VYPR

rpm package

suse/kernel-default&distro=SUSE Manager Server 4.3

pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Server%204.3

Vulnerabilities (1,907)

  • CVE-2022-48671May 3, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at cpuset_attach() [1], for commit 4f7e7236435ca0ab ("cgroup: Fix threadgro

  • CVE-2024-27389May 1, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput() double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0

  • CVE-2024-27043May 1, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio

  • CVE-2024-26935MedMay 1, 2024
    affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a

  • CVE-2024-26976May 1, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed

  • CVE-2024-26930May 1, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan reported potential risk of double free of the pointer ha->vp_map. ha->vp_map was freed in qla2x00_mem_alloc(), and again freed in function

  • CVE-2022-48668Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031 I also decided t

  • CVE-2022-48667Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup (avoiding rereading in

  • CVE-2022-48664Apr 28, 2024
    affected < 5.14.21-150400.24.141.1fixed 5.14.21-150400.24.141.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix hang during unmount when stopping a space reclaim worker Often when running generic/562 from fstests we can hang during unmount, resulting in a trace like this: Sep 07 11:52:00 debian9 unknown: ru

  • CVE-2022-48663Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: fix NULL pointer dereference when removing debugfs We now remove the device's debugfs entries when unbinding the driver. This now causes a NULL-pointer dereference on module exit because the platf

  • CVE-2022-48662Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915_gem_context.link under ref protection i915_perf assumes that it can use the i915_gem_context reference to protect its i915->gem.contexts.list iteration. However, this requires tha

  • CVE-2022-48660Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully When running gpio test on nxp-ls1028 platform with below command gpiomon --num-events=3 --rising-edge gpiochip1 25 There will be a warning

  • CVE-2022-48657Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: topology: fix possible overflow in amu_fie_setup() cpufreq_get_hw_max_freq() returns max frequency in kHz as *unsigned int*, while freq_inv_set_max_ratio() gets passed this frequency in Hz as 'u64'. Mult

  • CVE-2022-48656Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get() We should call of_node_put() for the reference returned by of_parse_phandle() in fail path or when it is not used anymore. Here we onl

  • CVE-2022-48655Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-o

  • CVE-2022-48654Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() nf_osf_find() incorrectly returns true on mismatch, this leads to copying uninitialized memory area in nft_osf which can be used to leak stale

  • CVE-2022-48653Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in

  • CVE-2022-48652Apr 28, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 ("ice: ethtool: Prohibit improper channel config for DCB")

  • CVE-2022-48651Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an AF_PACKET socket is used to send packets through ipvlan and the default xmit function of the AF_PACKET socket is changed from dev_queue_xmit()

  • CVE-2022-48650Apr 28, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() Commit 8f394da36a36 ("scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG") made the __qlt_24xx_handle_abts() function return early if tcm_qla2xxx_find_

Page 81 of 96