rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (4,709)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49917 | Hig | 7.8 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ip_vs_app_net_cleanup() During the initialization of ip_vs_app_net_init(), if file ip_vs_app fails to be created, the initialization is successful by default. Therefore, the ip_vs_app file | |
| CVE-2022-49916 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rose_send_frame() The syzkaller reported an issue: KASAN: null-ptr-deref in range [0x0000000000000380-0x0000000000000387] CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted 6 | |
| CVE-2022-49915 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_register_device() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, add put_device() | |
| CVE-2022-49910 | Hig | 7.8 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu Fix the race condition between the following two flows that run in parallel: 1. l2cap_reassemble_sdu -> chan->ops->recv (l2cap_sock_recv_cb) | |
| CVE-2022-49908 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix memory leak in vhci_write Syzkaller reports a memory leak as follows: ==================================== BUG: memory leak unreferenced object 0xffff88810d81ac00 (size 240): [...] hex | |
| CVE-2022-49906 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Free rwi on reset success Free the rwi structure in the event that the last rwi in the list processed successfully. The logic in commit 4f408e1fa6e1 ("ibmvnic: retry reset if there are no other resets" | |
| CVE-2022-49905 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible leaked pernet namespace in smc_init() In smc_init(), register_pernet_subsys(&smc_net_stat_ops) is called without any error handling. If it fails, registering of &smc_net_ops won't be rever | |
| CVE-2022-49902 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: block: Fix possible memory leak for rq_wb on add_disk failure kmemleak reported memory leaks in device_add_disk(): kmemleak: 3 new suspected memory leaks unreferenced object 0xffff88800f420800 (size 512): c | |
| CVE-2022-49901 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fix kmemleak in blk_mq_init_allocated_queue There is a kmemleak caused by modprobe null_blk.ko unreferenced object 0xffff8881acb1f000 (size 1024): comm "modprobe", pid 836, jiffies 4294971190 (age 27 | |
| CVE-2022-49900 | Hig | 7.8 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix adapter not be removed in piix4_remove() In piix4_probe(), the piix4 adapter will be registered in: piix4_probe() piix4_add_adapters_sb800() / piix4_add_adapter() i2c_add_adapter | |
| CVE-2022-49892 | Hig | 7.8 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix use-after-free for dynamic ftrace_ops KASAN reported a use-after-free with ftrace ops [1]. It was found from vmcore that perf had registered two ops with the same content successively, both dynamic. | |
| CVE-2022-49891 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd() test_gen_kprobe_cmd() only free buf in fail path, hence buf will leak when there is no failure. Move kfree(buf) from fail path to common path | |
| CVE-2022-49890 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: capabilities: fix potential memleak on error path from vfs_getxattr_alloc() In cap_inode_getsecurity(), we will use vfs_getxattr_alloc() to complete the memory allocation of tmpbuf, if we have completed the mem | |
| CVE-2022-49889 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters() On some machines the number of listed CPUs may be bigger than the actual CPUs that exist. The tracing subsystem allocates a per_cpu directory | |
| CVE-2022-49888 | Hig | 7.8 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortex_a76_erratum_1463225_debug_handler() function is called when handling debug exceptions (and synchronous exceptions from BRK instructions), and so is called when a | |
| CVE-2022-49887 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or vdec_remove is called. | |
| CVE-2022-49886 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Panic on bad configs that #VE on "private" memory access All normal kernel memory is "TDX private memory". This includes everything from kernel stacks to kernel text. Handling exceptions on arbitrary | |
| CVE-2022-49885 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Change num_ghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc() to fail. The overflow happens in ghes_estatus_pool | |
| CVE-2022-49881 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in query_regdb_file() In the function query_regdb_file() the alpha2 parameter is duplicated using kmemdup() and subsequently freed in regdb_fw_cb(). However, request_firmware_now | |
| CVE-2022-49880 | Med | 5.5 | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in 'ext4_da_release_space' Syzkaller report issue as follows: EXT4-fs (loop0): Free/Dirty block details EXT4-fs (loop0): free_blocks=0 EXT4-fs (loop0): dirty_blocks=0 EXT4-fs (loop0): Block re |
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ip_vs_app_net_cleanup() During the initialization of ip_vs_app_net_init(), if file ip_vs_app fails to be created, the initialization is successful by default. Therefore, the ip_vs_app file
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rose_send_frame() The syzkaller reported an issue: KASAN: null-ptr-deref in range [0x0000000000000380-0x0000000000000387] CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted 6
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_register_device() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, add put_device()
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu Fix the race condition between the following two flows that run in parallel: 1. l2cap_reassemble_sdu -> chan->ops->recv (l2cap_sock_recv_cb)
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix memory leak in vhci_write Syzkaller reports a memory leak as follows: ==================================== BUG: memory leak unreferenced object 0xffff88810d81ac00 (size 240): [...] hex
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Free rwi on reset success Free the rwi structure in the event that the last rwi in the list processed successfully. The logic in commit 4f408e1fa6e1 ("ibmvnic: retry reset if there are no other resets"
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible leaked pernet namespace in smc_init() In smc_init(), register_pernet_subsys(&smc_net_stat_ops) is called without any error handling. If it fails, registering of &smc_net_ops won't be rever
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: block: Fix possible memory leak for rq_wb on add_disk failure kmemleak reported memory leaks in device_add_disk(): kmemleak: 3 new suspected memory leaks unreferenced object 0xffff88800f420800 (size 512): c
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fix kmemleak in blk_mq_init_allocated_queue There is a kmemleak caused by modprobe null_blk.ko unreferenced object 0xffff8881acb1f000 (size 1024): comm "modprobe", pid 836, jiffies 4294971190 (age 27
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix adapter not be removed in piix4_remove() In piix4_probe(), the piix4 adapter will be registered in: piix4_probe() piix4_add_adapters_sb800() / piix4_add_adapter() i2c_add_adapter
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix use-after-free for dynamic ftrace_ops KASAN reported a use-after-free with ftrace ops [1]. It was found from vmcore that perf had registered two ops with the same content successively, both dynamic.
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd() test_gen_kprobe_cmd() only free buf in fail path, hence buf will leak when there is no failure. Move kfree(buf) from fail path to common path
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: capabilities: fix potential memleak on error path from vfs_getxattr_alloc() In cap_inode_getsecurity(), we will use vfs_getxattr_alloc() to complete the memory allocation of tmpbuf, if we have completed the mem
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters() On some machines the number of listed CPUs may be bigger than the actual CPUs that exist. The tracing subsystem allocates a per_cpu directory
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortex_a76_erratum_1463225_debug_handler() function is called when handling debug exceptions (and synchronous exceptions from BRK instructions), and so is called when a
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or vdec_remove is called.
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Panic on bad configs that #VE on "private" memory access All normal kernel memory is "TDX private memory". This includes everything from kernel stacks to kernel text. Handling exceptions on arbitrary
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Change num_ghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc() to fail. The overflow happens in ghes_estatus_pool
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in query_regdb_file() In the function query_regdb_file() the alpha2 parameter is duplicated using kmemdup() and subsequently freed in regdb_fw_cb(). However, request_firmware_now
- affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in 'ext4_da_release_space' Syzkaller report issue as follows: EXT4-fs (loop0): Free/Dirty block details EXT4-fs (loop0): free_blocks=0 EXT4-fs (loop0): dirty_blocks=0 EXT4-fs (loop0): Block re
Page 68 of 236