suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5

Vulnerabilities (4,559)

• CVE-2023-53288Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report: drm_mode_duplicate+0x45/0x220 [drm]

• CVE-2023-53287Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pm_runtime_set_active will resume supplier

• CVE-2023-53286Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. W

• CVE-2023-53284Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init() Because of the possilble failure of devm_kzalloc(), dpu_wb_conn might be NULL and will cause null pointer dereference later. Therefo

• CVE-2023-53282Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-free read warning is logged from the lpfc_wr_object() routine: BUG: KFENCE: us

• CVE-2023-53281Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Commit 041879b12ddb ("drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle()") besides fixing the deadlock also modifi

• CVE-2023-53280Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up gets called for uninitialized wait queue sp->nvme_ls_waitq. qla2xxx [0000:3

• CVE-2023-53277Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_workqueue in order to avoid NULL pointer dereference.

• CVE-2023-53276Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after t

• CVE-2023-53275Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often protected by the lock codec->regmap_lock when is accessed. However, it is access

• CVE-2023-53273Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel() assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset

• CVE-2023-53272Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in b

• CVE-2023-53270Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_disksize exceeding i_size problem in paritally written case It is possible for i_disksize can exceed i_size, triggering a warning. generic_perform_write copied = iov_iter_copy_from_user_atomic(len

• CVE-2023-53268Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl_mqs: move of_node_put() to the correct location of_node_put() should have been done directly after mqs_priv->regmap = syscon_node_to_regmap(gpr_np); otherwise it creates a reference leak on the succes

• CVE-2023-53265Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size <= alloc, size Ensure that the VID header offset + VID header size does not exceed the allocated area to avoid slab OOB. BUG: KASAN: slab-out-of-bounds in c

• CVE-2023-53263Sep 16, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create We can't simply free the connector after calling drm_connector_init on it. We need to clean up the drm side first. It might no

• CVE-2022-50334Sep 15, 2025
  affected < 5.14.21-150500.13.112.1fixed 5.14.21-150500.13.112.1

  In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range [0x0000000000000

• CVE-2022-50333Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor.

• CVE-2022-50331Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name(

• CVE-2022-50330Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect