rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Vulnerabilities (2,318)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53830 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmi_setting(), the result has to be freed using kfree(). In current_value_show() however, malformed item | ||
| CVE-2023-53828 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() KSAN reports use-after-free in hci_add_adv_monitor(). While adding an adv monitor, hci_add_adv_monitor() calls -> msft_add_mon | ||
| CVE-2023-53827 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Similar to commit d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"), just use l2cap_chan_hold_unless_zero to preve | ||
| CVE-2023-53820 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: loop: loop_set_status_from_info() check before assignment In loop_set_status_from_info(), lo->lo_offset and lo->lo_sizelimit should be checked before reassignment, because if an overflow error occurs, the origi | ||
| CVE-2022-50679 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix DMA mappings leak During reallocation of RX buffers, new DMA mappings are created for those buffers. steps for reproduction: while : do for ((i=0; i<=8160; i=i+32)) do ethtool -G enp130s0f0 rx $i tx | ||
| CVE-2022-50678 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when enabling SCAN log level The variable i is changed when setting random MAC address and causes invalid address access when printing the value of pi->reqs[i]->reqid. | ||
| CVE-2022-50677 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipmi: fix use after free in _ipmi_destroy_user() The intf_free() function frees the "intf" pointer so we cannot dereference it again on the next line. | ||
| CVE-2022-50675 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored Prior to commit 69e3b846d8a7 ("arm64: mte: Sync tags for pages where PTE is untagged"), mte_sync_tags() was only called for pte_tagged() en | ||
| CVE-2022-50673 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_orphan_cleanup I caught a issue as follows: ================================================================== BUG: KASAN: use-after-free in __list_add_valid+0x28/0x1a0 Read o | ||
| CVE-2022-50672 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while device_register() fails If device_register() fails, it has two issues: 1. The name allocated by dev_set_name() is leaked. 2. The parent of device is not NULL, device_ | ||
| CVE-2022-50671 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix "kernel NULL pointer dereference" error When rxe_queue_init in the function rxe_qp_init_req fails, both qp->req.task.func and qp->req.task.arg are not initialized. Because of creation of qp fails | ||
| CVE-2022-50670 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: omap_hsmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. | ||
| CVE-2022-50669 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible name leak in ocxl_file_register_afu() If device_register() returns error in ocxl_file_register_afu(), the name allocated by dev_set_name() need be freed. As comment of device_register() | ||
| CVE-2022-50668 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4_xattr_block_set() where we constantly keep finding xattr block for reuse in mbca | ||
| CVE-2022-50667 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl() If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which lea | ||
| CVE-2022-50666 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siw | ||
| CVE-2022-50665 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix failed to find the peer with peer_id 0 when disconnected It has a fail log which is ath11k_dbg in ath11k_dp_rx_process_mon_status(), as below, it will not print when debug_mask is not set ATH1 | ||
| CVE-2022-50664 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: fix leak of memory fw | ||
| CVE-2022-50662 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: fix memory leak in hns_roce_alloc_mr() When hns_roce_mr_enable() failed in hns_roce_alloc_mr(), mr_key is not released. Compiled test only. | ||
| CVE-2022-50661 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 9, 2025 | In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. Our syzbot instance reported memory leaks in do_seccomp() [0], similar to the report [1]. It shows that we miss freeing struct seccomp_filter and some objects i |
- CVE-2023-53830Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmi_setting(), the result has to be freed using kfree(). In current_value_show() however, malformed item
- CVE-2023-53828Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() KSAN reports use-after-free in hci_add_adv_monitor(). While adding an adv monitor, hci_add_adv_monitor() calls -> msft_add_mon
- CVE-2023-53827Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Similar to commit d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"), just use l2cap_chan_hold_unless_zero to preve
- CVE-2023-53820Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: loop: loop_set_status_from_info() check before assignment In loop_set_status_from_info(), lo->lo_offset and lo->lo_sizelimit should be checked before reassignment, because if an overflow error occurs, the origi
- CVE-2022-50679Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix DMA mappings leak During reallocation of RX buffers, new DMA mappings are created for those buffers. steps for reproduction: while : do for ((i=0; i<=8160; i=i+32)) do ethtool -G enp130s0f0 rx $i tx
- CVE-2022-50678Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when enabling SCAN log level The variable i is changed when setting random MAC address and causes invalid address access when printing the value of pi->reqs[i]->reqid.
- CVE-2022-50677Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: ipmi: fix use after free in _ipmi_destroy_user() The intf_free() function frees the "intf" pointer so we cannot dereference it again on the next line.
- CVE-2022-50675Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored Prior to commit 69e3b846d8a7 ("arm64: mte: Sync tags for pages where PTE is untagged"), mte_sync_tags() was only called for pte_tagged() en
- CVE-2022-50673Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_orphan_cleanup I caught a issue as follows: ================================================================== BUG: KASAN: use-after-free in __list_add_valid+0x28/0x1a0 Read o
- CVE-2022-50672Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while device_register() fails If device_register() fails, it has two issues: 1. The name allocated by dev_set_name() is leaked. 2. The parent of device is not NULL, device_
- CVE-2022-50671Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix "kernel NULL pointer dereference" error When rxe_queue_init in the function rxe_qp_init_req fails, both qp->req.task.func and qp->req.task.arg are not initialized. Because of creation of qp fails
- CVE-2022-50670Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: mmc: omap_hsmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2.
- CVE-2022-50669Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible name leak in ocxl_file_register_afu() If device_register() returns error in ocxl_file_register_afu(), the name allocated by dev_set_name() need be freed. As comment of device_register()
- CVE-2022-50668Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4_xattr_block_set() where we constantly keep finding xattr block for reuse in mbca
- CVE-2022-50667Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl() If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which lea
- CVE-2022-50666Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siw
- CVE-2022-50665Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix failed to find the peer with peer_id 0 when disconnected It has a fail log which is ath11k_dbg in ath11k_dp_rx_process_mon_status(), as below, it will not print when debug_mask is not set ATH1
- CVE-2022-50664Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: fix leak of memory fw
- CVE-2022-50662Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: fix memory leak in hns_roce_alloc_mr() When hns_roce_mr_enable() failed in hns_roce_alloc_mr(), mr_key is not released. Compiled test only.
- CVE-2022-50661Dec 9, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. Our syzbot instance reported memory leaks in do_seccomp() [0], similar to the report [1]. It shows that we miss freeing struct seccomp_filter and some objects i
Page 18 of 116