suse/kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

Vulnerabilities (2,310)

• CVE-2022-49381Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2_do_fill_super If jffs2_iget() or d_make_root() in jffs2_do_fill_super() returns an error, we can observe the following kmemleak report: -----------------------------------------

• CVE-2022-49379Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: driver core: Fix wait_for_device_probe() & deferred_probe_timeout interaction Mounting NFS rootfs was timing out when deferred_probe_timeout was non-zero [1]. This was because ip_auto_config() initcall times o

• CVE-2022-49378Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: sfc: fix considering that all channels have TX queues Normally, all channels have RX and TX queues, but this is not true if modparam efx_separate_tx_channels=1 is used. In that cases, some channels only have RX

• CVE-2022-49377Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: blk-mq: don't touch ->tagset in blk_mq_get_sq_hctx blk_mq_run_hw_queues() could be run when there isn't queued request and after queue is cleaned up, at that time tagset is freed, because tagset lifetime is cov

• CVE-2022-49376Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix potential NULL pointer dereference If sd_probe() sees an early error before sdkp->device is initialized, sd_zbc_release_disk() is called. This causes a NULL pointer dereference when sd_is_zoned()

• CVE-2022-49375Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.

• CVE-2022-49373Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() in some e

• CVE-2022-49371Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in __device_attach In __device_attach function, The lock holding logic is as follows: ... __device_attach device_lock(dev) // get lock dev async_schedule_dev(__device_attach_asy

• CVE-2022-49370Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add() If this function returns an error,

• CVE-2022-49368Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() The "fsp->location" variable comes from user via ethtool_get_rxnfc(). Check that it is valid to prevent an out of bounds read.

• CVE-2022-49367Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. mv88e6xxx_mdio_register(

• CVE-2022-49365Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Off by one in dm_dmub_outbox1_low_irq() The > ARRAY_SIZE() should be >= ARRAY_SIZE() to prevent an out of bounds access.

• CVE-2022-49362Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix potential use-after-free in nfsd_file_put() nfsd_file_put_noref() can free @nf, so don't dereference @nf immediately upon return from nfsd_file_put_noref().

• CVE-2022-49359Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Job should reference MMU not file_priv For a while now it's been allowed for a MMU context to outlive it's corresponding panfrost_priv, however the job structure still references panfrost_priv to

• CVE-2022-49357Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: efi: Do not import certificates from UEFI Secure Boot for T2 Macs On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot certificates, a page fault occ

• CVE-2022-49356Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svc_rdma_build_writes() from walking off the end of a Write chunk's segment array. Caught with KASAN. The test that this fix replaces is invalid, and might have been

• CVE-2022-49354Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe of_find_device_by_node() takes reference, we should use put_device() to release it when not need anymore. Add missing put_device() to avoid refcount lea

• CVE-2022-49353Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/papr_scm: don't requests stats with '0' sized stats buffer Sachin reported [1] that on a POWER-10 lpar he is seeing a kernel panic being reported with vPMEM when papr_scm probe is being called. The pani

• CVE-2022-49352Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4_handle_inode_extension We got issue as follows: EXT4-fs error (device loop0) in ext4_reserve_inode_write:5741: Out of memory EXT4-fs error (device loop0): ext4_setattr:5462: inode #13:

• CVE-2022-49351Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: net: altera: Fix refcount leak in altera_tse_mdio_create Every iteration of for_each_child_of_node() decrements the reference count of the previous node. When break from a for_each_child_of_node() loop, we need