rpm package
suse/kernel-syms&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (1,878)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53540 | Med | 5.5 | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later. | |
| CVE-2022-50493 | Med | 5.5 | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_sta | |
| CVE-2023-53615 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here | ||
| CVE-2023-53611 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age | ||
| CVE-2023-53604 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path Otherwise the journal_io_cache will leak if dm_register_target() fails. | ||
| CVE-2023-53603 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NUL | ||
| CVE-2023-53597 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT), we reconnect the connection. B | ||
| CVE-2023-53594 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: driver core: fix resource leak in device_add() When calling kobject_add() failed in device_add(), it will call cleanup_glue_dir() to free resource. But in kobject_add(), dev->kobj.parent has been set to NULL. T | ||
| CVE-2023-53593 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Release folio lock on fscache read hit. Under the current code, when cifs_readpage_worker is called, the call contract is that the callee should unlock the page. This is documented in the read_folio secti | ||
| CVE-2023-53589 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware n_channels If the firmware sends us a corrupted MCC response with n_channels much larger than the command response can be, we might copy far too much (uninitialized) mem | ||
| CVE-2023-53587 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works before buffer destruction If something was written to the buffer just before destruction, it may be possible (maybe not in a real system, but it did happen in ARCH=um with time-trave | ||
| CVE-2023-53582 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of str | ||
| CVE-2022-50505 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in ppr_notifier() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the r | ||
| CVE-2022-50504 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtas_os_term() It's unsafe to use rtas_busy_delay() to handle a busy status from the ibm,os-term RTAS function in rtas_os_term(): Kernel panic - not syncing: Attempted to kill | ||
| CVE-2022-50501 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcoda_iram_alloc As the coda_iram_alloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others. | ||
| CVE-2022-50496 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy(). | ||
| CVE-2022-50494 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash When CPU 0 is offline and intel_powerclamp is used to inject idle, it generates kernel BUG: BUG: using smp_processor_id() i | ||
| CVE-2023-53568 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if dev_set_name() fails When dev_set_name() fails, zcdn_create() doesn't free the newly allocated resources. Do it. | ||
| CVE-2023-53564 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di + ocfs2_split_extent //sub- | ||
| CVE-2023-53559 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may |
- affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later.
- affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xx_process_response_queue+0x42a/0x970 [qla2xxx] qla2x00_sta
- CVE-2023-53615Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here
- CVE-2023-53611Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age
- CVE-2023-53604Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path Otherwise the journal_io_cache will leak if dm_register_target() fails.
- CVE-2023-53603Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NUL
- CVE-2023-53597Oct 4, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT), we reconnect the connection. B
- CVE-2023-53594Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: driver core: fix resource leak in device_add() When calling kobject_add() failed in device_add(), it will call cleanup_glue_dir() to free resource. But in kobject_add(), dev->kobj.parent has been set to NULL. T
- CVE-2023-53593Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Release folio lock on fscache read hit. Under the current code, when cifs_readpage_worker is called, the call contract is that the callee should unlock the page. This is documented in the read_folio secti
- CVE-2023-53589Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware n_channels If the firmware sends us a corrupted MCC response with n_channels much larger than the command response can be, we might copy far too much (uninitialized) mem
- CVE-2023-53587Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works before buffer destruction If something was written to the buffer just before destruction, it may be possible (maybe not in a real system, but it did happen in ARCH=um with time-trave
- CVE-2023-53582Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of str
- CVE-2022-50505Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in ppr_notifier() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the r
- CVE-2022-50504Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtas_os_term() It's unsafe to use rtas_busy_delay() to handle a busy status from the ibm,os-term RTAS function in rtas_os_term(): Kernel panic - not syncing: Attempted to kill
- CVE-2022-50501Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcoda_iram_alloc As the coda_iram_alloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others.
- CVE-2022-50496Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy() Dm_cache also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in destroy().
- CVE-2022-50494Oct 4, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash When CPU 0 is offline and intel_powerclamp is used to inject idle, it generates kernel BUG: BUG: using smp_processor_id() i
- CVE-2023-53568Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if dev_set_name() fails When dev_set_name() fails, zcdn_create() doesn't free the newly allocated resources. Do it.
- CVE-2023-53564Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di + ocfs2_split_extent //sub-
- CVE-2023-53559Oct 4, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may
Page 24 of 94