SUSE-SU-2025:20785-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 - CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 - CVE-2025-38181: calipso: fix null-ptr-deref in...

SUSE CVE-2023-53388

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

SUSE CVE-2022-50391

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in setmempolicyhomenode system call When encountering any vma in the range with policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput on the policy just...

SUSE CVE-2023-53431

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...

CVE-2023-53388

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

CVE-2023-53431 scsi: ses: Handle enclosure with just a primary component gracefully

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...

CVE-2023-53431 scsi: ses: Handle enclosure with just a primary component gracefully

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...

CVE-2023-53388

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

DEBIAN-CVE-2023-53388

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

DEBIAN-CVE-2022-50391

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in setmempolicyhomenode system call When encountering any vma in the range with policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput on the policy just...

UBUNTU-CVE-2022-50391

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in setmempolicyhomenode system call When encountering any vma in the range with policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput on the policy just...

UBUNTU-CVE-2023-53388

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

CVE-2023-53388 drm/mediatek: Clean dangling pointer on bind error path

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

CVE-2023-53388 drm/mediatek: Clean dangling pointer on bind error path

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

CVE-2023-53388

Summary of CVE-2023-53388 : In the Linux kernel, the DRM/Mediatek driver had a dangling pointer in the error path of the bind sequence. When mtk_drm_bind() fails, the code previously called drm_dev_put() to destroy the drm_device, but a private object still held a pointer to that device. If a sus...

CVE-2023-53388

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

CVE-2023-53388 drm/mediatek: Clean dangling pointer on bind error path

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

CVE-2022-50391 mm/mempolicy: fix memory leak in set_mempolicy_home_node system call

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in setmempolicyhomenode system call When encountering any vma in the range with policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput on the policy just...

CVE-2022-50391 mm/mempolicy: fix memory leak in set_mempolicy_home_node system call

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in setmempolicyhomenode system call When encountering any vma in the range with policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput on the policy just...

CVE-2022-50391 mm/mempolicy: fix memory leak in set_mempolicy_home_node system call

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in setmempolicyhomenode system call When encountering any vma in the range with policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput on the policy just...