suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5

Vulnerabilities (4,559)

• CVE-2023-53174Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to

• CVE-2023-53171Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of locked_vm via exec() When a vfio container is preserved across exec, the task does not change, but it gets a new mm with locked_vm=0, and loses the count from existing dma mappi

• CVE-2023-53168Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: usb: ucsi_acpi: Increase the command completion timeout Commit 130a96d698d7 ("usb: typec: ucsi: acpi: Increase command completion timeout value") increased the timeout from 5 seconds to 60 seconds due to issues

• CVE-2023-53167Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: tracing: Fix null pointer dereference in tracing_err_log_open() Fix an issue in function 'tracing_err_log_open'. The function doesn't call 'seq_open' if the file is opened only with write permissions, which res

• CVE-2023-53165Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer.

• CVE-2023-53153Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext Key information in wext.connect is not reset on (re)connect and can hold data from a previous connection. Reset key data to avoid that drivers or mac80211 incorrectl

• CVE-2023-53152Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrm_buddy_fini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated for psp are not freed until removing. [61811.4

• CVE-2023-53151Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing writes, raid1 has cond_resched() while raid10 doesn't, and too many writes can cause s

• CVE-2023-53150Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be dereferenced. Add a fix to validate rport before deref

• CVE-2023-53149Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4_writepages() calls to avoid races with switching of journalled data flag or inode format. This lock can how

• CVE-2023-53147Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn and x->preplay_esn should be allocated at xfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the xfrm_update_ae_params(...

• CVE-2022-50261Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function point

• CVE-2022-50260Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: drm/msm: Make .remove and .shutdown HW shutdown consistent Drivers' .remove and .shutdown callbacks are executed on different code paths. The former is called when a device is removed from the bus, while the la

• CVE-2022-50258Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() This patch fixes a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument o

• CVE-2022-50257Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the map_ops array would be invalid, whereas all of the entries in the kmap_ops arra

• CVE-2022-50255Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: tracing: Fix reading strings from synthetic events The follow commands caused a crash: # cd /sys/kernel/tracing # echo 's:open char file[]' > dynamic_events # echo 'hist:keys=common_pid:file=filename:onc

• CVE-2022-50252Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v

• CVE-2022-50251Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash

• CVE-2022-50250Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix use_count leakage when handling boot-on I found a use_count leakage towards supply regulator of rdev with boot-on option. ┌───────────────────┐ ┌───────────────────┐ │ regulator

• CVE-2022-50249Sep 15, 2025
  affected < 5.14.21-150500.13.109.1fixed 5.14.21-150500.13.109.1

  In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease the refcount.