rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.3
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
Vulnerabilities (3,027)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49084 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qede_build_skb() assumes build_skb() always works and goes straight to skb_reserve(). However, build_skb() can fail under memory pressure. This results in a kernel pa | ||
| CVE-2022-49083 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix regression in probe for NULL pointer dereference Commit 3f6634d997db ("iommu: Use right way to retrieve iommu_ops") started triggering a NULL pointer dereference for some omap variants: __iommu | ||
| CVE-2022-49082 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() The function mpt3sas_transport_port_remove() called in _scsih_expander_node_remove() frees the port field of the sas_expander structure, leadin | ||
| CVE-2022-49080 | — | < 5.14.21-150400.24.153.1.150400.24.76.1 | 5.14.21-150400.24.153.1.150400.24.76.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized | ||
| CVE-2022-49078 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corn | ||
| CVE-2022-49076 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix use-after-free bug for mm struct Under certain conditions, such as MPI_Abort, the hfi1 cleanup code may represent the last reference held on the task mm. hfi1_mmu_rb_unregister() then drops the l | ||
| CVE-2022-49074 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix GICR_CTLR.RWP polling It turns out that our polling of RWP is totally wrong when checking for it in the redistributors, as we test the *distributor* bit index, whereas it is a different bit | ||
| CVE-2022-49073 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ata: sata_dwc_460ex: Fix crash due to OOB write the driver uses libata's "tag" values from in various arrays. Since the mentioned patch bumped the ATA_TAG_INTERNAL to 32, the value of the SATA_DWC_QCMD_MAX need | ||
| CVE-2022-49066 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with act_mirred, skb_headlen() may be 0. But veth_xmit() calls __dev_forward_skb(), which expects at least ET | ||
| CVE-2022-49065 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svc_deferred_event trace class Fix a NULL deref crash that occurs when an svc_rqst is deferred while the sunrpc tracing subsystem is enabled. svc_revisit() sets dr->xprt to NULL, so it can't be | ||
| CVE-2022-49063 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: arfs: fix use-after-free when freeing @rx_cpu_rmap The CI testing bots triggered the following splat: [ 718.203054] BUG: KASAN: use-after-free in free_irq_cpu_rmap+0x53/0x80 [ 718.206349] Read of size 4 | ||
| CVE-2022-49061 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link When using a fixed-link, the altr_tse_pcs driver crashes due to null-pointer dereference as no phy_device is provided to tse_pcs_fix_mac_ | ||
| CVE-2022-49060 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() dev_name() was called with dev.parent as argument but without to NULL-check it before. Solve this by checking the pointer before the call to dev_name( | ||
| CVE-2022-49059 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flush_workqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed m | ||
| CVE-2022-49058 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' too small (16 vs u32max) It's caused be | ||
| CVE-2022-49055 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for potential null return of kmalloc_array() As the kmalloc_array() may return null, the 'event_waiters[i].wait' would lead to null-pointer dereference. Therefore, it is better to check the re | ||
| CVE-2022-49054 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Deactivate sysctl_record_panic_msg by default in isolated guests hv_panic_page might contain guest-sensitive information, do not dump it over to Hyper-V by default in isolated guests. While | ||
| CVE-2022-49053 | — | < 5.14.21-150400.24.161.1.150400.24.80.1 | 5.14.21-150400.24.161.1.150400.24.80.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th | ||
| CVE-2022-49051 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111_rx_fixup() contains several out-of-bounds accesses that can be triggered by a malicious (or defective) USB device, in particular: - The metadata | ||
| CVE-2022-49050 | — | < 5.14.21-150400.24.158.1.150400.24.78.1 | 5.14.21-150400.24.158.1.150400.24.78.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: memory: renesas-rpc-if: fix platform-device leak in error path Make sure to free the flash platform device in the event that registration fails during probe. |
- CVE-2022-49084Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qede_build_skb() assumes build_skb() always works and goes straight to skb_reserve(). However, build_skb() can fail under memory pressure. This results in a kernel pa
- CVE-2022-49083Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix regression in probe for NULL pointer dereference Commit 3f6634d997db ("iommu: Use right way to retrieve iommu_ops") started triggering a NULL pointer dereference for some omap variants: __iommu
- CVE-2022-49082Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() The function mpt3sas_transport_port_remove() called in _scsih_expander_node_remove() frees the port field of the sas_expander structure, leadin
- CVE-2022-49080Feb 26, 2025affected < 5.14.21-150400.24.153.1.150400.24.76.1fixed 5.14.21-150400.24.153.1.150400.24.76.1
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized
- CVE-2022-49078Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corn
- CVE-2022-49076Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix use-after-free bug for mm struct Under certain conditions, such as MPI_Abort, the hfi1 cleanup code may represent the last reference held on the task mm. hfi1_mmu_rb_unregister() then drops the l
- CVE-2022-49074Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix GICR_CTLR.RWP polling It turns out that our polling of RWP is totally wrong when checking for it in the redistributors, as we test the *distributor* bit index, whereas it is a different bit
- CVE-2022-49073Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: ata: sata_dwc_460ex: Fix crash due to OOB write the driver uses libata's "tag" values from in various arrays. Since the mentioned patch bumped the ATA_TAG_INTERNAL to 32, the value of the SATA_DWC_QCMD_MAX need
- CVE-2022-49066Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with act_mirred, skb_headlen() may be 0. But veth_xmit() calls __dev_forward_skb(), which expects at least ET
- CVE-2022-49065Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svc_deferred_event trace class Fix a NULL deref crash that occurs when an svc_rqst is deferred while the sunrpc tracing subsystem is enabled. svc_revisit() sets dr->xprt to NULL, so it can't be
- CVE-2022-49063Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: ice: arfs: fix use-after-free when freeing @rx_cpu_rmap The CI testing bots triggered the following splat: [ 718.203054] BUG: KASAN: use-after-free in free_irq_cpu_rmap+0x53/0x80 [ 718.206349] Read of size 4
- CVE-2022-49061Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link When using a fixed-link, the altr_tse_pcs driver crashes due to null-pointer dereference as no phy_device is provided to tse_pcs_fix_mac_
- CVE-2022-49060Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() dev_name() was called with dev.parent as argument but without to NULL-check it before. Solve this by checking the pointer before the call to dev_name(
- CVE-2022-49059Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flush_workqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed m
- CVE-2022-49058Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' too small (16 vs u32max) It's caused be
- CVE-2022-49055Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for potential null return of kmalloc_array() As the kmalloc_array() may return null, the 'event_waiters[i].wait' would lead to null-pointer dereference. Therefore, it is better to check the re
- CVE-2022-49054Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Deactivate sysctl_record_panic_msg by default in isolated guests hv_panic_page might contain guest-sensitive information, do not dump it over to Hyper-V by default in isolated guests. While
- CVE-2022-49053Feb 26, 2025affected < 5.14.21-150400.24.161.1.150400.24.80.1fixed 5.14.21-150400.24.161.1.150400.24.80.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th
- CVE-2022-49051Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111_rx_fixup() contains several out-of-bounds accesses that can be triggered by a malicious (or defective) USB device, in particular: - The metadata
- CVE-2022-49050Feb 26, 2025affected < 5.14.21-150400.24.158.1.150400.24.78.1fixed 5.14.21-150400.24.158.1.150400.24.78.1
In the Linux kernel, the following vulnerability has been resolved: memory: renesas-rpc-if: fix platform-device leak in error path Make sure to free the flash platform device in the event that registration fails during probe.
Page 87 of 152