suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.3

Vulnerabilities (3,027)

• CVE-2022-49216Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix reference leak in tegra_dsi_ganged_probe The reference taken by 'of_find_device_by_node()' must be released when not needed anymore. Add put_device() call to fix this.

• CVE-2022-49214Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 ("powerpc/mm: Show if a bad page fault on data is read or write.") we use page_fault_is_write(regs->dsisr) in __bad_page_fault() to determin

• CVE-2022-49213Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix error handling in ath10k_setup_msa_resources The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only cal

• CVE-2022-49212Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init The reference counting issue happens in several error handling paths on a refcounted object "nc->dmac". In these paths, the function simply

• CVE-2022-49208Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevent some integer underflows My static checker complains that: drivers/infiniband/hw/irdma/ctrl.c:3605 irdma_sc_ceq_init() warn: can subtract underflow 'info->dev->hmc_fpm_misc.max_ceqs'

• CVE-2022-49206Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in error flow for subscribe event routine In case the second xa_insert() fails, the obj_event is not released. Fix the error unwind flow to free that memory to avoid a memory leak.

• CVE-2022-49201Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: ibmvnic: fix race between xmit and reset There is a race between reset and the transmit paths that can lead to ibmvnic_xmit() accessing an scrq after it has been freed in the reset path. It can result in a cras

• CVE-2022-49200Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt Fix the following kernel oops in btmtksdio_interrrupt [ 14.339134] btmtksdio_interrupt+0x28/0x54 [ 14.339139] process_sdio_pending_irqs+0x68/0

• CVE-2022-49199Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows.

• CVE-2022-49196Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix use after free in remove_phb_dynamic() In remove_phb_dynamic() we use &phb->io_resource, after we've called device_unregister(&host_bridge->dev). But the unregister may have freed phb, beca

• CVE-2022-49194Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Use stronger register read/writes to assure ordering GCC12 appears to be much smarter about its dependency tracking and is aware that the relaxed variants are just normal loads and stores and thi

• CVE-2022-49193Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: ice: fix 'scheduling while atomic' on aux critical err interrupt There's a kernel BUG splat on processing aux critical error interrupts in ice_misc_intr(): [ 2100.917085] BUG: scheduling while atomic: swapper/

• CVE-2022-49189Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as (2/3) and the final D value calculated results in underflow

• CVE-2022-49188Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region The device_node pointer is returned by of_parse_phandle() or of_get_child_by_name() with refcount incremented. We should use of_node_put() o

• CVE-2022-49187Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_hw_get_clk() when dev is NULL Any registered clk_core structure can have a NULL pointer in its dev field. While never actually documented, this is evidenced by the wide usage of clk_register and cl

• CVE-2022-49185Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak.

• CVE-2022-49182Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: net: hns3: add vlan list lock to protect vlan list When adding port base VLAN, vf VLAN need to remove from HW and modify the vlan state in vf VLAN list as false. If the periodicity task is freeing the same node

• CVE-2022-49180Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacy_parse_param The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an inpu

• CVE-2022-49179Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oom_bfqq Our test report a UAF: [ 2073.019181] ================================================================== [ 2073.019188] BUG: KASAN: use-after-free in __bfq_put_async_bfqq+0xa0/0

• CVE-2022-49177Feb 26, 2025
  affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1

  In the Linux kernel, the following vulnerability has been resolved: hwrng: cavium - fix NULL but dereferenced coccicheck error Fix following coccicheck warning: ./drivers/char/hw_random/cavium-rng-vf.c:182:17-20: ERROR: pdev is NULL but dereferenced.