzkaller report a null pointer dereference, root cause is following: __blk_mq_alloc_map_and_rqs set->tags[hctx_idx] = blk_mq_alloc_map_an | ||
| CVE-2022-50529 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: test_firmware: fix memory leak in test_firmware_init() When misc_register() failed in test_firmware_init(), the memory pointed by test_fw_config->name is not released. The memory leak information is as follows: | ||
| CVE-2022-50528 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leakage This patch fixes potential memory leakage and seg fault in _gpuvm_import_dmabuf() function | ||
| CVE-2022-50525 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() The fsl_pamu_probe() returns directly when create_csd() failed, leaving irq and memories unreleased. Fix by jumping to error if create_csd() returns error. |
- CVE-2023-53651Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: Input: exc3000 - properly stop timer on shutdown We need to stop the timer on driver unbind or probe failures, otherwise we get UAF/Oops.
- CVE-2023-53650Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() If 'mipid_detect()' fails, we must free 'md' to avoid a memory leak.
- CVE-2023-53648Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant a
- CVE-2023-53644Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: media: radio-shark: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the radio-shark2 driver: ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU
- CVE-2023-53641Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of remain_skbs hif_dev->remain_skb is allocated and used exclusively in ath9k_hif_usb_rx_stream(). It is implied that an allocated remain_skb is processed and subsequently
- CVE-2023-53640Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use_after_free out of bounds When we run syzkaller we get below Out of Bounds error. "KASAN: slab-out-of-bounds Read in regcache_flat_read" Below is the backtrace of the issue: BUG
- CVE-2023-53639Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to dev_dbg() in callback The warn is triggered on a known race condition, documented in the code above the test, that is correctly handled. Using WARN() hinders automated testing. Red
- CVE-2023-53637Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov772x: Fix memleak in ov772x_probe() A memory leak was reported when testing ov772x with bpf mock device: AssertionError: unreferenced object 0xffff888109afa7a8 (size 8): comm "python3", pid 279
- CVE-2023-53631Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using kset_find_obj(), a reference to that attribute is returned. This means that we need to dispose it accordingly. Use kobject_p
- CVE-2023-53626Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible double unlock when moving a directory
- CVE-2023-53625Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when destroying vgpu, e.g in remove case drm minor's debugfs root might already be destroyed, which led to kernel oops li
- CVE-2023-53622Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options(): val = sdp->sd_tune.gt_logd_
- CVE-2023-53619Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free If nf_conntrack_init_start() fails (for example due to a register_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini() clean-up path frees th
- CVE-2023-53617Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: socinfo: Add kfree for kstrdup Add kfree() in the later error handling in order to avoid memory leak.
- CVE-2022-50534Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd->root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung t
- CVE-2022-50532Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() returns error, sas_rphy_free() needs be called to free the resource allocated in sas
- CVE-2022-50530Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping() Our syzkaller report a null pointer dereference, root cause is following: __blk_mq_alloc_map_and_rqs set->tags[hctx_idx] = blk_mq_alloc_map_an
- CVE-2022-50529Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: test_firmware: fix memory leak in test_firmware_init() When misc_register() failed in test_firmware_init(), the memory pointed by test_fw_config->name is not released. The memory leak information is as follows:
- CVE-2022-50528Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leakage This patch fixes potential memory leakage and seg fault in _gpuvm_import_dmabuf() function
- CVE-2022-50525Oct 7, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() The fsl_pamu_probe() returns directly when create_csd() failed, leaving irq and memories unreleased. Fix by jumping to error if create_csd() returns error.
Page 5 of 28