suse/kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

Vulnerabilities (2,310)

• CVE-2022-50572Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() The of_get_next_child() returns a node with refcount incremented, and decrements the refcount of prev. So in the error path of the

• CVE-2022-50570Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "s_mem.bytes" is larger than the buffer size it leads to memory corruption.

• CVE-2022-50568Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_hid: fix f_hidg lifetime vs cdev The embedded struct cdev does not have its lifetime correctly tied to the enclosing struct f_hidg, so there is a use-after-free if /dev/hidgN is held open while t

• CVE-2022-50567Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug is the missing check of bmp->db_agl2size. The field can be greater than 64 and tr

• CVE-2022-50566Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in add_mtd_device() There is a kmemleak when register device failed: unreferenced object 0xffff888101aab550 (size 8): comm "insmod", pid 3922, jiffies

• CVE-2022-50564Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: s390/netiucv: Fix return type of netiucv_tx() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur

• CVE-2022-50563Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in run_timer_softirq() When dm_resume() and dm_destroy() are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in __run_timers+0x173/0x710 Write of size 8 at addr ffff8

• CVE-2022-50562Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpi_put_table() to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpi_get_table() to get the ACPI information, but the acpi_get_tab

• CVE-2022-50561Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: iio: fix memory leak in iio_device_register_eventset() When iio_device_register_sysfs_group() returns failed, iio_device_register_eventset() needs to free attrs array. Otherwise, kmemleak would scan & report m

• CVE-2022-50560Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: drm/meson: explicitly remove aggregate driver at module unload time Because component_master_del wasn't being called when unloading the meson_drm module, the aggregate device would linger forever in the global

• CVE-2022-50559Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platform_device_add() fails No error handling is performed when platform_device_add() fails. Add error processing before return, and modified the return value.

• CVE-2022-50556Oct 22, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmm_mode_config_init() drmm_mode_config_init() will call drm_mode_create_standard_properties() and won't check the ret value. When drm_mode_create_standard_properties()

• CVE-2025-39981Oct 15, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible UAFs This attemps to fix possible UAFs caused by struct mgmt_pending being freed while still being processed like in the following trace, in order to fix mgmt_pending_valid is intr

• CVE-2025-39978Oct 15, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() This code calls kfree_rcu(new_node, rcu) and then dereferences "new_node" and then dereferences it on the next line. Two lines later, we take a

• CVE-2025-39977Oct 15, 2025
  affected < 5.14.21-150500.55.133.1.150500.6.65.1fixed 5.14.21-150500.55.133.1.150500.6.65.1

  In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_do_wait() schedule()

• CVE-2025-39973Oct 15, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introdu

• CVE-2025-39968Oct 15, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: i40e: add max boundary check for VF filters There is no check for max filters that VF can request. Add it.

• CVE-2025-39967Oct 15, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcon_do_set_font Fix integer overflow vulnerabilities in fbcon_do_set_font() where font size calculations could overflow when handling user-controlled font parameters. The vulne

• CVE-2025-39965Oct 13, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI x->id.spi == 0 means "no SPI assigned", but since commit 94f39804d891 ("xfrm: Duplicate SPI Handling"), we now create states and add them to the byspi list with this

• CVE-2023-53673HigOct 7, 2025
  affected < 5.14.21-150500.55.127.1.150500.6.61.1fixed 5.14.21-150500.55.127.1.150500.6.61.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In hci_cs_disconnect, we do hci_conn_del even if disconnection failed. ISO, L2CAP and SCO connections refer to the hci_conn without hci_conn_