suse/kernel-default&distro=SUSE Linux Enterprise Server 15 SP5-LTSS

Vulnerabilities (2,310)

• CVE-2023-54166Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndo_tx_timeout callback The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening d

• CVE-2023-54164Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix iso_conn related locking and validity issues sk->sk_state indicates whether iso_pi(sk)->conn is valid. Operations that check/update sk_state and access conn should hold lock_sock, otherwise

• CVE-2022-50889Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: dm integrity: Fix UAF in dm_integrity_dtr() Dm_integrity also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in dm_integrity_dtr().

• CVE-2022-50888Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() q6v5_wcss_init_mmio() will call platform_get_resource_byname() that may fail and return NULL. devm_ioremap() will use res->start as

• CVE-2022-50887Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() I got the the following report: OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced -

• CVE-2022-50886Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash

• CVE-2022-50885Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup+0x2f3/0x360 [rdma_rxe] Rea

• CVE-2022-50884Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drm_copy_field() to attempt copying a NULL pointer There are some struct drm_driver fields that are required by drivers since drm_copy_field() attempts to copy them to user-space via DRM_IOCTL_VERS

• CVE-2022-50883Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent decl_tag from being referenced in func_proto arg Syzkaller managed to hit another decl_tag issue: btf_func_proto_check kernel/bpf/btf.c:4506 [inline] btf_check_all_types kernel/bpf/btf.c:4734

• CVE-2022-50882Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix memory leak in uvc_gpio_parse Previously the unit buffer was allocated before checking the IRQ for privacy GPIO. In case of error, the unit buffer was leaked. Allocate the unit buffer afte

• CVE-2022-50881Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() This patch fixes a use-after-free in ath9k that occurs in ath9k_hif_usb_disconnect() when ath9k_destroy_wmi() is trying to access 'drv_priv' that ha

• CVE-2022-50880Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdev_id and ad

• CVE-2022-50878Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init() A NULL check for bridge->encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 i

• CVE-2022-50876Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musb_gadget.c rxstate overflow bug The usb function device call musb_gadget_queue() adds the passed request to musb_ep::req_list,If the (request->length > musb_ep->packet_sz) and (is_buffer_mappe

• CVE-2022-50873Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove In vp_vdpa_remove(), the code kfree(&vp_vdpa_mgtdev->mgtdev.id_table) uses a reference of pointer as the argument of kfree, which is the wrong pointer a

• CVE-2022-50872Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtime_counter_init() The "sys_clk" resource is malloced by clk_get(), it is not released when the function return.

• CVE-2022-50870Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entai

• CVE-2022-50868Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also

• CVE-2022-50867Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage adreno_show_object() is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree(). Which

• CVE-2022-50866Dec 30, 2025
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter() kasprintf() would return NULL pointer when kmalloc() fail to allocate. Need to check the return pointer before calling strcmp().