suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

Vulnerabilities (2,117)

• CVE-2023-53613Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: dax: Fix dax_mapping_release() use after free A CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region provider (like modprobe -r dax_hmem) yields: kobject: 'mapping0' (ffff93eb460e8800): kobject_r

• CVE-2023-53611Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age

• CVE-2023-53603Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NUL

• CVE-2023-53602Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod. Fix it by calling ath11k_fw_stats_free() function before hardwa

• CVE-2023-53601Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb mac_header is set Drivers must not assume in their ndo_start_xmit() that skbs have their mac_header set. skb->data is all what is needed. bonding seems to be one of the last offender

• CVE-2023-53600Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in ip_compute_csum+0x134/0x220 Read of size 4 at ad

• CVE-2023-53599Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix missing initialisation affecting gcm-aes-s390 Fix af_alg_alloc_areq() to initialise areq->first_rsgl.sgl.sgt.sgl to point to the scatterlist array in areq->first_rsgl.sgl.sgl. Without this

• CVE-2023-53597Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT), we reconnect the connection. B

• CVE-2023-53596Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only gets called if the device has a bus and has been probed. This leads to issues when using bus-less o

• CVE-2023-53593Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: Release folio lock on fscache read hit. Under the current code, when cifs_readpage_worker is called, the call contract is that the callee should unlock the page. This is documented in the read_folio secti

• CVE-2023-53588Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check for station first in client probe When probing a client, first check if we have it, and then check for the channel context, otherwise you can trigger the warning there easily by probing wh

• CVE-2023-53585Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpf_sk_assign The semantics for bpf_sk_assign are as follows: sk = some_lookup_func() bpf_sk_assign(skb, sk) bpf_sk_release(sk) That is, the sk is not consumed by b

• CVE-2023-53583Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERF_HES_STOPPED flag checking in riscv_pmu_start() Since commit 096b52fd2bb4 ("perf: RISC-V: throttle perf events") the perf_sample_event_took() function was added to report time spent in

• CVE-2023-53581Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the necessary lock. This opens a possibility for race condition when the flow is conc

• CVE-2023-53580Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: core: Help prevent panic during UVC unconfigure Avichal Rakesh reported a kernel panic that occurred when the UVC gadget driver was removed from a gadget's configuration. The panic involves a some

• CVE-2023-53579Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action.

• CVE-2023-53577Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdp_redirect_cpu with some RT threads: ------------[ cut here ]--------

• CVE-2023-53575Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWL_SEC_WEP_KEY_OFFSET when needed while verifying key_len size in iwl_mvm_sec_key_add().

• CVE-2023-53574Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtw_core_deinit()', shrink critical section i

• CVE-2023-53572Oct 4, 2025
  affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

  In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use _safe list iterator to avoid a use after free This loop is freeing "clk" so it needs to use list_for_each_entry_safe(). Otherwise it dereferences a freed variable to get the next item on the