VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server 15 SP4-LTSS

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS

Vulnerabilities (2,830)

  • CVE-2022-50435Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid crash when inline data creation follows DIO write When inode is created and written to using direct IO, there is nothing to clear the EXT4_STATE_MAY_INLINE_DATA flag. Thus when inode gets truncated

  • CVE-2022-50434Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 (size 512): comm "insmod", pid 308021, jiffies 4324277909

  • CVE-2022-50432Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in __kernfs_remove Syzkaller managed to trigger concurrent calls to kernfs_remove_by_name_ns() for the same file resulting in a KASAN detected use-after-free. The race occurs when the

  • CVE-2022-50431Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() dev_set_name() in soundbus_add_one() allocates memory for name, it need be freed when of_device_register() fails, call soundbus_dev_put() to give

  • CVE-2022-50430Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING vub300_enable_sdio_irq() works with mutex and need TASK_RUNNING here. Ensure that we mark current as TASK_RUNNING for sleepable context. [

  • CVE-2022-50429Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease the refcount.

  • CVE-2022-50428Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several different off-by-one errors, or perhaps due to a late change in design that wasn't fully reflected in the code that was actually merged, t

  • CVE-2022-50427Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() If device_register() fails in snd_ac97_dev_register(), it should call put_device() to give up reference, or the name allocated in dev_set_name() i

  • CVE-2022-50425Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly When an extended state component is not present in fpstate, but in init state, the function copies from init_fpstate via copy_feature(). But, dy

  • CVE-2022-50423Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() There is an use-after-free reported by KASAN: BUG: KASAN: use-after-free in acpi_ut_remove_reference+0x3b/0x82 Read of size 1 at addr ffff8

  • CVE-2022-50422Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() When executing SMP task failed, the smp_execute_task_sg() calls del_timer() to delete "slow_task->timer". However, if the timer handler sas_task_int

  • CVE-2025-39869Sep 23, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map Fix a critical memory allocation bug in edma_setup_from_hw() where queue_priority_map was allocated with insufficient memory. The code decl

  • CVE-2025-39860HigSep 19, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() syzbot reported the splat below without a repro. In the splat, a single thread calling bt_accept_dequeue() freed sk and touched it after that. The

  • CVE-2023-53446Sep 18, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcie_link_state->downstream is a pointer to the pci_dev of function 0. Previously we retained that pointer when removing function 0

  • CVE-2023-53443Sep 18, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak In arizona_clk32k_enable(), we should use pm_runtime_resume_and_get() as pm_runtime_get_sync() will increase the refcnt even when it returns

  • CVE-2023-53440Sep 18, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing of creation and deletion of sysfs entries, potentially leading to null pointer dereferences, use-after-free, and

  • CVE-2023-53438Sep 18, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch (IF) units on current AMD Zen-based systems do not guarantee a synchronous #MC is delivered for poison consumption errors. Ther

  • CVE-2023-53437Sep 18, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link.

  • CVE-2023-53436Sep 18, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to

  • CVE-2023-53435Sep 18, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: cassini: Fix a memory leak in the error handling path of cas_init_one() cas_saturn_firmware_init() allocates some memory using vmalloc(). This memory is freed in the .remove() function but not it the error hand

Page 30 of 142