VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (2,888)

  • CVE-2022-49243MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount le

  • CVE-2022-49242MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxs_sgtl5000_probe This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. For example, when codec_np is NULL, saif_np[0] and

  • CVE-2022-49241MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function on

  • CVE-2022-49239MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. Th

  • CVE-2022-49236HigFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btf_try_get_module and load_module While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the

  • CVE-2022-49235MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix uninit value bugs Syzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing field initialization. In htc_connect_service() svc_meta_len and pad are not initialized. Based on code

  • CVE-2022-49232MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() In amdgpu_dm_connector_add_common_modes(), amdgpu_dm_create_common_mode() is assigned to mode and is passed to drm_mode_

  • CVE-2022-49227MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: igc: avoid kernel warning when changing RX ring parameters Calling ethtool changing the RX ring parameters like this: $ ethtool -G eth0 rx 1024 on igc triggers kernel warnings like this: [ 225.198467] ---

  • CVE-2022-49226MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asix_read_cmd() reads less bytes, than was requested by caller. Since al

  • CVE-2022-49224MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, k

  • CVE-2022-49222MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: drm/bridge: anx7625: Fix overflow issue on reading EDID The length of EDID block can be longer than 256 bytes, so we should use `int` instead of `u8` for the `edid_pos` variable.

  • CVE-2022-49221MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: populate connector of struct dp_panel DP CTS test case 4.2.2.6 has valid edid with bad checksum on purpose and expect DP source return correct checksum. During drm edid read, correct edid checksum i

  • CVE-2022-49218HigFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix OOB read when handling Post Cursor2 register The link_status array was not large enough to read the Adjust Request Post Cursor2 register, so remove the common helper function to avoid an OOB read, f

  • CVE-2022-49217MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xx_send_abort_all(), the n_elem field of the ccb used is not initialized to 0. This missing initialization sometimes lead to the task completion path seein

  • CVE-2022-49216MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix reference leak in tegra_dsi_ganged_probe The reference taken by 'of_find_device_by_node()' must be released when not needed anymore. Add put_device() call to fix this.

  • CVE-2022-49214MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 ("powerpc/mm: Show if a bad page fault on data is read or write.") we use page_fault_is_write(regs->dsisr) in __bad_page_fault() to determin

  • CVE-2022-49213MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix error handling in ath10k_setup_msa_resources The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only cal

  • CVE-2022-49212MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init The reference counting issue happens in several error handling paths on a refcounted object "nc->dmac". In these paths, the function simply

  • CVE-2022-49208MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevent some integer underflows My static checker complains that: drivers/infiniband/hw/irdma/ctrl.c:3605 irdma_sc_ceq_init() warn: can subtract underflow 'info->dev->hmc_fpm_misc.max_ceqs'

  • CVE-2022-49206MedFeb 26, 2025
    affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in error flow for subscribe event routine In case the second xa_insert() fails, the obj_event is not released. Fix the error unwind flow to free that memory to avoid a memory leak.

Page 72 of 145