rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
Vulnerabilities (2,830)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48942 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a sensor with a thermal zone and it fails, the call to devm_thermal_zone_of_sensor_register() may return -ENODEV. Th | ||
| CVE-2022-48925 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.src_addr outside state checks If the state is not idle then resolve_prepare_src() should immediately fail and no change to global state should happen. However, it unconditiona | ||
| CVE-2022-48924 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: fix memory leak in int3400_notify() It is easy to hit the below memory leaks in my TigerLake platform: unreferenced object 0xffff927c8b91dbc0 (size 32): comm "kworker/0:2", pid 112, jiffies | ||
| CVE-2022-48923 | — | < 5.14.21-150400.24.136.1 | 5.14.21-150400.24.136.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memory we have allocated for buffer. This will cause memcpy in copy_compressed_segment to write o | ||
| CVE-2022-48921 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix fault in reweight_entity Syzbot found a GPF in reweight_entity. This has been bisected to commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an invalid sched_task_group") There is a ra | ||
| CVE-2022-48919 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call deactivate_locked_super() which eventually will call delayed_free() which will free | ||
| CVE-2022-48918 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: check debugfs_dir ptr before use When "debugfs=off" is used on the kernel command line, iwiwifi's mvm module uses an invalid/unchecked debugfs_dir pointer and causes a BUG: BUG: kernel NULL poin | ||
| CVE-2022-48916 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double list_add when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform (Sapphire Rapids | ||
| CVE-2022-48915 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix TZ_GET_TRIP NULL pointer dereference Do not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if the thermal zone does not define one. | ||
| CVE-2022-48914 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before real_num_tx_queues is zeroed xennet_destroy_queues() relies on info->netdev->real_num_tx_queues to delete queues. Since d7dac083414eb5bb99a6d2ed53dc2c1b405224e5 ("net-sysfs: | ||
| CVE-2022-48913 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: blktrace: fix use after free for struct blk_trace When tracing the whole disk, 'dropped' and 'msg' will be created under 'q->debugfs_dir' and 'bt->dir' is NULL, thus blk_trace_free() won't remove those files. W | ||
| CVE-2022-48912 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not dereference @new_hooks after nf_hook_mutex has been released, because other threads might have freed our allocated hooks already. BUG: KASA | ||
| CVE-2022-48911 | — | < 5.14.21-150400.24.136.1 | 5.14.21-150400.24.136.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet | ||
| CVE-2022-48909 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence : smc_release smc_connect_work if (sk->sk_state == SMC_INIT) send_clc_confirim tcp_abort(); ... | ||
| CVE-2022-48907 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: auxdisplay: lcd2s: Fix memory leak in ->remove() Once allocated the struct lcd2s_data is never freed. Fix the memory leak by switching to devm_kzalloc(). | ||
| CVE-2022-48905 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: ibmvnic: free reset-work-item when flushing Fix a tiny memory leak when flushing the reset work queue. | ||
| CVE-2022-48904 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix I/O page table memory leak The current logic updates the I/O page table mode for the domain before calling the logic to free memory used for the page table. This results in IOMMU page table memor | ||
| CVE-2022-48903 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix relocation crash due to premature return from btrfs_commit_transaction() We are seeing crashes similar to the following trace: [38.969182] WARNING: CPU: 20 PID: 2105 at fs/btrfs/relocation.c:4070 bt | ||
| CVE-2021-4441 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() In zynq_qspi_exec_mem_op(), kzalloc() is directly used in memset(), which could lead to a NULL pointer dereference on failure of kza | ||
| CVE-2023-52911 | — | < 5.14.21-150400.24.133.1 | 5.14.21-150400.24.133.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: another fix for the headless Adreno GPU Fix another oops reproducible when rebooting the board with the Adreno GPU working in the headless mode (e.g. iMX platforms). Unable to handle kernel NULL point |
- CVE-2022-48942Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a sensor with a thermal zone and it fails, the call to devm_thermal_zone_of_sensor_register() may return -ENODEV. Th
- CVE-2022-48925Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.src_addr outside state checks If the state is not idle then resolve_prepare_src() should immediately fail and no change to global state should happen. However, it unconditiona
- CVE-2022-48924Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: fix memory leak in int3400_notify() It is easy to hit the below memory leaks in my TigerLake platform: unreferenced object 0xffff927c8b91dbc0 (size 32): comm "kworker/0:2", pid 112, jiffies
- CVE-2022-48923Aug 22, 2024affected < 5.14.21-150400.24.136.1fixed 5.14.21-150400.24.136.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memory we have allocated for buffer. This will cause memcpy in copy_compressed_segment to write o
- CVE-2022-48921Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix fault in reweight_entity Syzbot found a GPF in reweight_entity. This has been bisected to commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an invalid sched_task_group") There is a ra
- CVE-2022-48919Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call deactivate_locked_super() which eventually will call delayed_free() which will free
- CVE-2022-48918Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: check debugfs_dir ptr before use When "debugfs=off" is used on the kernel command line, iwiwifi's mvm module uses an invalid/unchecked debugfs_dir pointer and causes a BUG: BUG: kernel NULL poin
- CVE-2022-48916Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double list_add when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform (Sapphire Rapids
- CVE-2022-48915Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix TZ_GET_TRIP NULL pointer dereference Do not call get_trip_hyst() from thermal_genl_cmd_tz_get_trip() if the thermal zone does not define one.
- CVE-2022-48914Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before real_num_tx_queues is zeroed xennet_destroy_queues() relies on info->netdev->real_num_tx_queues to delete queues. Since d7dac083414eb5bb99a6d2ed53dc2c1b405224e5 ("net-sysfs:
- CVE-2022-48913Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix use after free for struct blk_trace When tracing the whole disk, 'dropped' and 'msg' will be created under 'q->debugfs_dir' and 'bt->dir' is NULL, thus blk_trace_free() won't remove those files. W
- CVE-2022-48912Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not dereference @new_hooks after nf_hook_mutex has been released, because other threads might have freed our allocated hooks already. BUG: KASA
- CVE-2022-48911Aug 22, 2024affected < 5.14.21-150400.24.136.1fixed 5.14.21-150400.24.136.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet
- CVE-2022-48909Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence : smc_release smc_connect_work if (sk->sk_state == SMC_INIT) send_clc_confirim tcp_abort(); ...
- CVE-2022-48907Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: auxdisplay: lcd2s: Fix memory leak in ->remove() Once allocated the struct lcd2s_data is never freed. Fix the memory leak by switching to devm_kzalloc().
- CVE-2022-48905Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: free reset-work-item when flushing Fix a tiny memory leak when flushing the reset work queue.
- CVE-2022-48904Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix I/O page table memory leak The current logic updates the I/O page table mode for the domain before calling the logic to free memory used for the page table. This results in IOMMU page table memor
- CVE-2022-48903Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix relocation crash due to premature return from btrfs_commit_transaction() We are seeing crashes similar to the following trace: [38.969182] WARNING: CPU: 20 PID: 2105 at fs/btrfs/relocation.c:4070 bt
- CVE-2021-4441Aug 22, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() In zynq_qspi_exec_mem_op(), kzalloc() is directly used in memset(), which could lead to a NULL pointer dereference on failure of kza
- CVE-2023-52911Aug 21, 2024affected < 5.14.21-150400.24.133.1fixed 5.14.21-150400.24.133.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm: another fix for the headless Adreno GPU Fix another oops reproducible when rebooting the board with the Adreno GPU working in the headless mode (e.g. iMX platforms). Unable to handle kernel NULL point
Page 99 of 142