rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Vulnerabilities (2,318)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50878 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init() A NULL check for bridge->encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 i | ||
| CVE-2022-50876 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musb_gadget.c rxstate overflow bug The usb function device call musb_gadget_queue() adds the passed request to musb_ep::req_list,If the (request->length > musb_ep->packet_sz) and (is_buffer_mappe | ||
| CVE-2022-50873 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove In vp_vdpa_remove(), the code kfree(&vp_vdpa_mgtdev->mgtdev.id_table) uses a reference of pointer as the argument of kfree, which is the wrong pointer a | ||
| CVE-2022-50872 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtime_counter_init() The "sys_clk" resource is malloced by clk_get(), it is not released when the function return. | ||
| CVE-2022-50870 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entai | ||
| CVE-2022-50868 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also | ||
| CVE-2022-50867 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage adreno_show_object() is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree(). Which | ||
| CVE-2022-50866 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter() kasprintf() would return NULL pointer when kmalloc() fail to allocate. Need to check the return pointer before calling strcmp(). | ||
| CVE-2022-50864 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds due to too large exponent of block size If field s_log_block_size of superblock data is corrupted and too large, init_nilfs() and load_nilfs() still can trigger a shift-out-of-bo | ||
| CVE-2022-50862 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: prevent decl_tag from being referenced in func_proto Syzkaller was able to hit the following issue: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 3609 at kernel/bpf/btf.c:1946 btf_type_id_size | ||
| CVE-2022-50861 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdr_stream conversion inadvertently left some code that set the page_len of the send buffer. The XDR stream encoders should handle this automatically | ||
| CVE-2022-50860 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in alloc_ns() After changes in commit a1bd627b46d1 ("apparmor: share profile name on replacement"), the hname member of struct aa_policy is not valid slab object, but a subset of that, it | ||
| CVE-2022-50859 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message Commit d5c7076b772a ("smb3: add smb3.1.1 to default dialect list") extend the dialects from 3 to 4, but forget to decrease the extended length when | ||
| CVE-2022-50858 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash | ||
| CVE-2022-50856 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_ses_add_channel() Before return, should free the xid, otherwise, the xid will be leaked. | ||
| CVE-2022-50853 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a credential leak in _nfs4_discover_trunking() | ||
| CVE-2022-50851 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: fix the crash in unmap a large memory While testing in vIOMMU, sometimes Guest will unmap very large memory, which will cause the crash. To fix this, add a new function vhost_vdpa_general_unmap(). T | ||
| CVE-2022-50850 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in ipr_init() ipr_init() will not call unregister_reboot_notifier() when pci_register_driver() fails, which causes a WARNING. Call unregister_reboot_notifier() when pci_register_driver() | ||
| CVE-2022-50849 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP An oops can be induced by running 'cat /proc/kcore > /dev/null' on devices using pstore with the ram backend because kmap_atomic() assumes lowmem pages are | ||
| CVE-2022-50848 | — | < 5.14.21-150500.55.133.1 | 5.14.21-150500.55.133.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers: dio: fix possible memory leak in dio_init() If device_register() returns error, the 'dev' and name needs be freed. Add a release function, and then call put_device() in the error path, so the name is f |
- CVE-2022-50878Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init() A NULL check for bridge->encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 i
- CVE-2022-50876Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musb_gadget.c rxstate overflow bug The usb function device call musb_gadget_queue() adds the passed request to musb_ep::req_list,If the (request->length > musb_ep->packet_sz) and (is_buffer_mappe
- CVE-2022-50873Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove In vp_vdpa_remove(), the code kfree(&vp_vdpa_mgtdev->mgtdev.id_table) uses a reference of pointer as the argument of kfree, which is the wrong pointer a
- CVE-2022-50872Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtime_counter_init() The "sys_clk" resource is malloced by clk_get(), it is not released when the function return.
- CVE-2022-50870Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entai
- CVE-2022-50868Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also
- CVE-2022-50867Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage adreno_show_object() is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree(). Which
- CVE-2022-50866Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter() kasprintf() would return NULL pointer when kmalloc() fail to allocate. Need to check the return pointer before calling strcmp().
- CVE-2022-50864Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds due to too large exponent of block size If field s_log_block_size of superblock data is corrupted and too large, init_nilfs() and load_nilfs() still can trigger a shift-out-of-bo
- CVE-2022-50862Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: bpf: prevent decl_tag from being referenced in func_proto Syzkaller was able to hit the following issue: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 3609 at kernel/bpf/btf.c:1946 btf_type_id_size
- CVE-2022-50861Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdr_stream conversion inadvertently left some code that set the page_len of the send buffer. The XDR stream encoders should handle this automatically
- CVE-2022-50860Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in alloc_ns() After changes in commit a1bd627b46d1 ("apparmor: share profile name on replacement"), the hname member of struct aa_policy is not valid slab object, but a subset of that, it
- CVE-2022-50859Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message Commit d5c7076b772a ("smb3: add smb3.1.1 to default dialect list") extend the dialects from 3 to 4, but forget to decrease the extended length when
- CVE-2022-50858Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash
- CVE-2022-50856Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_ses_add_channel() Before return, should free the xid, otherwise, the xid will be leaked.
- CVE-2022-50853Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a credential leak in _nfs4_discover_trunking()
- CVE-2022-50851Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: fix the crash in unmap a large memory While testing in vIOMMU, sometimes Guest will unmap very large memory, which will cause the crash. To fix this, add a new function vhost_vdpa_general_unmap(). T
- CVE-2022-50850Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in ipr_init() ipr_init() will not call unregister_reboot_notifier() when pci_register_driver() fails, which causes a WARNING. Call unregister_reboot_notifier() when pci_register_driver()
- CVE-2022-50849Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP An oops can be induced by running 'cat /proc/kcore > /dev/null' on devices using pstore with the ram backend because kmap_atomic() assumes lowmem pages are
- CVE-2022-50848Dec 30, 2025affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1
In the Linux kernel, the following vulnerability has been resolved: drivers: dio: fix possible memory leak in dio_init() If device_register() returns error, the 'dev' and name needs be freed. Add a release function, and then call put_device() in the error path, so the name is f
Page 7 of 116