rpm package
suse/kgraft-patch-SLE12-SP5_Update_74&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_74&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (140)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50542 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: si470x: Fix use-after-free in si470x_int_in_callback() syzbot reported use-after-free in si470x_int_in_callback() [1]. This indicates that urb->context, which contains struct si470x_device object, is fr | ||
| CVE-2022-50537 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() In rpi_firmware_probe(), if mbox_request_channel() fails, the 'fw' will not be freed through rpi_firmware_delete(), fix this leak by calli | ||
| CVE-2022-50536 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data In tcp_bpf_send_verdict() redirection, the eval variable is assigned to __SK_REDIRECT after the apply_bytes data is sent, if msg has more_da | ||
| CVE-2023-53650 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() If 'mipid_detect()' fails, we must free 'md' to avoid a memory leak. | ||
| CVE-2023-53648 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant a | ||
| CVE-2023-53647 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI | ||
| CVE-2023-53644 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: radio-shark: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the radio-shark2 driver: ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU | ||
| CVE-2023-53635 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct->timeout value (struct nf_conn)->timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that timeout of an unconfirme | ||
| CVE-2023-53624 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_fq: fix integer overflow of "credit" if sch_fq is configured with "initial quantum" having values greater than INT_MAX, the first assignment of "credit" does signed integer overflow to a very neg | ||
| CVE-2023-53622 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options(): val = sdp->sd_tune.gt_logd_ | ||
| CVE-2023-53620 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: fix soft lockup in status_resync status_resync() will calculate 'curr_resync - recovery_active' to show user a progress bar like following: [============>........] resync = 61.4% 'curr_resync' and 'recov | ||
| CVE-2023-53619 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free If nf_conntrack_init_start() fails (for example due to a register_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini() clean-up path frees th | ||
| CVE-2022-50534 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd->root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung t | ||
| CVE-2022-50532 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() returns error, sas_rphy_free() needs be called to free the resource allocated in sas | ||
| CVE-2022-50516 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sb_lvbptr I experience issues when putting a lkbsb on the stack and have sb_lvbptr field to a dangled pointer while not using DLM_LKF_VALBLK. It will crash with the following k | ||
| CVE-2022-50509 | — | < 1-8.5.1 | 1-8.5.1 | Oct 7, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for kmalloc As the kmalloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others. | ||
| CVE-2023-53540 | Med | 5.5 | < 1-8.5.1 | 1-8.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later. | |
| CVE-2023-53615 | — | < 1-8.5.1 | 1-8.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here | ||
| CVE-2023-53611 | — | < 1-8.5.1 | 1-8.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age | ||
| CVE-2023-53604 | — | < 1-8.5.1 | 1-8.5.1 | Oct 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path Otherwise the journal_io_cache will leak if dm_register_target() fails. |
- CVE-2022-50542Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: media: si470x: Fix use-after-free in si470x_int_in_callback() syzbot reported use-after-free in si470x_int_in_callback() [1]. This indicates that urb->context, which contains struct si470x_device object, is fr
- CVE-2022-50537Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() In rpi_firmware_probe(), if mbox_request_channel() fails, the 'fw' will not be freed through rpi_firmware_delete(), fix this leak by calli
- CVE-2022-50536Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data In tcp_bpf_send_verdict() redirection, the eval variable is assigned to __SK_REDIRECT after the apply_bytes data is sent, if msg has more_da
- CVE-2023-53650Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() If 'mipid_detect()' fails, we must free 'md' to avoid a memory leak.
- CVE-2023-53648Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant a
- CVE-2023-53647Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI
- CVE-2023-53644Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: media: radio-shark: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the radio-shark2 driver: ------------[ cut here ]------------ usb 1-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU
- CVE-2023-53635Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct->timeout value (struct nf_conn)->timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that timeout of an unconfirme
- CVE-2023-53624Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_fq: fix integer overflow of "credit" if sch_fq is configured with "initial quantum" having values greater than INT_MAX, the first assignment of "credit" does signed integer overflow to a very neg
- CVE-2023-53622Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options(): val = sdp->sd_tune.gt_logd_
- CVE-2023-53620Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: md: fix soft lockup in status_resync status_resync() will calculate 'curr_resync - recovery_active' to show user a progress bar like following: [============>........] resync = 61.4% 'curr_resync' and 'recov
- CVE-2023-53619Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free If nf_conntrack_init_start() fails (for example due to a register_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini() clean-up path frees th
- CVE-2022-50534Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd->root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung t
- CVE-2022-50532Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() returns error, sas_rphy_free() needs be called to free the resource allocated in sas
- CVE-2022-50516Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sb_lvbptr I experience issues when putting a lkbsb on the stack and have sb_lvbptr field to a dangled pointer while not using DLM_LKF_VALBLK. It will crash with the following k
- CVE-2022-50509Oct 7, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for kmalloc As the kmalloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others.
- affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later.
- CVE-2023-53615Oct 4, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here
- CVE-2023-53611Oct 4, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age
- CVE-2023-53604Oct 4, 2025affected < 1-8.5.1fixed 1-8.5.1
In the Linux kernel, the following vulnerability has been resolved: dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path Otherwise the journal_io_cache will leak if dm_register_target() fails.
Page 3 of 7