rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
Vulnerabilities (2,843)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50333 | Hig | 7.1 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor. | |
| CVE-2022-50331 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name( | |
| CVE-2022-50330 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect | |
| CVE-2022-50329 | Hig | 7.8 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will access 'bic->bfqq' in bic_set_bfqq(), however, bfq_exit_icq_bfqq() can free bfqq first | |
| CVE-2022-50328 | Hig | 7.8 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential use-after-free in jbd2_fc_wait_bufs In 'jbd2_fc_wait_bufs' use 'bh' after put buffer head reference count which may lead to use-after-free. So judge buffer if uptodate before put buffer head | |
| CVE-2022-50327 | Med | 5.5 | < 5.14.21-150400.24.184.1 | 5.14.21-150400.24.184.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subje | |
| CVE-2022-50324 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: maps: pxa2xx-flash: fix memory leak in probe Free 'info' upon remapping error to avoid a memory leak. [<miquel.raynal@bootlin.com>: Reword the commit log] | |
| CVE-2022-50321 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit() The brcmf_netdev_start_xmit() returns NETDEV_TX_OK without freeing skb in case of pskb_expand_head() fails, add dev_kfree_skb() to fix it. | |
| CVE-2022-50320 | Hig | 7.8 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address On a Packard Bell Dot SC (Intel Atom N2600 model) there is a FPDT table which contains invalid physical addresses, with high bits set | |
| CVE-2022-50318 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() pci_get_device() will increase the reference count for the returned 'dev'. We need to call pci_dev_put() to decrease the reference count | |
| CVE-2022-50317 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911505] i2c-core: driver [stdp2690-ge-b850v3-fw] unregistered [ 31.912484] general | |
| CVE-2022-50312 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly. | |
| CVE-2022-50309 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_nod | |
| CVE-2022-50308 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference. | |
| CVE-2022-50301 | Hig | 7.8 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix buffer overflow in debugfs There are two issues here: 1) The "len" variable needs to be checked before the very first write. Otherwise if omap2_iommu_dump_ctx() with "bytes" less than 32 it | |
| CVE-2022-50299 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf() returns the number of char | |
| CVE-2022-50298 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd: cleanup in probe error path Add proper error path in probe() to cleanup resources previously acquired/allocated to fix warnings visible during probe deferral: notifier callback qcom_slim_n | |
| CVE-2022-50297 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usb_endpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. (In this case there was an interrupt endpoint where the | |
| CVE-2022-50294 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix memory leak in lbs_init_adapter() When kfifo_alloc() failed in lbs_init_adapter(), cmd buffer is not released. Add free memory to processing error path. | |
| CVE-2022-50289 | Med | 5.5 | < 5.14.21-150400.24.179.1 | 5.14.21-150400.24.179.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_stack_glue_init() ocfs2_table_header should be free in ocfs2_stack_glue_init() if ocfs2_sysfs_init() failed, otherwise kmemleak will report memleak. BUG: memory leak unreference |
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor.
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name allocated in dev_set_name(
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: crypto: cavium - prevent integer overflow loading firmware The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will access 'bic->bfqq' in bic_set_bfqq(), however, bfq_exit_icq_bfqq() can free bfqq first
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential use-after-free in jbd2_fc_wait_bufs In 'jbd2_fc_wait_bufs' use 'bh' after put buffer head reference count which may lead to use-after-free. So judge buffer if uptodate before put buffer head
- affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value The return value of acpi_fetch_acpi_dev() could be NULL, which would cause a NULL pointer dereference to occur in acpi_device_hid(). [ rjw: Subje
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: mtd: maps: pxa2xx-flash: fix memory leak in probe Free 'info' upon remapping error to avoid a memory leak. [<miquel.raynal@bootlin.com>: Reword the commit log]
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit() The brcmf_netdev_start_xmit() returns NETDEV_TX_OK without freeing skb in case of pskb_expand_head() fails, add dev_kfree_skb() to fix it.
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address On a Packard Bell Dot SC (Intel Atom N2600 model) there is a FPDT table which contains invalid physical addresses, with high bits set
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() pci_get_device() will increase the reference count for the returned 'dev'. We need to call pci_dev_put() to decrease the reference count
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911505] i2c-core: driver [stdp2690-ge-b850v3-fw] unregistered [ 31.912484] general
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just returning directly.
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_nod
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference.
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix buffer overflow in debugfs There are two issues here: 1) The "len" variable needs to be checked before the very first write. Otherwise if omap2_iommu_dump_ctx() with "bytes" less than 32 it
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf() returns the number of char
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd: cleanup in probe error path Add proper error path in probe() to cleanup resources previously acquired/allocated to fix warnings visible during probe deferral: notifier callback qcom_slim_n
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usb_endpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. (In this case there was an interrupt endpoint where the
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix memory leak in lbs_init_adapter() When kfifo_alloc() failed in lbs_init_adapter(), cmd buffer is not released. Add free memory to processing error path.
- affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_stack_glue_init() ocfs2_table_header should be free in ocfs2_stack_glue_init() if ocfs2_sysfs_init() failed, otherwise kmemleak will report memleak. BUG: memory leak unreference
Page 39 of 143