suse/kernel-default&distro=SUSE Linux Enterprise Server 15 SP3-LTSS

Vulnerabilities (1,483)

• CVE-2022-49989Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix error exit of privcmd_ioctl_dm_op() The error exit of privcmd_ioctl_dm_op() is calling unlock_pages() potentially with pages being NULL, leading to a NULL dereference. Additionally lock_pages(

• CVE-2022-49987Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: md: call __md_stop_writes in md_stop From the link [1], we can see raid1d was running even after the path raid_dtr -> md_stop -> __md_stop. Let's stop write first in destructor to align with normal md-raid to

• CVE-2022-49986Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq storvsc_error_wq workqueue should not be marked as WQ_MEM_RECLAIM as it doesn't need to make forward progress under memory pressure. Marking this work

• CVE-2022-49985Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnum_range on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-

• CVE-2022-49984Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report It is possible for a malicious device to forgo submitting a Feature Report. The HID Steam driver presently makes no prevision for this a

• CVE-2022-49981Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix memory leak in hidraw_release() Free the buffered reports before deleting the list entry. BUG: memory leak unreferenced object 0xffff88810e72f180 (size 32): comm "softirq", pid 0, jiffies 42

• CVE-2022-49980Jun 18, 2025
  affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

  In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usb_udc_uevent() The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug: --------------------------

• CVE-2022-49978Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: fbdev: fb_pm2fb: Avoid potential divide by zero error In `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be copied from user, then go through `fb_set_var()` and `info->fbops->fb_check_var()`

• CVE-2022-49977Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead ftrace_startup does not remove ops from ftrace_ops_list when ftrace_startup_enable fails: register_ftrace_function ftrace_star

• CVE-2022-49968Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: ieee802154/adf7242: defer destroy_workqueue call There is a possible race condition (use-after-free) like below (FREE) | (USE) adf7242_remove | adf7242_channel cancel_d

• CVE-2022-49956Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs _Read/Write_MACREG callbacks are NULL so the read/write_macreg_hdl() functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delet

• CVE-2022-49954Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag syzbot is reporting hung task at __input_unregister_device() [1], for iforce_close() waiting at wait_event_interruptible() with dev->mutex held is

• CVE-2022-49952Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on probe Add the missing sanity check on the probed-session count to avoid corrupting memory beyond the fixed-size slab-allocated session array when there are more than FAST

• CVE-2022-49950Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on open The probe session-duplication overflow check incremented the session count also when there were no more available sessions so that memory beyond the fixed-size slab-

• CVE-2022-49948Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: vt: Clear selection before changing the font When changing the console font with ioctl(KDFONTOP) the new font size can be bigger than the previous font. A previous selection may thus now be outside of the new s

• CVE-2022-49945Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: hwmon: (gpio-fan) Fix array out of bounds access The driver does not check if the cooling state passed to gpio_fan_set_cur_state() exceeds the maximum cooling state as stored in fan_data->num_speeds. Since the

• CVE-2022-49942Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected When we are not connected to a channel, sending channel "switch" announcement doesn't make any sense. The BSS list is empty in that case

• CVE-2022-49937Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usb_control_msg_*() routines Automatic kernel fuzzing led to a WARN about invalid pipe direction in the mceusb driver: ------------[ cut here ]------------ usb 6-1: BOGUS control dir, pi

• CVE-2022-49936Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking det

• CVE-2022-49934Jun 18, 2025
  affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211_scan_rx() ieee80211_scan_rx() tries to access scan_req->flags after a null check, but a UAF is observed when the scan is completed and __ieee80211_scan_completed() executes,