VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,117)

  • CVE-2023-54032Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting quota root from the dirty cow roots list When disabling quotas we are deleting the quota root from the list fs_info->dirty_cowonly_roots without taking the lock that protects it, w

  • CVE-2023-54031Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described pro

  • CVE-2023-54030Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: io_uring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performance, and in the worst case scenario OOM the task.

  • CVE-2023-54027Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: iio: core: Prevent invalid memory access when there is no parent Commit 813665564b3d ("iio: core: Convert to use firmware node handle instead of OF node") switched the kind of nodes to use for label retrieval i

  • CVE-2023-54026Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazy_opp_tables after probe deferral When dev_pm_opp_of_find_icc_paths() in _allocate_opp_table() returns -EPROBE_DEFER, the opp_table is freed again, to wait until all the interconne

  • CVE-2023-54025Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled In case WoWlan was never configured during the operation of the system, the hw->wiphy->wowlan_config will be NULL. rsi_config_wowlan() checks w

  • CVE-2023-54023Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between balance and cancel/pause Syzbot reported a panic that looks like this: assertion failed: fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE_PAUSED, in fs/btrfs/ioctl.c:465 -------

  • CVE-2023-54022Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at alloc_midi_urbs() that is called at MIDI 2.0 / UMP device are supposed to be handled at the cal

  • CVE-2023-54019Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroup_file_release causes UAF issues when a cgroup is removed from under a polling process. This is happening because c

  • CVE-2023-54017Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebus_bus_init() If device_register() returns error in ibmebus_bus_init(), name of kobject which is allocated in dev_set_name() called in device_add() is leaked.

  • CVE-2023-54016Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak in rx_desc and tx_desc Currently when ath12k_dp_cc_desc_init() is called we allocate memory to rx_descs and tx_descs. In ath12k_dp_cc_cleanup(), during descriptor cleanup rx_descs

  • CVE-2023-54014Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be dereferenced. rport returned by call to fc_bsg_to_rport() could be NULL and dereferenced.

  • CVE-2023-54013Dec 24, 2025
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: interconnect: Fix locking for runpm vs reclaim For cases where icc_bw_set() can be called in callbaths that could deadlock against shrinker/reclaim, such as runpm resume, we need to decouple the icc locking. I

  • CVE-2023-54008Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: virtio_vdpa: build affinity masks conditionally We try to build affinity mask via create_affinity_masks() unconditionally which may lead several issues: - the affinity mask is not used for parent without affin

  • CVE-2023-54006Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data-race around unix_tot_inflight. unix_tot_inflight is changed under spin_lock(unix_gc_lock), but unix_release_sock() reads it locklessly. Let's use READ_ONCE() for unix_tot_inflight. Note that

  • CVE-2023-54005Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: binder: fix memory leak in binder_init() In binder_init(), the destruction of binder_alloc_shrinker_init() is not performed in the wrong path, which will cause memory leaks. So this commit introduces binder_all

  • CVE-2023-54001Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: staging: r8712: Fix memory leak in _r8712_init_xmit_priv() In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later one fails, the routine will leak memory. This

  • CVE-2023-54000Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix deadlock issue when externel_lb and reset are executed together When externel_lb and reset are executed together, a deadlock may occur: [ 3147.217009] INFO: task kworker/u321:0:7 blocked for more

  • CVE-2023-53999Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix internal port memory leak The flow rule can be splited, and the extra post_act rules are added to post_act table. It's possible to trigger memleak when the rule forwards packets from internal

  • CVE-2023-53998Dec 24, 2025
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on data_avail and actual data The virtio rng device kicks off a new entropy request whenever the data available reaches zero. When a new request occurs at the end of a read operation,

Page 14 of 106