VYPR

rpm package

suse/kernel-syms-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,117)

  • CVE-2023-53204Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data-races around user->unix_inflight. user->unix_inflight is changed under spin_lock(unix_gc_lock), but too_many_unix_fds() reads it locklessly. Let's annotate the write/read accesses to user->un

  • CVE-2023-53201Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: wraparound mbox producer index Driver is not handling the wraparound of the mbox producer index correctly. Currently the wraparound happens once u32 max is reached. Bit 31 of the producer index r

  • CVE-2023-53196Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3_qcom_probe() allocates memory for resource structure which is pointed by parent_res pointer. This memory is not freed. This leads to memory leak. Use sta

  • CVE-2023-53195Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init The line cards array is not freed in the error path of mlxsw_m_linecards_init(), which can lead to a memory leak. Fix by freeing the array in

  • CVE-2023-53192Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix nexthop hash size The nexthop code expects a 31 bit hash, such as what is returned by fib_multipath_hash() and rt6_multipath_hash(). Passing the 32 bit hash returned by skb_get_hash() can lead to pro

  • CVE-2023-53189Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconf_mod_rs_timer(), reference idev depends on whether rs_timer is not pending. Then modify rs_timer timeout. There is a time gap in [1], d

  • CVE-2023-53187Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of new block group that became unused If a task creates a new block group and that block group becomes unused before we finish its creation, at btrfs_create_pending_block_groups(), the

  • CVE-2023-53185Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes A bad USB device is able to construct a service connection response message with target endpoint being ENDPOINT0 which is reserved for HTC_CTRL_RSVD_SV

  • CVE-2023-53184Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set new vector length before reallocating As part of fixing the allocation of the buffer for SVE state when changing SME vector length we introduced an immediate reallocation of the SVE state, this i

  • CVE-2023-53181Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: Stop leaking on krealloc() failure Currently dma_resv_get_fences() will leak the previously allocated array if the fence iteration got restarted and the krealloc_array() fails. Free the old a

  • CVE-2023-53180Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid NULL pointer access during management transmit cleanup Currently 'ar' reference is not added in skb_cb. Though this is generally not used during transmit completion callbacks, on interface r

  • CVE-2023-53179Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS(c)` for calcul

  • CVE-2023-53177Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: media: hi846: fix usage of pm_runtime_get_if_in_use() pm_runtime_get_if_in_use() does not only return nonzero values when the device is in use, it can return a negative errno too. And especially during resumin

  • CVE-2023-53175Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fix a crash in hv_pci_restore_msi_msg() during hibernation When a Linux VM with an assigned PCI device runs on Hyper-V, if the PCI device driver is not loaded yet (i.e. MSI-X/MSI is not enabled on the

  • CVE-2023-53174Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to

  • CVE-2023-53170Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: Removed unneeded of_node_put in felix_parse_ports_node Remove unnecessary of_node_put from the continue path to prevent child node from being released twice, which could avoid resource leak or other u

  • CVE-2023-53167Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix null pointer dereference in tracing_err_log_open() Fix an issue in function 'tracing_err_log_open'. The function doesn't call 'seq_open' if the file is opened only with write permissions, which res

  • CVE-2023-53165Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer.

  • CVE-2023-53152Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrm_buddy_fini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated for psp are not freed until removing. [61811.4

  • CVE-2023-53151Sep 15, 2025
    affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1

    In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing writes, raid1 has cond_resched() while raid10 doesn't, and too many writes can cause s

Page 50 of 106