suse/kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP5-LTSS

Vulnerabilities (2,310)

• CVE-2022-49307Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() When the driver fails at alloc_hdlcdev(), and then we remove the driver module, we will get the following splat: [ 25.065966] general protection

• CVE-2022-49306Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: host: Stop setting the ACPI companion It is no longer needed. The sysdev pointer is now used when assigning the ACPI companions to the xHCI ports and USB devices. Assigning the ACPI companion here r

• CVE-2022-49305Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() There is a deadlock in ieee80211_beacons_stop(), which is shown below: (Thread 1) | (Thread 2)

• CVE-2022-49304Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: drivers: tty: serial: Fix deadlock in sa1100_set_termios() There is a deadlock in sa1100_set_termios(), which is shown below: (Thread 1) | (Thread 2) | sa1100_en

• CVE-2022-49302Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: USB: host: isp116x: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.

• CVE-2022-49301Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix uninit-value in usb_read8() and friends When r8712_usbctrl_vendorreq() returns negative, 'data' in usb_read{8,16,32} will not be initialized. BUG: KMSAN: uninit-value in string_nocheck li

• CVE-2022-49300Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between nbd_alloc_config() and module removal When nbd module is being removing, nbd_alloc_config() may be called concurrently by nbd_genl_connect(), although try_module_get() will return false, b

• CVE-2021-47659Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for format_count earlier While the check for format_count > 64 in __drm_universal_plane_init() shouldn't be hit (it's a WARN_ON), in its current position it will then leak the plane-

• CVE-2022-49298Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix uninit-value in r871xu_drv_init() When 'tmpU1b' returns from r8712_read8(padapter, EE_9346CR) is 0, 'mac[6]' will not be initialized. BUG: KMSAN: uninit-value in r871xu_drv_init+0x2d54/0x

• CVE-2022-49297Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for more than 368 seconds. Not tainted 5.18.0-rc3-next-20220422-00003-g217691551

• CVE-2022-49296Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: ceph: fix possible deadlock when holding Fwb to get inline_data 1, mount with wsync. 2, create a file with O_RDWR, and the request was sent to mds.0: ceph_atomic_open()--> ceph_mdsc_do_request(openc)

• CVE-2022-49295Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: nbd: call genl_unregister_family() first in nbd_cleanup() Otherwise there may be race between module removal and the handling of netlink command, which can lead to the oops as shown below: BUG: kernel NULL p

• CVE-2022-49294Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check if modulo is 0 before dividing. [How & Why] If a value of 0 is read, then this will cause a divide-by-0 panic.

• CVE-2022-49293Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: initialize registers in nft_do_chain() Initialize registers to avoid stack leak into userspace.

• CVE-2022-49292Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INT_MAX overflow at vmalloc() allocation that is called from snd_pcm_plug_alloc(). Although we apply the restrictions to input

• CVE-2022-49291Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent hw_params and hw_free calls Currently we have neither proper check nor protection against the concurrent calls of PCM hw_params and hw_free ioctls, which may result in a UA

• CVE-2022-49290Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: mac80211: fix potential double free on mesh join While commit 6a01afcf8468 ("mac80211: mesh: Free ie data when leaving mesh") fixed a memory leak on mesh leave / teardown it introduced a potential memory corrup

• CVE-2022-49288Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. Th

• CVE-2022-49287Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: tpm: fix reference counting for struct tpm_chip The following sequence of operations results in a refcount warning: 1. Open device /dev/tpmrm. 2. Remove module tpm_tis_spi. 3. Write a TPM command to the file d

• CVE-2022-49286Feb 26, 2025
  affected < 5.14.21-150500.55.100.1.150500.6.47.1fixed 5.14.21-150500.55.100.1.150500.6.47.1

  In the Linux kernel, the following vulnerability has been resolved: tpm: use try_get_ops() in tpm-space.c As part of the series conversion to remove nested TPM operations: https://lore.kernel.org/all/20190205224723.19671-1-jarkko.sakkinen@linux.intel.com/ exposure of the chip