rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50077 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: apparmor: fix reference count leak in aa_pivotroot() The aa_pivotroot() function has a reference counting bug in a specific path. When aa_replace_current_label() returns on success, the function forgets to decr | |
| CVE-2022-50076 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak on the deferred close xfstests on smb21 report kmemleak as below: unreferenced object 0xffff8881767d6200 (size 64): comm "xfs_io", pid 1284, jiffies 4294777434 (age 20.789s) hex | |
| CVE-2022-50074 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in aa_simple_write_to_buffer() When copy_from_user failed, the memory is freed by kvfree. however the management struct and data blob are allocated independently, so only kvfree(data) caus | |
| CVE-2022-50073 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null Fixes a NULL pointer derefence bug triggered from tap driver. When tap_get_user calls virtio_net_hdr_to_skb the skb->dev is nu | |
| CVE-2022-50072 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by t | |
| CVE-2022-50068 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix dummy res NULL ptr deref bug Check the bo->resource value before accessing the resource mem_type. v2: Fix commit description unwrapped warning [ 40.191227][ T184] general protection | |
| CVE-2022-50067 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_t | |
| CVE-2022-50066 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range | |
| CVE-2022-50065 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is new | |
| CVE-2022-50062 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: bgmac: Fix a BUG triggered by wrong bytes_compl On one of our machines we got: kernel BUG at lib/dynamic_queue_limits.c:27! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM CPU: 0 PID: 1166 Comm: irq/41 | |
| CVE-2022-50061 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_ | |
| CVE-2022-50060 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix mcam entry resource leak The teardown sequence in FLR handler returns if no NIX LF is attached to PF/VF because it indicates that graceful shutdown of resources already happened. But there is | |
| CVE-2022-50059 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snap_rwsem in handle_cap_grant When handle_cap_grant is called on an IMPORT op, then the snap_rwsem is held and the function is expected to release it before returning. It currently fails to do | |
| CVE-2022-50055 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration | |
| CVE-2022-50054 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix NULL pointer dereference in iavf_get_link_ksettings Fix possible NULL pointer dereference, due to freeing of adapter->vf_res in iavf_init_get_resources. Previous commit introduced a regression, where | |
| CVE-2022-50053 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling Do not call iavf_close in iavf_reset_task error handling. Doing so can lead to double call of napi_disable, which can lead to deadlock there. Removing VF would lead to iavf_remove | |
| CVE-2022-50052 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow | |
| CVE-2022-50051 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflo | |
| CVE-2022-50050 | Hig | 7.8 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer ov | |
| CVE-2022-50049 | Med | 5.5 | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: DPCM: Don't pick up BE without substream When DPCM tries to add valid BE connections at dpcm_add_paths(), it doesn't check whether the picked BE actually supports for the given stream direction. Due to t |
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix reference count leak in aa_pivotroot() The aa_pivotroot() function has a reference counting bug in a specific path. When aa_replace_current_label() returns on success, the function forgets to decr
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak on the deferred close xfstests on smb21 report kmemleak as below: unreferenced object 0xffff8881767d6200 (size 64): comm "xfs_io", pid 1284, jiffies 4294777434 (age 20.789s) hex
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in aa_simple_write_to_buffer() When copy_from_user failed, the memory is freed by kvfree. however the management struct and data blob are allocated independently, so only kvfree(data) caus
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null Fixes a NULL pointer derefence bug triggered from tap driver. When tap_get_user calls virtio_net_hdr_to_skb the skb->dev is nu
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by t
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix dummy res NULL ptr deref bug Check the bo->resource value before accessing the resource mem_type. v2: Fix commit description unwrapped warning [ 40.191227][ T184] general protection
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_t
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is new
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: net: bgmac: Fix a BUG triggered by wrong bytes_compl On one of our machines we got: kernel BUG at lib/dynamic_queue_limits.c:27! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM CPU: 0 PID: 1166 Comm: irq/41
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix mcam entry resource leak The teardown sequence in FLR handler returns if no NIX LF is attached to PF/VF because it indicates that graceful shutdown of resources already happened. But there is
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snap_rwsem in handle_cap_grant When handle_cap_grant is called on an IMPORT op, then the snap_rwsem is held and the function is expected to release it before returning. It currently fails to do
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix NULL pointer dereference in iavf_get_link_ksettings Fix possible NULL pointer dereference, due to freeing of adapter->vf_res in iavf_init_get_resources. Previous commit introduced a regression, where
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling Do not call iavf_close in iavf_reset_task error handling. Doing so can lead to double call of napi_disable, which can lead to deadlock there. Removing VF would lead to iavf_remove
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflo
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer ov
- affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: DPCM: Don't pick up BE without substream When DPCM tries to add valid BE connections at dpcm_add_paths(), it doesn't check whether the picked BE actually supports for the given stream direction. Due to t
Page 58 of 236