rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
Vulnerabilities (2,843)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49506 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add vblank register/unregister callback functions We encountered a kernel panic issue that callback data will be NULL when it's using in ovl irq handler. There is a timing issue between mtk_disp_o | ||
| CVE-2022-49505 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFC: NULL out the dev->rfkill to prevent UAF Commit 3e3b5dfcd16a ("NFC: reorder the logic in nfc_{un,}register_device") assumes the device_is_registered() in function nfc_dev_up() will help to check when the rf | ||
| CVE-2022-49504 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a t | ||
| CVE-2022-49503 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix The "rxstatus->rs_keyix" eventually gets passed to test_bit() so we need to ensure that it is within the bitmap. drivers/net/wirele | ||
| CVE-2022-49502 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: rga: fix possible memory leak in rga_probe rga->m2m_dev needs to be freed when rga_probe fails. | ||
| CVE-2022-49501 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: usbnet: Run unregister_netdev() before unbind() again Commit 2c9d6c2b871d ("usbnet: run unbind() before unregister_netdev()") sought to fix a use-after-free on disconnect of USB Ethernet adapters. It turns out | ||
| CVE-2022-49498 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Check for null pointer of pointer substream before dereferencing it Pointer substream is being dereferenced on the assignment of pointer card before substream is being null checked with the macro PCM | ||
| CVE-2022-49495 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. Patchwork: https://pat | ||
| CVE-2022-49494 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resou | ||
| CVE-2022-49493 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645_i2c_remove() first cancel the &rt5645->jack_detect_work and delete the &rt5645->btn_check_tim | ||
| CVE-2022-49492 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which | ||
| CVE-2022-49491 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() It will cause null-ptr-deref in resource_size(), if platform_get_resource() returns NULL, move calling resource_size() after devm_ioremap_resource() | ||
| CVE-2022-49490 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected mdp5_get_global_state runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5_pipe_release doesn't | ||
| CVE-2022-49489 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpu_vbif_init | ||
| CVE-2022-49488 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected There is a possibility for mdp5_get_global_state to return -EDEADLK when acquiring the modeset lock, but currently global_state in | ||
| CVE-2022-49487 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() tha | ||
| CVE-2022-49486 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak. | ||
| CVE-2022-49482 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. | ||
| CVE-2022-49481 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt of_node_get() returns a node with refcount incremented. Calling of_node_put() to drop the reference when not needed anymore. | ||
| CVE-2022-49480 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe of_find_device_by_node() takes reference, we should use put_device() to release it. when devm_kzalloc() fails, it doesn't have a put_device(), it will cause r |
- CVE-2022-49506Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add vblank register/unregister callback functions We encountered a kernel panic issue that callback data will be NULL when it's using in ovl irq handler. There is a timing issue between mtk_disp_o
- CVE-2022-49505Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: NFC: NULL out the dev->rfkill to prevent UAF Commit 3e3b5dfcd16a ("NFC: reorder the logic in nfc_{un,}register_device") assumes the device_is_registered() in function nfc_dev_up() will help to check when the rf
- CVE-2022-49504Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a t
- CVE-2022-49503Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix The "rxstatus->rs_keyix" eventually gets passed to test_bit() so we need to ensure that it is within the bitmap. drivers/net/wirele
- CVE-2022-49502Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: media: rga: fix possible memory leak in rga_probe rga->m2m_dev needs to be freed when rga_probe fails.
- CVE-2022-49501Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: usbnet: Run unregister_netdev() before unbind() again Commit 2c9d6c2b871d ("usbnet: run unbind() before unregister_netdev()") sought to fix a use-after-free on disconnect of USB Ethernet adapters. It turns out
- CVE-2022-49498Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Check for null pointer of pointer substream before dereferencing it Pointer substream is being dereferenced on the assignment of pointer card before substream is being null checked with the macro PCM
- CVE-2022-49495Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. Patchwork: https://pat
- CVE-2022-49494Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resou
- CVE-2022-49493Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645_i2c_remove() first cancel the &rt5645->jack_detect_work and delete the &rt5645->btn_check_tim
- CVE-2022-49492Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which
- CVE-2022-49491Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() It will cause null-ptr-deref in resource_size(), if platform_get_resource() returns NULL, move calling resource_size() after devm_ioremap_resource()
- CVE-2022-49490Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected mdp5_get_global_state runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5_pipe_release doesn't
- CVE-2022-49489Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpu_vbif_init
- CVE-2022-49488Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected There is a possibility for mdp5_get_global_state to return -EDEADLK when acquiring the modeset lock, but currently global_state in
- CVE-2022-49487Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() tha
- CVE-2022-49486Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak.
- CVE-2022-49482Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done.
- CVE-2022-49481Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt of_node_get() returns a node with refcount incremented. Calling of_node_put() to drop the reference when not needed anymore.
- CVE-2022-49480Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe of_find_device_by_node() takes reference, we should use put_device() to release it. when devm_kzalloc() fails, it doesn't have a put_device(), it will cause r
Page 73 of 143