rpm package
suse/kernel-syms&distro=SUSE Manager Server LTS 4.3
pkg:rpm/suse/kernel-syms&distro=SUSE%20Manager%20Server%20LTS%204.3
Vulnerabilities (542)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-40204 | — | < 5.14.21-150400.24.187.1 | 5.14.21-150400.24.187.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this. | ||
| CVE-2025-40154 | — | < 5.14.21-150400.24.187.1 | 5.14.21-150400.24.187.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver only shows an error message but leaves as is. This may lead to unepxect | ||
| CVE-2025-40121 | — | < 5.14.21-150400.24.187.1 | 5.14.21-150400.24.187.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver just ignores and leaves as is, which may lead to unepxected results lik | ||
| CVE-2025-40102 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpr | ||
| CVE-2025-40088 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() The hfsplus_strcasecmp() logic can trigger the issue: [ 117.317703][ T9855] ================================================================== [ 1 | ||
| CVE-2023-7324 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 29, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses Sanitize possible addl_desc_ptr out-of-bounds accesses in ses_enclosure_data_process(). | ||
| CVE-2025-40048 | — | < 5.14.21-150400.24.187.1 | 5.14.21-150400.24.187.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us | ||
| CVE-2025-40044 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m | ||
| CVE-2025-40040 | — | < 5.14.21-150400.24.187.1 | 5.14.21-150400.24.187.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksm_madvise syzkaller discovered the following crash: (kernel BUG) [ 44.607039] ------------[ cut here ]------------ [ 44.607422] kernel BUG at mm/userfaultfd.c:2067! | ||
| CVE-2025-40018 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr | ||
| CVE-2023-53730 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost adjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabled when unlock. DEADLOCK might happen if we have held other locks and disabl | ||
| CVE-2023-53726 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c ("arm64: csum: Fix pathological zero-length calls") added an early return for zero-length input, syzkaller has p | ||
| CVE-2023-53725 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttc_timer_probe() warn: 'timer_baseaddr' from of_iomap() not released on lines: 49 | ||
| CVE-2023-53724 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() `req` is allocated in pcf50633_adc_async_read(), but adc_enqueue_request() could fail to insert the `req` into queue. We need to check the r | ||
| CVE-2023-53723 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdma_v4_0_ip is shared on a few asics, but in sdma_v4_0_hw_fini, driver unconditionally disables ecc_irq which is only enabled on those | ||
| CVE-2023-53722 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows | ||
| CVE-2023-53719 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631. In arc_serial_p | ||
| CVE-2023-53718 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in | ||
| CVE-2023-53717 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wm | ||
| CVE-2023-53715 | — | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in bin |
- CVE-2025-40204Nov 12, 2025affected < 5.14.21-150400.24.187.1fixed 5.14.21-150400.24.187.1
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
- CVE-2025-40154Nov 12, 2025affected < 5.14.21-150400.24.187.1fixed 5.14.21-150400.24.187.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver only shows an error message but leaves as is. This may lead to unepxect
- CVE-2025-40121Nov 12, 2025affected < 5.14.21-150400.24.187.1fixed 5.14.21-150400.24.187.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640 driver just ignores and leaves as is, which may lead to unepxected results lik
- CVE-2025-40102Oct 30, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpr
- CVE-2025-40088Oct 30, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() The hfsplus_strcasecmp() logic can trigger the issue: [ 117.317703][ T9855] ================================================================== [ 1
- CVE-2023-7324Oct 29, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses Sanitize possible addl_desc_ptr out-of-bounds accesses in ses_enclosure_data_process().
- CVE-2025-40048Oct 28, 2025affected < 5.14.21-150400.24.187.1fixed 5.14.21-150400.24.187.1
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us
- CVE-2025-40044Oct 28, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m
- CVE-2025-40040Oct 28, 2025affected < 5.14.21-150400.24.187.1fixed 5.14.21-150400.24.187.1
In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksm_madvise syzkaller discovered the following crash: (kernel BUG) [ 44.607039] ------------[ cut here ]------------ [ 44.607422] kernel BUG at mm/userfaultfd.c:2067!
- CVE-2025-40018Oct 24, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr
- CVE-2023-53730Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost adjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabled when unlock. DEADLOCK might happen if we have held other locks and disabl
- CVE-2023-53726Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c ("arm64: csum: Fix pathological zero-length calls") added an early return for zero-length input, syzkaller has p
- CVE-2023-53725Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttc_timer_probe() warn: 'timer_baseaddr' from of_iomap() not released on lines: 49
- CVE-2023-53724Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() `req` is allocated in pcf50633_adc_async_read(), but adc_enqueue_request() could fail to insert the `req` into queue. We need to check the r
- CVE-2023-53723Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdma_v4_0_ip is shared on a few asics, but in sdma_v4_0_hw_fini, driver unconditionally disables ecc_irq which is only enabled on those
- CVE-2023-53722Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows
- CVE-2023-53719Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631. In arc_serial_p
- CVE-2023-53718Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in
- CVE-2023-53717Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wm
- CVE-2023-53715Oct 22, 2025affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in bin
Page 1 of 28