suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.1

Vulnerabilities (1,638)

• CVE-2022-49212Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init The reference counting issue happens in several error handling paths on a refcounted object "nc->dmac". In these paths, the function simply

• CVE-2022-49206Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in error flow for subscribe event routine In case the second xa_insert() fails, the obj_event is not released. Fix the error unwind flow to free that memory to avoid a memory leak.

• CVE-2022-49201Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: ibmvnic: fix race between xmit and reset There is a race between reset and the transmit paths that can lead to ibmvnic_xmit() accessing an scrq after it has been freed in the reset path. It can result in a cras

• CVE-2022-49200Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt Fix the following kernel oops in btmtksdio_interrrupt [ 14.339134] btmtksdio_interrupt+0x28/0x54 [ 14.339139] process_sdio_pending_irqs+0x68/0

• CVE-2022-49196Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix use after free in remove_phb_dynamic() In remove_phb_dynamic() we use &phb->io_resource, after we've called device_unregister(&host_bridge->dev). But the unregister may have freed phb, beca

• CVE-2022-49189Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as (2/3) and the final D value calculated results in underflow

• CVE-2022-49185Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak.

• CVE-2022-49175Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in device_pm_check_callbacks() The function device_pm_check_callbacks() can be called under the spin lock (in the reported case it happens from genpd_add_device() -> dev_pm_domain_set()

• CVE-2022-49164Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/tm: Fix more userspace r13 corruption Commit cf13435b730a ("powerpc/tm: Fix userspace r13 corruption") fixes a problem in treclaim where a SLB miss can occur on the thread_struct->ckpt_regs while SCRATC

• CVE-2022-49162Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: video: fbdev: sm712fb: Fix crash in smtcfb_write() When the sm712fb driver writes three bytes to the framebuffer, the driver will crash: BUG: unable to handle page fault for address: ffffc90001ffffff R

• CVE-2022-49160Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash during module load unload test During purex packet handling the driver was incorrectly freeing a pre-allocated structure. Fix this by skipping that entry. System crashed with the follo

• CVE-2022-49159Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Implement ref count for SRB The timeout handler and the done function are racing. When qla2x00_async_iocb_timeout() starts to run it can be preempted by the normal response path (via the firmware

• CVE-2022-49158Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix warning message due to adisc being flushed Fix warning message due to adisc being flushed. Linux kernel triggered a warning message where a different error code type is not matching up with

• CVE-2022-49157Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix premature hw access after PCI error After a recoverable PCI error has been detected and recovered, qla driver needs to check to see if the error condition still persist and/or wait for the OS

• CVE-2022-49156Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer (fc_remote_port_delete) which can put the thread to sleep. The thread that originates the call is in interrupt context. The combi

• CVE-2022-49155Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() [ 12.323788] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-udevd/1020 [ 12.332297] caller is qla2xxx_create_qpair+0x3

• CVE-2022-49153Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: wireguard: socket: free skb in send6 when ipv6 is disabled I got a memory leak report: unreferenced object 0xffff8881191fc040 (size 232): comm "kworker/u17:0", pid 23193, jiffies 4295238848 (age 3464.870s)

• CVE-2022-49151Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: properly check endpoint type Syzbot reported warning in usb_submit_urb() which is caused by wrong endpoint type. We should check that in endpoint is actually present to prevent this warning. Fou

• CVE-2022-49145Feb 26, 2025
  affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

  In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data If the NumEntries field in the _CPC return package is less than 2, do not attempt to access the "Revision" element of that package, because it may n

• CVE-2022-49139Feb 26, 2025
  affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt This event is just specified for SCO and eSCO link types. On the reception of a HCI_Synchronous_Connection_Complete for a BDADDR of an existing LE con