VYPR

rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server 15 SP6-LTSS

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSS

Vulnerabilities (421)

  • CVE-2023-53865Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix warning when putting transaction with qgroups enabled after abort If we have a transaction abort with qgroups enabled we get a warning triggered when doing the final put on the transaction, like this

  • CVE-2023-53864Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: drm/mxsfb: Disable overlay plane in mxsfb_plane_overlay_atomic_disable() When disabling overlay plane in mxsfb_plane_overlay_atomic_update(), overlay plane's framebuffer pointer is NULL. So, dereferencing it w

  • CVE-2023-53863Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address [1] Replace ETH_ALEN by dev->addr_len. [1] (Case of a device where dev->addr

  • CVE-2023-53861Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will access memory of grp and will trigger kernel crash if grp is NULL. So do NULL check before corruption check.

  • CVE-2023-53860Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: dm: don't attempt to queue IO under RCU protection dm looks up the table for IO based on the request type, with an assumption that if the request is marked REQ_NOWAIT, it's fine to attempt to submit that IO whi

  • CVE-2023-53858Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed.

  • CVE-2023-53857Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_sk_storage: Fix invalid wait context lockdep report './test_progs -t test_local_storage' reported a splat: [ 27.137569] ============================= [ 27.138122] [ BUG: Invalid wait context ] [

  • CVE-2023-53856Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call of_changeset_init() early When of_overlay_fdt_apply() fails, the changeset may be partially applied, and the caller is still expected to call of_overlay_remove() to clean up this partial state

  • CVE-2023-53855Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove When the tagging protocol in current use is "ocelot-8021q" and we unbind the driver, we see this splat: $ echo '0000:00:00.2

  • CVE-2023-53852Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_secret_store Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 (size 64): comm "chec

  • CVE-2023-53851Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Drop aux devices together with DP controller Using devres to depopulate the aux bus made sure that upon a probe deferral the EDP panel device would be destroyed and recreated upon next attempt. But

  • CVE-2023-53850Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavf_reset_task() is running, __LINK_STATE_START will be cleared and netif_running() will return false in iavf_reinit_

  • CVE-2023-53848Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") introduce a new problem: // caller hold reconfig_mutex r5l_exit_log flush_work(&lo

  • CVE-2023-53847Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alauda_check_media() Syzbot got KMSAN to complain about access to an uninitialized value in the alauda subdriver of usb-storage: BUG: KMSAN: uninit-value in alauda_tran

  • CVE-2023-53846Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncate_dnode() syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fs_truncate_data_blocks_range+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at a

  • CVE-2023-53844Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on swapout move error If moving the bo to system for swapout failed, we were leaking a resource. Fix.

  • CVE-2023-53843Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) refactored the handling of pre-assigned ifindexes and let syzbot surface a latent p

  • CVE-2023-53842Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove The MBHC resources must be released on component probe failure and removal so can not be tied to the lifetime of the component device. This is

  • CVE-2023-53841Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: devlink: report devlink_port_type_warn source device devlink_port_type_warn is scheduled for port devlink and warning when the port type is not set. But from this warning it is not easy found out which device (

  • CVE-2023-53839Dec 9, 2025
    affected < 6.4.0-150600.23.84.1fixed 6.4.0-150600.23.84.1

    In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp->dccps_mss_cache dccp_sendmsg() reads dp->dccps_mss_cache before locking the socket. Same thing in do_dccp_getsockopt(). Add READ_ONCE()/WRITE_ONCE() annotations, and change dccp_

Page 15 of 22