suse/kernel-default&distro=SUSE Linux Enterprise Workstation Extension 15 SP5

Vulnerabilities (2,017)

• CVE-2024-27393May 9, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling"). It is believed

• CVE-2023-52654May 9, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn't work exactly right and races with unix_stream_read_gener

• CVE-2022-48705May 3, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix crash in chip reset fail In case of drv own fail in reset, we may need to run mac_reset several times. The sequence would trigger system crash as the log below. Because we do not re-en

• CVE-2022-48704May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not b

• CVE-2022-48695May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c

• CVE-2022-48690May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ring count should substit

• CVE-2022-48703May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10). T

• CVE-2022-48702May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_a

• CVE-2022-48701May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-boun

• CVE-2022-48699May 3, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: sched/debug: fix dentry leak in update_sched_domain_debugfs Kuyo reports that the pattern of using debugfs_remove(debugfs_lookup()) leaks a dentry and with a hotplug stress test, the machine eventually runs out

• CVE-2022-48698May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling dp

• CVE-2022-48697May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr 0000607

• CVE-2022-48694May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ib_drain_sq to hang with no completion. Fix

• CVE-2022-48693May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs In brcmstb_pm_probe(), there are two kinds of leak bugs: (1) we need to add of_node_put() when for_each__matching_node() breaks (2) we need to add

• CVE-2022-48692May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd->result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereference which is reproduced by blktests srp/007 occasionally. BUG: kernel NULL pointer dereferenc

• CVE-2022-48691May 3, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: clean up hook list when offload flags check fails splice back the hook list so nft_chain_release_hook() has a chance to release the hooks. BUG: memory leak unreferenced object 0xffff88810

• CVE-2022-48689May 3, 2024
  affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

  In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report [1] showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or othe

• CVE-2022-48688May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately b

• CVE-2022-48687May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through

• CVE-2022-48686May 3, 2024
  affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

  In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sy