suse/kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

Vulnerabilities (2,310)

• CVE-2022-49122Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to u

• CVE-2022-49121Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix tag leaks on error In pm8001_chip_set_dev_state_req(), pm8001_chip_fw_flash_update_req(), pm80xx_chip_phy_ctl_req() and pm8001_chip_reg_dev_req() add missing calls to pm8001_tag_free() to free

• CVE-2022-49120Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001_send_abort_all() In pm8001_send_abort_all(), make sure to free the allocated sas task if pm8001_tag_alloc() or pm8001_mpi_build_cmd() fail.

• CVE-2022-49119Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() In pm8001_chip_fw_flash_update_build(), if pm8001_chip_fw_flash_update_build() fails, the struct fw_control_ex allocated must be freed.

• CVE-2022-49118Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Free irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in free_irq(), and this will c

• CVE-2022-49116Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use memset avoid memory leaks Use memset to initialize structs to prevent memory leaks in l2cap_ecred_connect

• CVE-2022-49115Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix misused goto label Fix a misused goto label jump since that can result in a memory leak.

• CVE-2022-49114Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fc_exch_abts_resp() fc_exch_release(ep) will decrease the ep's reference count. When the reference count reaches zero, it is freed. But ep is still used in the following code,

• CVE-2022-49113Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/secvar: fix refcount leak in format_show() Refcount leak will happen when format_show returns failure in multiple cases. Unified management of of_node_put can fix this problem.

• CVE-2022-49112Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: mt76: fix monitor mode crash with sdio driver mt7921s driver may receive frames with fragment buffers. If there is a CTS packet received in monitor mode, the payload is 10 bytes only and need 6 bytes header pad

• CVE-2022-49111Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hci_send_acl This fixes the following trace caused by receiving HCI_EV_DISCONN_PHY_LINK_COMPLETE which does call hci_conn_del without first checking if conn->type is in fact AMP

• CVE-2022-49110Feb 26, 2025
  affected < 5.14.21-150500.55.103.1.150500.6.49.1fixed 5.14.21-150500.55.103.1.150500.6.49.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning as of commit 4608fdfc07e1 ("netfilter: conntrack: collect all entries in one cycle") conntrack gc was changed to run every 2 minutes. On systems where conntrack hash

• CVE-2022-49109Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode reference leakage in ceph_get_snapdir() The ceph_get_inode() will search for or insert a new inode into the hash for the given vino, and return a reference to it. If new is non-NULL, its referen

• CVE-2022-49107Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_readdir when note_last_dentry returns error Reset the last_readdir at the same time, and add a comment explaining why we don't free last_readdir when dir_emit returns false.

• CVE-2022-49106Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: staging: vchiq_arm: Avoid NULL ptr deref in vchiq_dump_platform_instances vchiq_get_state() can return a NULL pointer. So handle this cases and avoid a NULL pointer derefence in vchiq_dump_platform_instances.

• CVE-2022-49105Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: staging: wfx: fix an error handling in wfx_init_common() One error handler of wfx_init_common() return without calling ieee80211_free_hw(hw), which may result in memory leak. And I add one err label to unify th

• CVE-2022-49104Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: staging: vchiq_core: handle NULL result of find_service_by_handle In case of an invalid handle the function find_servive_by_handle returns NULL. So take care of this and avoid a NULL pointer dereference.

• CVE-2022-49103Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify() [You don't often get email from xiongx18@fudan.edu.cn. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification.] The referenc

• CVE-2022-49102Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix possible memory leak in MMU DR fini This patch fixes what seems to be copy paste error. We will have a memory leak if the host-resident shadow is NULL (which will likely happen as the DR and HR

• CVE-2022-49100Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an init