rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Vulnerabilities (1,350)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49729 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred Similar to the handling of play_deferred in commit 19cfe912c37b ("Bluetooth: btusb: Fix memory leak in play_deferred"), we thought a patch might be needed | ||
| CVE-2022-49724 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Fix free_irq() on remove Pass the correct dev_id to free_irq() to fix this splat when the driver is unbound: WARNING: CPU: 0 PID: 30 at kernel/irq/manage.c:1895 free_irq Trying to free already | ||
| CVE-2022-49723 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix error_state_read ptr + offset use Fix our pointer offset usage in error_state_read when there is no i915_gpu_coredump but buf offset is non-zero. This fixes a kernel page fault can happen w | ||
| CVE-2022-49720 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blk_mq_alloc_request_hctx() This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of | ||
| CVE-2022-49713 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix memory leak in dwc2_hcd_init usb_create_hcd will alloc memory for hcd, and we should call usb_put_hcd to free it when platform_get_resource() fails to prevent memory leak. goto error2 label inste | ||
| CVE-2022-49712 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node | ||
| CVE-2022-49711 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() In fsl_mc_bus_remove(), mc->root_mc_bus_dev->mc_io is passed to fsl_destroy_mc_io(). However, mc->root_mc_bus_dev is already freed in fsl_mc_devi | ||
| CVE-2022-49710 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITS_PER_LONG The code in dm-log rounds up bitset_size to 32 bits. It then uses find_next_zero_bit_le on the allocated region. find_next_zero_bit_le accesses the bi | ||
| CVE-2022-49708 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on ext4_mb_use_inode_pa Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/mballoc.c:3211! [...] RIP: 0010:ext4_mb_mark_diskspac | ||
| CVE-2022-49707 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: add reserved GDT blocks check We capture a NULL pointer issue when resizing a corrupt ext4 image which is freshly clear resize_inode feature (not run e2fsck). It could be simply reproduced by following st | ||
| CVE-2022-49703 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue i | ||
| CVE-2022-49701 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Allocate/free queue resource only during probe/remove Currently, the sub-queues and event pool resources are allocated/freed for every CRQ connection event such as reset and LPM. This exposes the | ||
| CVE-2022-49700 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as the TID stays the same. However, two places in __slab_alloc() currently don't up | ||
| CVE-2022-49693 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_graph_get_remote_node() returns remote device node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add mi | ||
| CVE-2022-49687 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using virtio_net: # ip link set eth0 up # echo mem > /sys/power/state (or e.g. # rtcw | ||
| CVE-2022-49685 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after- | ||
| CVE-2022-49678 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missin | ||
| CVE-2022-49674 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load (using raid_ctr), dm-raid allocates an array rs->devs[rs->raid_disks] for the raid device members. rs->raid_disks is defined by the nu | ||
| CVE-2022-49673 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warning happens in the test lvconvert-raid-reshape-linear_to_raid6-single-type.sh. We | ||
| CVE-2022-49671 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. When cm_init_listen() fails it doesn't free it, leading to memory leak. Add the missing error unwind. |
- CVE-2022-49729Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred Similar to the handling of play_deferred in commit 19cfe912c37b ("Bluetooth: btusb: Fix memory leak in play_deferred"), we thought a patch might be needed
- CVE-2022-49724Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Fix free_irq() on remove Pass the correct dev_id to free_irq() to fix this splat when the driver is unbound: WARNING: CPU: 0 PID: 30 at kernel/irq/manage.c:1895 free_irq Trying to free already
- CVE-2022-49723Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix error_state_read ptr + offset use Fix our pointer offset usage in error_state_read when there is no i915_gpu_coredump but buf offset is non-zero. This fixes a kernel page fault can happen w
- CVE-2022-49720Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blk_mq_alloc_request_hctx() This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of
- CVE-2022-49713Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix memory leak in dwc2_hcd_init usb_create_hcd will alloc memory for hcd, and we should call usb_put_hcd to free it when platform_get_resource() fails to prevent memory leak. goto error2 label inste
- CVE-2022-49712Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node
- CVE-2022-49711Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() In fsl_mc_bus_remove(), mc->root_mc_bus_dev->mc_io is passed to fsl_destroy_mc_io(). However, mc->root_mc_bus_dev is already freed in fsl_mc_devi
- CVE-2022-49710Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITS_PER_LONG The code in dm-log rounds up bitset_size to 32 bits. It then uses find_next_zero_bit_le on the allocated region. find_next_zero_bit_le accesses the bi
- CVE-2022-49708Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on ext4_mb_use_inode_pa Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/mballoc.c:3211! [...] RIP: 0010:ext4_mb_mark_diskspac
- CVE-2022-49707Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: ext4: add reserved GDT blocks check We capture a NULL pointer issue when resizing a corrupt ext4 image which is freshly clear resize_inode feature (not run e2fsck). It could be simply reproduced by following st
- CVE-2022-49703Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue i
- CVE-2022-49701Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Allocate/free queue resource only during probe/remove Currently, the sub-queues and event pool resources are allocated/freed for every CRQ connection event such as reset and LPM. This exposes the
- CVE-2022-49700Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as the TID stays the same. However, two places in __slab_alloc() currently don't up
- CVE-2022-49693Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_graph_get_remote_node() returns remote device node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add mi
- CVE-2022-49687Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using virtio_net: # ip link set eth0 up # echo mem > /sys/power/state (or e.g. # rtcw
- CVE-2022-49685Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-
- CVE-2022-49678Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missin
- CVE-2022-49674Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load (using raid_ctr), dm-raid allocates an array rs->devs[rs->raid_disks] for the raid device members. rs->raid_disks is defined by the nu
- CVE-2022-49673Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warning happens in the test lvconvert-raid-reshape-linear_to_raid6-single-type.sh. We
- CVE-2022-49671Feb 26, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. When cm_init_listen() fails it doesn't free it, leading to memory leak. Add the missing error unwind.
Page 12 of 68