rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Vulnerabilities (2,318)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50735 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76u_status_worker thread if the device is not running yet. KASAN: null-ptr-d | ||
| CVE-2022-50733 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitiali | ||
| CVE-2022-50732 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free. | ||
| CVE-2022-50731 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: * removed the default implementation from set_pub_key: it is assumed that an implementation must always have this callb | ||
| CVE-2022-50730 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be raced by the unwritten extents converting kworker after writeback some new alloc | ||
| CVE-2022-50728 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur | ||
| CVE-2022-50727 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efct_device_init() In efct_device_init(), when efct_scsi_reg_fc_transport() fails, efct_scsi_tgt_driver_exit() is not called to release memory for efct_scsi_tgt_driver_init() | ||
| CVE-2022-50726 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5_cmd_cleanup_async_ctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5_cmd_ | ||
| CVE-2022-50724 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulator_register() I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, of_node_get()/of_no | ||
| CVE-2022-50723 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: fix memory leak in bnxt_nvm_test() Free the kzalloc'ed buffer before returning in the success path. | ||
| CVE-2022-50722 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which on | ||
| CVE-2022-50719 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6_midi_transmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PO | ||
| CVE-2022-50718 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by | ||
| CVE-2022-50717 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds check to avoid out-of-bounds access. | ||
| CVE-2022-50716 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out syzkaller reported use-after-free with the stack trace like below [1]: [ 38.960489][ C3] ======================================================== | ||
| CVE-2022-50715 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdx_raid1 thread were not stop, Even if the associated resources have | ||
| CVE-2022-50714 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver reload test In insmod/rmmod stress test, the following crash dump shows up immediately. The problem is caused by missing mt76_dev in mt7921_pci_remove(). We should | ||
| CVE-2022-50712 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending: WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlink_region_sna | ||
| CVE-2025-68732 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no threa | ||
| CVE-2023-54042 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix VAS mm use after free The refcount on mm is dropped before the coprocessor is detached. |
- CVE-2022-50735Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76u_status_worker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76u_status_worker thread if the device is not running yet. KASAN: null-ptr-d
- CVE-2022-50733Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitiali
- CVE-2022-50732Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211_rx() We cannot dereference the "skb" pointer after calling ieee80211_monitor_rx(), because it is a use after free.
- CVE-2022-50731Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: * removed the default implementation from set_pub_key: it is assumed that an implementation must always have this callb
- CVE-2022-50730Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be raced by the unwritten extents converting kworker after writeback some new alloc
- CVE-2022-50728Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur
- CVE-2022-50727Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efct_device_init() In efct_device_init(), when efct_scsi_reg_fc_transport() fails, efct_scsi_tgt_driver_exit() is not called to release memory for efct_scsi_tgt_driver_init()
- CVE-2022-50726Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5_cmd_cleanup_async_ctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5_cmd_
- CVE-2022-50724Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulator_register() I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, of_node_get()/of_no
- CVE-2022-50723Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: fix memory leak in bnxt_nvm_test() Free the kzalloc'ed buffer before returning in the success path.
- CVE-2022-50722Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which on
- CVE-2022-50719Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6_midi_transmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PO
- CVE-2022-50718Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by
- CVE-2022-50717Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds check to avoid out-of-bounds access.
- CVE-2022-50716Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out syzkaller reported use-after-free with the stack trace like below [1]: [ 38.960489][ C3] ========================================================
- CVE-2022-50715Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdx_raid1 thread were not stop, Even if the associated resources have
- CVE-2022-50714Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver reload test In insmod/rmmod stress test, the following crash dump shows up immediately. The problem is caused by missing mt76_dev in mt7921_pci_remove(). We should
- CVE-2022-50712Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending: WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlink_region_sna
- CVE-2025-68732Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no threa
- CVE-2023-54042Dec 24, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix VAS mm use after free The refcount on mm is dropped before the coprocessor is detached.
Page 14 of 116