VYPR

rpm package

suse/kernel-source&distro=SUSE Manager Server LTS 4.3

pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%20LTS%204.3

Vulnerabilities (542)

  • CVE-2023-53576Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: null_blk: Always check queue mode setting from configfs Make sure to check device queue mode in the null_validate_conf() and return error for NULL_Q_RQ as we don't allow legacy I/O path, without this patch we g

  • CVE-2023-53574Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtw_core_deinit()', shrink critical section i

  • CVE-2023-53572Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use _safe list iterator to avoid a use after free This loop is freeing "clk" so it needs to use list_for_each_entry_safe(). Otherwise it dereferences a freed variable to get the next item on the

  • CVE-2023-53571Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: drm/i915: Make intel_get_crtc_new_encoder() less oopsy The point of the WARN was to print something, not oops straight up. Currently that is precisely what happens if we can't find the connector for the crtc in

  • CVE-2023-53568Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if dev_set_name() fails When dev_set_name() fails, zcdn_create() doesn't free the newly allocated resources. Do it.

  • CVE-2023-53567Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: spi: qup: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case the dma resources are not released in the error path. this is never retried late

  • CVE-2023-53566Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix null deref on element insertion There is no guarantee that rb_prev() will not return NULL in nft_rbtree_gc_elem(): general protection fault, probably for non-canonical address 0x

  • CVE-2023-53564Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di + ocfs2_split_extent //sub-

  • CVE-2023-53560Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to hist_vars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables

  • CVE-2023-53559Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may

  • CVE-2023-53556Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: iavf: Fix use-after-free in free_netdev We do netif_napi_add() for all allocated q_vectors[], but potentially do netif_napi_del() for part of them, then kfree q_vectors and leave invalid pointers at dev->napi_l

  • CVE-2023-53554Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user. If it's over IW_ENCODING_TOKEN_MAX (64) that could lead to memory corruption.

  • CVE-2023-53553Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: avoid struct memcpy overrun warning A previous patch addressed the fortified memcpy warning for most builds, but I still see this one with gcc-9: In file included from include/linux/string.h:254,

  • CVE-2023-53552Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free References to i915_requests may be trapped by userspace inside a sync_file or dmabuf (dma-resv) and held indefinitely across different pro

  • CVE-2023-53551Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Add null pointer check in gserial_resume Consider a case where gserial_disconnect has already cleared gser->ioport. And if a wakeup interrupt triggers afterwards, gserial_resume gets call

  • CVE-2023-53548Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb The syzbot fuzzer identified a problem in the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 754 at drivers/usb/core/

  • CVE-2023-53542Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy For some reason, the driver adding support for Exynos5420 MIPI phy back in 2016 wasn't used on Exynos5420, which caused a kernel panic. Add the

  • CVE-2023-53541Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on the oob source buffer at the las

  • CVE-2023-53534Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference.

  • CVE-2023-53533Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe rpi_firmware_get() take reference, we need to release it in error paths as well. Use devm_rpi_firmware_get() helper to handling the resources. Also remo

Page 8 of 28