rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50318 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() pci_get_device() will increase the reference count for the returned 'dev'. We need to call pci_dev_put() to decrease the reference count | |
| CVE-2022-50317 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911505] i2c-core: driver [stdp2690-ge-b850v3-fw] unregistered [ 31.912484] general | |
| CVE-2022-50312 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly. | |
| CVE-2022-50309 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_nod | |
| CVE-2022-50308 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference. | |
| CVE-2022-50303 | Hig | 7.8 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix double release compute pasid If kfd_process_device_init_vm returns failure after vm is converted to compute vm and vm->pasid set to compute pasid, KFD will not take pdd->drm_file reference. As a | |
| CVE-2022-50301 | Hig | 7.8 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix buffer overflow in debugfs There are two issues here: 1) The "len" variable needs to be checked before the very first write. Otherwise if omap2_iommu_dump_ctx() with "bytes" less than 32 it | |
| CVE-2022-50299 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf() returns the number of char | |
| CVE-2022-50298 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd: cleanup in probe error path Add proper error path in probe() to cleanup resources previously acquired/allocated to fix warnings visible during probe deferral: notifier callback qcom_slim_n | |
| CVE-2022-50297 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usb_endpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. (In this case there was an interrupt endpoint where the | |
| CVE-2022-50294 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix memory leak in lbs_init_adapter() When kfifo_alloc() failed in lbs_init_adapter(), cmd buffer is not released. Add free memory to processing error path. | |
| CVE-2022-50292 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix bridge lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be released when binding of the aggre | |
| CVE-2022-50289 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_stack_glue_init() ocfs2_table_header should be free in ocfs2_stack_glue_init() if ocfs2_sysfs_init() failed, otherwise kmemleak will report memleak. BUG: memory leak unreference | |
| CVE-2022-50288 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure adapter->dcb would get silently freed inside qlcnic_dcb_enable() in case qlcnic_dcb_attach() would return an error, which always happens under | |
| CVE-2022-50287 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs When (size != 0 || ptrs->lvds_ entries != 3), the program tries to free() the ptrs. However, the ptrs is not created by calling kzmalloc(), but is obta | |
| CVE-2022-50286 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline When converting files with inline data to extents, delayed allocations made on a file system created with both the bigalloc and inline o | |
| CVE-2022-50282 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdev_device_add() While doing fault injection test, I got the following report: ------------[ cut here ]------------ kobject: '(null)' (0000000039956980): is not initialized, yet | |
| CVE-2022-50280 | Med | 5.5 | < 5.14.21-150500.55.130.3 | 5.14.21-150500.55.130.3 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: pnode: terminate at peers of source The propagate_mnt() function handles mount propagation when creating mounts and propagates the source mount tree @source_mnt to all applicable nodes of the destination propag | |
| CVE-2022-50279 | Hig | 7.1 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() There is a global-out-of-bounds reported by KASAN: BUG: KASAN: global-out-of-bounds in _rtl8812ae_eq_n_byte.part.0+0x3d/0x8 | |
| CVE-2022-50278 | Med | 5.5 | < 5.14.21-150500.55.124.1 | 5.14.21-150500.55.124.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnp_alloc_dev() After commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, move dev_set_name() after pnp |
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() pci_get_device() will increase the reference count for the returned 'dev'. We need to call pci_dev_put() to decrease the reference count
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911505] i2c-core: driver [stdp2690-ge-b850v3-fw] unregistered [ 31.912484] general
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly.
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_nod
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference.
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix double release compute pasid If kfd_process_device_init_vm returns failure after vm is converted to compute vm and vm->pasid set to compute pasid, KFD will not take pdd->drm_file reference. As a
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix buffer overflow in debugfs There are two issues here: 1) The "len" variable needs to be checked before the very first write. Otherwise if omap2_iommu_dump_ctx() with "bytes" less than 32 it
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf() returns the number of char
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd: cleanup in probe error path Add proper error path in probe() to cleanup resources previously acquired/allocated to fix warnings visible during probe deferral: notifier callback qcom_slim_n
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usb_endpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. (In this case there was an interrupt endpoint where the
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix memory leak in lbs_init_adapter() When kfifo_alloc() failed in lbs_init_adapter(), cmd buffer is not released. Add free memory to processing error path.
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix bridge lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be released when binding of the aggre
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_stack_glue_init() ocfs2_table_header should be free in ocfs2_stack_glue_init() if ocfs2_sysfs_init() failed, otherwise kmemleak will report memleak. BUG: memory leak unreference
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure adapter->dcb would get silently freed inside qlcnic_dcb_enable() in case qlcnic_dcb_attach() would return an error, which always happens under
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs When (size != 0 || ptrs->lvds_ entries != 3), the program tries to free() the ptrs. However, the ptrs is not created by calling kzmalloc(), but is obta
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline When converting files with inline data to extents, delayed allocations made on a file system created with both the bigalloc and inline o
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdev_device_add() While doing fault injection test, I got the following report: ------------[ cut here ]------------ kobject: '(null)' (0000000039956980): is not initialized, yet
- affected < 5.14.21-150500.55.130.3fixed 5.14.21-150500.55.130.3
In the Linux kernel, the following vulnerability has been resolved: pnode: terminate at peers of source The propagate_mnt() function handles mount propagation when creating mounts and propagates the source mount tree @source_mnt to all applicable nodes of the destination propag
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() There is a global-out-of-bounds reported by KASAN: BUG: KASAN: global-out-of-bounds in _rtl8812ae_eq_n_byte.part.0+0x3d/0x8
- affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1
In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnp_alloc_dev() After commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, move dev_set_name() after pnp
Page 46 of 236