58583 matches found
SUSE CVE-2023-53378
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Treat the DPT BO as a framebuffer Currently i915gemobjectisframebuffer doesn't treat the BO containing the framebuffer's DPT as a framebuffer itself. This means eg. that the shrinker can evict the DPT BO while leavi...
SUSE CVE-2023-53379
In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvousbprobe Smatch reports: drivers/usb/phy/phy-tahvo.c: tahvousbprobe warn: missing unwind goto? After geting irq, if ret 0, it will return without error handling to free memory. Just ad...
SUSE CVE-2023-53381
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix leaked reference count of nfsd4sscumountitem The reference count of nfsd4sscumountitem is not decremented on error conditions. This prevents the laundromat from unmounting the vfsmount of the source file. This patch...
SUSE CVE-2023-53382
In the Linux kernel, the following vulnerability has been resolved: net/smc: Reset connection when trying to use SMCRv2 fails. We found a crash when using SMCRv2 with 2 Mellanox ConnectX-4. It can be reproduced by: - smcrun nginx - smcrun wrk -t 32 -c 500 -d 30 http://: BUG: kernel NULL pointer...
SUSE CVE-2023-53383
In the Linux kernel, the following vulnerability has been resolved: irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 The T241 platform suffers from the T241-FABRIC-4 erratum which causes unexpected behavior in the GIC when multiple transactions are received simultaneously from different...
SUSE CVE-2023-53384
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiexhandleuaprxforward', always check the value returned by 'skbcopy' to avoid potential NULL pointer dereference in 'mwifiexuapqueuebridgedpkt', and drop original...
SUSE CVE-2023-53385
In the Linux kernel, the following vulnerability has been resolved: media: mdp3: Fix resource leaks in offinddevicebynode Use putdevice to release the object get through offinddevicebynode, avoiding resource leaks...
SUSE CVE-2023-53386
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys Similar to commit c5d2b6fa26b5 "Bluetooth: Fix use-after-free in hciremoveltk/hciremoveirk". We can not access k after kfreercu call...
SUSE CVE-2023-53389
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Only trigger DRM HPD events if bridge is attached The MediaTek DisplayPort interface bridge driver starts its interrupts as soon as its probed. However when the interrupts trigger the bridge might not have been...
SUSE CVE-2023-53391
In the Linux kernel, the following vulnerability has been resolved: shmem: use ramfskillsb for killsb method of ramfs-based tmpfs As the ramfs-based tmpfs uses ramfsinitfscontext for the initfscontext method, which allocates fc-sfsinfo, use ramfskillsb to free it and avoid a memory leak...
SUSE CVE-2023-53392
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix kernel panic during warm reset During warm reset device-fwclient is set to NULL. If a bus driver is registered after this NULL setting and before new firmware clients are enumerated by ISHTP, kernel panic...
SUSE CVE-2023-53393
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5ibgethwstats when used for device Currently, when mlx5ibgethwstats is used for device portnum = 0, there is a special handling in order to use the correct counters, but, portnum is being passed down the stack...
SUSE CVE-2023-53395
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruction. For taking care of...
SUSE CVE-2023-53397
In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in isexecutablesection The comparison should be = to prevent an out of bounds array access...
SUSE CVE-2023-53398
In the Linux kernel, the following vulnerability has been resolved: mlx5: fix possible ptp queue fifo use-after-free Fifo indexes are not checked during pop operations and it leads to potential use-after-free when poping from empty queue. Such case was possible during re-sync action. WARNONONCE...
SUSE CVE-2023-53399
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL pointer dereference in smb2getinfofilesystem If share is , share-path is NULL and it cause NULL pointer dereference issue...
SUSE CVE-2023-53400
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowing the static array with more than 8 channels. This was reported for MacBookPro 12,1 with Cirrus codec. As a workaround, extend for t...
SUSE CVE-2023-53401
In the Linux kernel, the following vulnerability has been resolved: mm: kmem: fix a NULL pointer dereference in objstockflushrequired KCSAN found an issue in objstockflushrequired: stock-cachedobjcg can be reset between the check and dereference:...
SUSE CVE-2023-53402
In the Linux kernel, the following vulnerability has been resolved: kernel/printk/index.c: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...
SUSE CVE-2023-53403
In the Linux kernel, the following vulnerability has been resolved: time/debug: Fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
SUSE CVE-2023-53404
In the Linux kernel, the following vulnerability has been resolved: USB: fotg210: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
SUSE CVE-2023-53406
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: pxa25xudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremov...
SUSE CVE-2023-53407
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: pxa27xudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremov...
SUSE CVE-2023-53408
In the Linux kernel, the following vulnerability has been resolved: trace/blktrace: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instea...
SUSE CVE-2023-53409
In the Linux kernel, the following vulnerability has been resolved: drivers: base: component: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call...
SUSE CVE-2023-53410
In the Linux kernel, the following vulnerability has been resolved: USB: ULPI: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...
SUSE CVE-2023-53411
In the Linux kernel, the following vulnerability has been resolved: PM: EM: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead which...
SUSE CVE-2023-53412
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: bcm63xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...
SUSE CVE-2023-53413
In the Linux kernel, the following vulnerability has been resolved: USB: isp116x: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
SUSE CVE-2023-53414
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
SUSE CVE-2023-53415
In the Linux kernel, the following vulnerability has been resolved: USB: dwc3: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...
SUSE CVE-2023-53417
In the Linux kernel, the following vulnerability has been resolved: USB: sl811: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
SUSE CVE-2023-53418
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: lpc32xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...
SUSE CVE-2023-53419
In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL-pointer dereference: CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall if...
SUSE CVE-2023-53420
In the Linux kernel, the following vulnerability has been resolved: ntfs: Fix panic about slab-out-of-bounds caused by ntfslistxattr Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in ntfslistea fs/ntfs3/xattr.c:191 inline BUG: KASAN: slab-out-of-bounds in ntfslistxattr+0x401/0x5...
SUSE CVE-2023-53421
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...
SUSE CVE-2023-53422
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fw: fix memory leak in debugfs Fix a memory leak that occurs when reading the fwinfo file all the way, since we return NULL indicating no more data, but don't free the status tracking object...
SUSE CVE-2023-53423
In the Linux kernel, the following vulnerability has been resolved: objtool: Fix memory leak in createstaticcallsections strdup allocates memory for keyname. We need to release the memory in the following error paths. Add free to avoid memory leak...
SUSE CVE-2023-53424
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix ofiomap memory leak Smatch reports: drivers/clk/mediatek/clk-mtk.c:583 mtkclksimpleprobe warn: 'base' from ofiomap not released on lines: 496. This problem was also found in linux-next. In mtkclksimpleprobe, ba...
SUSE CVE-2023-53427
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery work not initialized and list not cleared. Then will be warning and UAF when release the MR: WARNING: CPU: 4 PID: 824 at...
SUSE CVE-2023-53428
In the Linux kernel, the following vulnerability has been resolved: powercap: armscmi: Remove recursion while parsing zones Powercap zones can be defined as arranged in a hierarchy of trees and when registering a zone with powercapregisterzone, the kernel powercap subsystem expects this to happen...
SUSE CVE-2023-53429
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't check PageError in extentwritepage extentwritepage currenly sets PageError whenever any error happens, and the also checks for PageError to decide if to call error handling. This leads to very unclear responsibility...
SUSE CVE-2023-53431
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...
SUSE CVE-2023-53432
In the Linux kernel, the following vulnerability has been resolved: firewire: net: fix use after free in fwnetfinishincomingpacket The netifrx function frees the skb so we can't dereference it to save the skb-len...
SUSE CVE-2023-53433
In the Linux kernel, the following vulnerability has been resolved: net: add vlangetprotocolanddepth helper Before blamed commit, pskbmaypull was used instead of skbheaderpointer in vlangetprotocol and friends. Few callers depended on skb-head being populated with MAC header, syzbot caught one of...
SUSE CVE-2023-53434
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Add custom memory copy implementation for i.MX DSP Cores The IRAM is part of the HiFi DSP. According to hardware specification only 32-bits write are allowed otherwise we get a Kernel panic. Therefore add...
SUSE CVE-2023-53436
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd says, putdevice should be used to give up the reference in the error...
SUSE CVE-2023-53437
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...
SUSE CVE-2023-53438
In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch IF units on current AMD Zen-based systems do not guarantee a synchronous MC is delivered for poison consumption errors. Therefore,...
SUSE CVE-2023-53439
In the Linux kernel, the following vulnerability has been resolved: net: skbpartialcsumset fix against transport header magic value skb-transportheader uses the special 0xFFFF value to mark if the transport header was set or not. We must prevent callers to accidentaly set skb-transportheader to...