VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4

Vulnerabilities (2,888)

  • CVE-2022-48825MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add stag_work to all the vports Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was not initialized for vport, hence initialize the stag work. WARNING: CPU: 8 PID

  • CVE-2022-48824MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: myrs: Fix crash in error case In myrs_detect(), cs->disable_intr is NULL when privdata->hw_init() fails with non-zero. In this case, myrs_cleanup(cs) will call a NULL ptr and crash the kernel. [ 1.105

  • CVE-2022-48823MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. [ 974.309060] [0000:00:00.0]:[qedf_eh_device_reset:868]: 1:0:2:0: LUN RESET Issued... [ 9

  • CVE-2022-48822HigJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: usb: f_fs: Fix use-after-free for epfile Consider a case where ffs_func_eps_disable is called from ffs_func_disable as part of composition switch and at the same time ffs_epfile_release get called from userspac

  • CVE-2022-48821HigJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput() on failed usercopy If the copy back to userland fails for the FASTRPC_IOCTL_ALLOC_DMA_BUFF ioctl(), we shouldn't assume that 'buf->dmabuf' is still valid. In fact, dma_buf_fd(

  • CVE-2022-48820HigJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: phy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable() This error path needs to decrement "usbphyc->n_pll_cons.counter" before returning.

  • CVE-2022-48818MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using

  • CVE-2022-48817MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: ar9331: register the mdiobus under devres As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus usin

  • CVE-2022-48816MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: lock against ->sock changing during sysfs read ->sock can be set to NULL asynchronously unless ->recv_mutex is held. So it is important to hold that mutex. Otherwise a sysfs read can trigger an oops. C

  • CVE-2022-48815MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcm_sf2: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using de

  • CVE-2022-48814MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: seville: register the mdiobus under devres As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus usi

  • CVE-2022-48813MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using devr

  • CVE-2022-48812MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: don't use devres for mdiobus As explained in commits: 74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres") 5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus usi

  • CVE-2022-48811MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in __ibmvnic_open() If __ibmvnic_open() encounters an error such as when setting link state, it calls release_resources() which frees the napi structures needlessly. Instead, have __

  • CVE-2022-48807MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler Currently, the same handler is called for both a NETDEV_BONDING_INFO LAG unlink notification as for a NETDEV_UNREGISTER call. This is causing a problem tho

  • CVE-2022-48806MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX Commit effa453168a7 ("i2c: i801: Don't silently correct invalid transfer size") revealed that ee1004_eeprom_read() did not properly limit how many bytes to

  • CVE-2022-48805HigJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup ax88179_rx_fixup() contains several out-of-bounds accesses that can be triggered by a malicious (or defective) USB device, in particular: - The m

  • CVE-2022-48804MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: vt_ioctl: fix array_index_nospec in vt_setactivate array_index_nospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer

  • CVE-2022-48803MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: phy: ti: Fix missing sentinel for clk_div_table _get_table_maxdiv() tries to access "clk_div_table" array out of bound defined in phy-j721e-wiz.c. Add a sentinel entry to prevent the following global-out-of-bou

  • CVE-2022-48802MedJul 16, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: fs/proc: task_mmu.c: don't read mapcount for migration entry The syzbot reported the below BUG: kernel BUG at include/linux/page-flags.h:785! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 4392

Page 94 of 145