rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50137 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a window for use-after-free During a destroy CQ an interrupt may cause processing of a CQE after CQ resources are freed by irdma_cq_free_rsrc(). Fix this by moving the call to irdma_cq_free_rsrc | |
| CVE-2022-50136 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event If siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IW_CM_EVENT_CONNECT_REPLY | |
| CVE-2022-50135 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup The function rxe_create_qp calls rxe_qp_from_init. If some error occurs, the error handler of function rxe_qp_from_init will set both scq and rcq to | |
| CVE-2022-50134 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setup_base_ctxt() setup_base_ctxt() allocates a memory chunk for uctxt->groups with hfi1_alloc_ctxt_rcv_groups(). When init_user_ctxt() fails, uctxt->groups is not releas | |
| CVE-2022-50133 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: xhci_plat_remove: avoid NULL dereference Since commit 4736ebd7fcaff1eb8481c140ba494962847d6e0a ("usb: host: xhci-plat: omit shared hcd if either root hub has no ports") xhci->shared_hcd can be NULL, which | |
| CVE-2022-50132 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable() If 'ep' is NULL, result of ep_to_cdns3_ep(ep) is invalid pointer and its dereference with priv_ep->cdns3_d | |
| CVE-2022-50131 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: mcp2221: prevent a buffer overflow in mcp_smbus_write() Smatch Warning: drivers/hid/hid-mcp2221.c:388 mcp_smbus_write() error: __memcpy() '&mcp->txbuf[5]' too small (59 vs 255) drivers/hid/hid-mcp2221.c:38 | |
| CVE-2022-50129 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srpt_port from regular members into pointers. Allocate the LIO port data structures from inside srpt_make_tport() and free these from in | |
| CVE-2022-50127 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxe_create_qp() In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, internally things like the spin locks are not setup until rxe_qp_init_req(). If an | |
| CVE-2022-50126 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted Following process will fail assertion 'jh->b_frozen_data == NULL' in jbd2_journal_dirty_metadata(): jbd2_journal_ | |
| CVE-2022-50125 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing o | |
| CVE-2022-50124 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_nod | |
| CVE-2022-50121 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init Every iteration of for_each_available_child_of_node() decrements the reference count of the previous node. When breaking early from a for_each_avail | |
| CVE-2022-50120 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. This function has | |
| CVE-2022-50118 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable commit 2c9ac51b850d ("powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC | |
| CVE-2022-50117 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op (e.g. set_state/get_state) and accordingly calls its op. However, currently mlx5 driver sets the above | |
| CVE-2022-50116 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. T | |
| CVE-2022-50115 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol->ipc_control_data is freed up, b | |
| CVE-2022-50112 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. | |
| CVE-2022-50111 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6359: Fix refcount leak bug In mt6359_parse_dt() and mt6359_accdet_parse_dt(), we should call of_node_put() for the reference returned by of_get_child_by_name() which has increased the refcount. |
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a window for use-after-free During a destroy CQ an interrupt may cause processing of a CQE after CQ resources are freed by irdma_cq_free_rsrc(). Fix this by moving the call to irdma_cq_free_rsrc
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event If siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IW_CM_EVENT_CONNECT_REPLY
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup The function rxe_create_qp calls rxe_qp_from_init. If some error occurs, the error handler of function rxe_qp_from_init will set both scq and rcq to
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setup_base_ctxt() setup_base_ctxt() allocates a memory chunk for uctxt->groups with hfi1_alloc_ctxt_rcv_groups(). When init_user_ctxt() fails, uctxt->groups is not releas
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: usb: xhci_plat_remove: avoid NULL dereference Since commit 4736ebd7fcaff1eb8481c140ba494962847d6e0a ("usb: host: xhci-plat: omit shared hcd if either root hub has no ports") xhci->shared_hcd can be NULL, which
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable() If 'ep' is NULL, result of ep_to_cdns3_ep(ep) is invalid pointer and its dereference with priv_ep->cdns3_d
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: HID: mcp2221: prevent a buffer overflow in mcp_smbus_write() Smatch Warning: drivers/hid/hid-mcp2221.c:388 mcp_smbus_write() error: __memcpy() '&mcp->txbuf[5]' too small (59 vs 255) drivers/hid/hid-mcp2221.c:38
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srpt_port from regular members into pointers. Allocate the LIO port data structures from inside srpt_make_tport() and free these from in
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxe_create_qp() In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, internally things like the spin locks are not setup until rxe_qp_init_req(). If an
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted Following process will fail assertion 'jh->b_frozen_data == NULL' in jbd2_journal_dirty_metadata(): jbd2_journal_
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing o
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_nod
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init Every iteration of for_each_available_child_of_node() decrements the reference count of the previous node. When breaking early from a for_each_avail
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. This function has
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable commit 2c9ac51b850d ("powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op (e.g. set_state/get_state) and accordingly calls its op. However, currently mlx5 driver sets the above
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. T
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol->ipc_control_data is freed up, b
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done.
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6359: Fix refcount leak bug In mt6359_parse_dt() and mt6359_accdet_parse_dt(), we should call of_node_put() for the reference returned by of_get_child_by_name() which has increased the refcount.
Page 56 of 236