suse/kernel-syms&distro=SUSE Enterprise Storage 7.1

Vulnerabilities (1,483)

• CVE-2022-50408Sep 18, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() > ret = brcmf_proto_tx_queue_data(drvr, ifp->ifidx, skb); may be schedule, and then complete before the line > ndev->stats.tx_bytes += skb->

• CVE-2022-50401Sep 18, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure On error situation `clp->cl_cb_conn.cb_xprt` should not be given a reference to the xprt otherwise both client cleanup and the error handling p

• CVE-2023-53395Sep 18, 2025
  affected < 5.3.18-150300.59.226.1fixed 5.3.18-150300.59.226.1

  In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruct

• CVE-2022-50388Sep 18, 2025
  affected < 5.3.18-150300.59.226.1fixed 5.3.18-150300.59.226.1

  In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blk_kick_flush has NULL bio, and it may be dealt with nvme_end_req during io completion. When blktrace

• CVE-2022-50386Sep 18, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct

• CVE-2022-50385Sep 18, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfs_d_automount() When mounting from a NFSv4 referral, path->dentry can end up being a negative dentry, so derive the struct nfs_server from the dentry itself instead.

• CVE-2022-50381Sep 18, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempool_free There's a crash in mempool_free when running the lvm test shell/lvchange-rebuild-raid.sh. The reason for the crash is this: * super_written calls atomic_dec_and_test(&mddev->pen

• CVE-2022-50375Sep 18, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown lpuart_dma_shutdown tears down lpuart dma, but lpuart_flush_buffer can still occur which in turn tries to access dma apis if lpuart_dm

• CVE-2023-53365Sep 17, 2025
  affected < 5.3.18-150300.59.226.1fixed 5.3.18-150300.59.226.1

  In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skb_under_panic in ip6mr_cache_report() skbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------[ cut he

• CVE-2022-50368Sep 17, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight br

• CVE-2022-50367Sep 17, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilfs_is_metadata_file_inode(

• CVE-2022-50359Sep 17, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in buffer_prepare() When the driver calls cx88_risc_buffer() to prepare the buffer, the function call may fail, resulting in a empty buffer and null-ptr-deref later in buff

• CVE-2022-50355Sep 17, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" i

• CVE-2023-53333Sep 16, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Eric Dumazet says: nf_conntrack_dccp_packet() has an unique: dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &_dh);

• CVE-2023-53321Sep 16, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded through wmediumd or similar userspace, so require t

• CVE-2023-53304Sep 16, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with tests/shell/tes

• CVE-2022-50344Sep 16, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4_write_info I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range [0x0000000000000068-0x0000

• CVE-2025-39823HigSep 16, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use array_index_nospec with indices that come from guest min and dest_id are guest-controlled indices. Using array_index_nospec() after the bounds checks clamps these values to mitigate speculative ex

• CVE-2023-53282Sep 16, 2025
  affected < 5.3.18-150300.59.226.1fixed 5.3.18-150300.59.226.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-free read warning is logged from the lpfc_wr_object() routine: BUG: KFENCE: us

• CVE-2023-53273Sep 16, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel() assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset