rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS
Vulnerabilities (2,318)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49478 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then | ||
| CVE-2022-49477 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in aries_audio_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. If extcon_find_edev_by_node() fails, it do | ||
| CVE-2022-49476 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash at mt7921_pci_remove The crash log shown it is possible that mt7921_irq_handler is called while devm_free_irq is being handled so mt76_free_device need to be postponed until devm_ | ||
| CVE-2022-49475 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. | ||
| CVE-2022-49474 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout Connecting the same socket twice consecutively in sco_sock_connect() could lead to a race condition where two sco_conn objects are created | ||
| CVE-2022-49473 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_node_pu | ||
| CVE-2022-49472 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the phy_driver structure and the .driver_data is not, a NULL pointer dereference happens. Allow passing .prob | ||
| CVE-2022-49470 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event We should not access skb buffer data anymore after hci_recv_frame was called. [ 39.634809] BUG: KASAN: use-after-free in btmtksdio_recv_event+ | ||
| CVE-2022-49468 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal/core: Fix memory leak in __thermal_cooling_device_register() I got memory leak as follows when doing fault injection test: unreferenced object 0xffff888010080000 (size 264312): comm "182", pid 102533 | ||
| CVE-2022-49467 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() drm_gem_object_lookup will call drm_gem_object_get inside. So cursor_bo needs to be put when msm_gem_get_and_pin_iova fails. | ||
| CVE-2022-49466 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: scmi: Fix refcount leak in scmi_regulator_probe of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoi | ||
| CVE-2022-49465 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s | ||
| CVE-2022-49463 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_nod | ||
| CVE-2022-49462 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. a6xx_gmu_init() passes the node to | ||
| CVE-2022-49460 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFI device: [ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2 | ||
| CVE-2022-49459 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe platform_get_resource() may return NULL, add proper check to avoid potential NULL dereferencing. | ||
| CVE-2022-49458 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: don't free the IRQ if it was not requested As msm_drm_uninit() is called from the msm_drm_init() error path, additional care should be necessary as not to call the free_irq() for the IRQ that was not r | ||
| CVE-2022-49455 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxl_file_register_afu info_release() will be called in device_unregister() when info->dev's reference count is 0. So there is no need to call ocxl_afu_put() and kfree() | ||
| CVE-2022-49453 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc The allocation funciton devm_kcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better | ||
| CVE-2022-49451 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is curre |
- CVE-2022-49478Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then
- CVE-2022-49477Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in aries_audio_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. If extcon_find_edev_by_node() fails, it do
- CVE-2022-49476Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash at mt7921_pci_remove The crash log shown it is possible that mt7921_irq_handler is called while devm_free_irq is being handled so mt76_free_device need to be postponed until devm_
- CVE-2022-49475Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value.
- CVE-2022-49474Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout Connecting the same socket twice consecutively in sco_sock_connect() could lead to a race condition where two sco_conn objects are created
- CVE-2022-49473Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_node_pu
- CVE-2022-49472Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the phy_driver structure and the .driver_data is not, a NULL pointer dereference happens. Allow passing .prob
- CVE-2022-49470Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event We should not access skb buffer data anymore after hci_recv_frame was called. [ 39.634809] BUG: KASAN: use-after-free in btmtksdio_recv_event+
- CVE-2022-49468Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: thermal/core: Fix memory leak in __thermal_cooling_device_register() I got memory leak as follows when doing fault injection test: unreferenced object 0xffff888010080000 (size 264312): comm "182", pid 102533
- CVE-2022-49467Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() drm_gem_object_lookup will call drm_gem_object_get inside. So cursor_bo needs to be put when msm_gem_get_and_pin_iova fails.
- CVE-2022-49466Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: regulator: scmi: Fix refcount leak in scmi_regulator_probe of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoi
- CVE-2022-49465Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s
- CVE-2022-49463Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_nod
- CVE-2022-49462Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. a6xx_gmu_init() passes the node to
- CVE-2022-49460Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFI device: [ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2
- CVE-2022-49459Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe platform_get_resource() may return NULL, add proper check to avoid potential NULL dereferencing.
- CVE-2022-49458Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm: don't free the IRQ if it was not requested As msm_drm_uninit() is called from the msm_drm_init() error path, additional care should be necessary as not to call the free_irq() for the IRQ that was not r
- CVE-2022-49455Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxl_file_register_afu info_release() will be called in device_unregister() when info->dev's reference count is 0. So there is no need to call ocxl_afu_put() and kfree()
- CVE-2022-49453Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc The allocation funciton devm_kcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better
- CVE-2022-49451Feb 26, 2025affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is curre
Page 86 of 116