VYPR

rpm package

suse/kernel-source-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,117)

  • CVE-2023-53540MedOct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later.

  • CVE-2023-53616Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount syzbot found an invalid-free in diUnmount: BUG: KASAN: double-free in slab_free mm/slub.c:3661 [inline] BUG: KASAN: double-free in __kmem_cache_free

  • CVE-2023-53615Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here

  • CVE-2023-53613Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: dax: Fix dax_mapping_release() use after free A CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region provider (like modprobe -r dax_hmem) yields: kobject: 'mapping0' (ffff93eb460e8800): kobject_r

  • CVE-2023-53611Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age

  • CVE-2023-53603Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NUL

  • CVE-2023-53602Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod. Fix it by calling ath11k_fw_stats_free() function before hardwa

  • CVE-2023-53601Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb mac_header is set Drivers must not assume in their ndo_start_xmit() that skbs have their mac_header set. skb->data is all what is needed. bonding seems to be one of the last offender

  • CVE-2023-53600Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in ip_compute_csum+0x134/0x220 Read of size 4 at ad

  • CVE-2023-53599Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix missing initialisation affecting gcm-aes-s390 Fix af_alg_alloc_areq() to initialise areq->first_rsgl.sgl.sgt.sgl to point to the scatterlist array in areq->first_rsgl.sgl.sgl. Without this

  • CVE-2023-53597Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT), we reconnect the connection. B

  • CVE-2023-53593Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Release folio lock on fscache read hit. Under the current code, when cifs_readpage_worker is called, the call contract is that the callee should unlock the page. This is documented in the read_folio secti

  • CVE-2023-53588Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check for station first in client probe When probing a client, first check if we have it, and then check for the channel context, otherwise you can trigger the warning there easily by probing wh

  • CVE-2023-53585Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpf_sk_assign The semantics for bpf_sk_assign are as follows: sk = some_lookup_func() bpf_sk_assign(skb, sk) bpf_sk_release(sk) That is, the sk is not consumed by b

  • CVE-2023-53583Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERF_HES_STOPPED flag checking in riscv_pmu_start() Since commit 096b52fd2bb4 ("perf: RISC-V: throttle perf events") the perf_sample_event_took() function was added to report time spent in

  • CVE-2023-53581Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the necessary lock. This opens a possibility for race condition when the flow is conc

  • CVE-2023-53580Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: core: Help prevent panic during UVC unconfigure Avichal Rakesh reported a kernel panic that occurred when the UVC gadget driver was removed from a gadget's configuration. The panic involves a some

  • CVE-2023-53579Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action.

  • CVE-2023-53577Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdp_redirect_cpu with some RT threads: ------------[ cut here ]--------

  • CVE-2023-53575Oct 4, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWL_SEC_WEP_KEY_OFFSET when needed while verifying key_len size in iwl_mvm_sec_key_add().

Page 37 of 106