rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48698 | Med | 5.3 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling dp | |
| CVE-2022-48697 | Med | 5.3 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr 0000607 | |
| CVE-2022-48694 | Hig | 7.8 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ib_drain_sq to hang with no completion. Fix | |
| CVE-2022-48693 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs In brcmstb_pm_probe(), there are two kinds of leak bugs: (1) we need to add of_node_put() when for_each__matching_node() breaks (2) we need to add | |
| CVE-2022-48692 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd->result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereference which is reproduced by blktests srp/007 occasionally. BUG: kernel NULL pointer dereferenc | |
| CVE-2022-48691 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: clean up hook list when offload flags check fails splice back the hook list so nft_chain_release_hook() has a chance to release the hooks. BUG: memory leak unreferenced object 0xffff88810 | |
| CVE-2022-48689 | Hig | 7.0 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report [1] showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or othe | |
| CVE-2022-48688 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately b | |
| CVE-2022-48687 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through | |
| CVE-2022-48686 | Hig | 7.8 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sy | |
| CVE-2022-48675 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix a nested dead lock as part of ODP flow Fix a nested dead lock as part of ODP flow by using mmput_async(). From the below call trace [1] can see that calling mmput() once we have the umem_odp->umem | |
| CVE-2022-48674 | Hig | 7.8 | < 5.14.21-150500.55.88.1 | 5.14.21-150500.55.88.1 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIG_SMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-aft | |
| CVE-2022-48673 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible access to freed memory in link clear After modifying the QP to the Error state, all RX WR would be completed with WC in IB_WC_WR_FLUSH_ERR status. Current implementation does not wait for | |
| CVE-2022-48672 | Hig | 7.8 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which m | |
| CVE-2022-48671 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at cpuset_attach() [1], for commit 4f7e7236435ca0ab ("cgroup: Fix threadgro | |
| CVE-2024-27389 | Med | 5.5 | < 5.14.21-150500.55.62.2 | 5.14.21-150500.55.62.2 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput() double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0 | |
| CVE-2024-27388 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths. | |
| CVE-2024-27079 | Med | 5.5 | < 5.14.21-150500.55.80.2 | 5.14.21-150500.55.80.2 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is calle | |
| CVE-2024-27078 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleak | |
| CVE-2024-27077 | Med | 5.5 | < 5.14.21-150500.55.68.1 | 5.14.21-150500.55.68.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity The entity->name (i.e. name) is allocated in v4l2_m2m_register_entity but isn't freed in its following error-handling paths. This patch adds such d |
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling dp
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr 0000607
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ib_drain_sq to hang with no completion. Fix
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs In brcmstb_pm_probe(), there are two kinds of leak bugs: (1) we need to add of_node_put() when for_each__matching_node() breaks (2) we need to add
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd->result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereference which is reproduced by blktests srp/007 occasionally. BUG: kernel NULL pointer dereferenc
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: clean up hook list when offload flags check fails splice back the hook list so nft_chain_release_hook() has a chance to release the hooks. BUG: memory leak unreferenced object 0xffff88810
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report [1] showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or othe
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately b
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sy
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix a nested dead lock as part of ODP flow Fix a nested dead lock as part of ODP flow by using mmput_async(). From the below call trace [1] can see that calling mmput() once we have the umem_odp->umem
- affected < 5.14.21-150500.55.88.1fixed 5.14.21-150500.55.88.1
In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIG_SMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-aft
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible access to freed memory in link clear After modifying the QP to the Error state, all RX WR would be completed with WC in IB_WC_WR_FLUSH_ERR status. Current implementation does not wait for
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which m
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at cpuset_attach() [1], for commit 4f7e7236435ca0ab ("cgroup: Fix threadgro
- affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2
In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput() double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths.
- affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is calle
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleak
- affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity The entity->name (i.e. name) is allocated in v4l2_m2m_register_entity but isn't freed in its following error-handling paths. This patch adds such d
Page 198 of 236