opensuse/kernel-default-base&distro=openSUSE Leap 15.5

Vulnerabilities (1,895)

• CVE-2022-48830Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotp_rcv() When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage.

• CVE-2022-48826Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix deadlock on DSI device attach error DSI device attach to DSI host will be done with host device's lock held. Un-registering host in "device attach" error path (ex: probe retry) will result in dead

• CVE-2022-48825Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add stag_work to all the vports Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was not initialized for vport, hence initialize the stag work. WARNING: CPU: 8 PID

• CVE-2022-48824Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: scsi: myrs: Fix crash in error case In myrs_detect(), cs->disable_intr is NULL when privdata->hw_init() fails with non-zero. In this case, myrs_cleanup(cs) will call a NULL ptr and crash the kernel. [ 1.105

• CVE-2022-48823Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. [ 974.309060] [0000:00:00.0]:[qedf_eh_device_reset:868]: 1:0:2:0: LUN RESET Issued... [ 9

• CVE-2022-48822Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: usb: f_fs: Fix use-after-free for epfile Consider a case where ffs_func_eps_disable is called from ffs_func_disable as part of composition switch and at the same time ffs_epfile_release get called from userspac

• CVE-2022-48821Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput() on failed usercopy If the copy back to userland fails for the FASTRPC_IOCTL_ALLOC_DMA_BUFF ioctl(), we shouldn't assume that 'buf->dmabuf' is still valid. In fact, dma_buf_fd(

• CVE-2022-48820Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: phy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable() This error path needs to decrement "usbphyc->n_pll_cons.counter" before returning.

• CVE-2022-48818Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using

• CVE-2022-48817Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: net: dsa: ar9331: register the mdiobus under devres As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus usin

• CVE-2022-48816Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: SUNRPC: lock against ->sock changing during sysfs read ->sock can be set to NULL asynchronously unless ->recv_mutex is held. So it is important to hold that mutex. Otherwise a sysfs read can trigger an oops. C

• CVE-2022-48815Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcm_sf2: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using de

• CVE-2022-48814Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: net: dsa: seville: register the mdiobus under devres As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus usi

• CVE-2022-48813Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using devr

• CVE-2022-48812Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus usi

• CVE-2022-48811Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in __ibmvnic_open() If __ibmvnic_open() encounters an error such as when setting link state, it calls release_resources() which frees the napi structures needlessly. Instead, have __

• CVE-2022-48810Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path ip[6]mr_free_table() can only be called under RTNL lock. RTNL: assertion failed at net/core/dev.c (10367) WARNING: CPU: 1 PID: 5890

• CVE-2022-48809Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: net: fix a memleak when uncloning an skb dst and its metadata When uncloning an skb dst and its associated metadata, a new dst+metadata is allocated and later replaces the old one in the skb. This is helpful to

• CVE-2022-48808Jul 16, 2024
  affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6

  In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic when DSA master device unbinds on shutdown Rafael reports that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master (dpaa2-eth) is up, the following pan

• CVE-2022-48807Jul 16, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler Currently, the same handler is called for both a NETDEV_BONDING_INFO LAG unlink notification as for a NETDEV_UNREGISTER call. This is causing a problem tho