suse/kernel-default&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Vulnerabilities (1,794)

• CVE-2022-50022Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5_release_stripe(sh);" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines 2886 "if (sh->batch_h

• CVE-2022-50020Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in

• CVE-2022-50012Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parse_early_param() On 64-bit, calling jump_label_init() in setup_feature_keys() is too late because static keys may be used in subroutines of parse_early_param() which is ag

• CVE-2022-50008Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call disarm_kprobe() for disabled kprobes The assumption in __disable_kprobe() is wrong, and it could try to disarm an already disarmed kprobe and fire the WARN_ONCE() below. [0] We can easily r

• CVE-2022-50007Jun 18, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in __xfrm_policy_check() The issue happens on an error path in __xfrm_policy_check(). When the fetching process of the object `pols[1]` fails, the function simply returns 0, forgetting t

• CVE-2022-49993Jun 18, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loop_config is passed (see lo_ioctl()'s case on line 1550 of drivers/block

• CVE-2022-49990Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: s390: fix double free of GS and RI CBs on fork() failure The pointers for guarded storage and runtime instrumentation control blocks are stored in the thread_struct of the associated task. These pointers are in

• CVE-2022-49987Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: md: call __md_stop_writes in md_stop From the link [1], we can see raid1d was running even after the path raid_dtr -> md_stop -> __md_stop. Let's stop write first in destructor to align with normal md-raid to

• CVE-2022-49986Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq storvsc_error_wq workqueue should not be marked as WQ_MEM_RECLAIM as it doesn't need to make forward progress under memory pressure. Marking this work

• CVE-2022-49981Jun 18, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix memory leak in hidraw_release() Free the buffered reports before deleting the list entry. BUG: memory leak unreferenced object 0xffff88810e72f180 (size 32): comm "softirq", pid 0, jiffies 42

• CVE-2022-49980Jun 18, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usb_udc_uevent() The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug: --------------------------

• CVE-2022-49978Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: fbdev: fb_pm2fb: Avoid potential divide by zero error In `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be copied from user, then go through `fb_set_var()` and `info->fbops->fb_check_var()`

• CVE-2022-49977Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead ftrace_startup does not remove ops from ftrace_ops_list when ftrace_startup_enable fails: register_ftrace_function ftrace_star

• CVE-2022-49975Jun 18, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pkt_len Syzbot found an issue [1]: fq_codel_drop() try to drop a flow whitout any skbs, that is, the flow->head is null. The root cause, as the [2] says, is because that

• CVE-2022-49969Jun 18, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: clear optc underflow before turn off odm clock [Why] After ODM clock off, optc underflow bit will be kept there always and clear not work. We need to clear that before clock off. [How] Clear t

• CVE-2022-49967Jun 18, 2025
  affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a data-race around bpf_jit_limit. While reading bpf_jit_limit, it can be changed concurrently via sysctl, WRITE_ONCE() in __do_proc_doulongvec_minmax(). The size of bpf_jit_limit is long, so we need to

• CVE-2022-49957Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: kcm: fix strp_init() order and cleanup strp_init() is called just a few lines above this csk->sk_user_data check, it also initializes strp->work etc., therefore, it is unnecessary to call strp_done() to cancel

• CVE-2022-49956Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs _Read/Write_MACREG callbacks are NULL so the read/write_macreg_hdl() functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delet

• CVE-2022-49954Jun 18, 2025
  affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

  In the Linux kernel, the following vulnerability has been resolved: Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag syzbot is reporting hung task at __input_unregister_device() [1], for iforce_close() waiting at wait_event_interruptible() with dev->mutex held is

• CVE-2022-49948Jun 18, 2025
  affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

  In the Linux kernel, the following vulnerability has been resolved: vt: Clear selection before changing the font When changing the console font with ioctl(KDFONTOP) the new font size can be bigger than the previous font. A previous selection may thus now be outside of the new s