VYPR

rpm package

suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3

pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3

Vulnerabilities (1,468)

  • CVE-2022-50030Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, l

  • CVE-2022-50029Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gcc_sleep_clk_src Once the usb sleep clocks are disabled, clock framework is trying to disable the sleep clock source also. However, it seems that it cannot be disabled and try

  • CVE-2022-50028Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: gadgetfs: ep_io - wait until IRQ finishes after usb_ep_queue() if wait_for_completion_interruptible() is interrupted we need to wait until IRQ gets finished. Otherwise complete() from epio_complete() can corru

  • CVE-2022-50027Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfc_sli4_issue_wqe fails to issue the CMF WQE in lpfc_issue_cmf_sync_wqe. If ret_val is non-zero, t

  • CVE-2022-50022Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: drivers:md:fix a potential use-after-free bug In line 2884, "raid5_release_stripe(sh);" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines 2886 "if (sh->batch_h

  • CVE-2022-50020Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in

  • CVE-2022-50019Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: tty: serial: Fix refcount leak bug in ucc_uart.c In soc_info(), of_find_node_by_type() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore.

  • CVE-2022-50012Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parse_early_param() On 64-bit, calling jump_label_init() in setup_feature_keys() is too late because static keys may be used in subroutines of parse_early_param() which is ag

  • CVE-2022-50010Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740_calc_vclk() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug. If the

  • CVE-2022-49993Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loop_config is passed (see lo_ioctl()'s case on line 1550 of drivers/block

  • CVE-2022-49990Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: s390: fix double free of GS and RI CBs on fork() failure The pointers for guarded storage and runtime instrumentation control blocks are stored in the thread_struct of the associated task. These pointers are in

  • CVE-2022-49989Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix error exit of privcmd_ioctl_dm_op() The error exit of privcmd_ioctl_dm_op() is calling unlock_pages() potentially with pages being NULL, leading to a NULL dereference. Additionally lock_pages(

  • CVE-2022-49987Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: md: call __md_stop_writes in md_stop From the link [1], we can see raid1d was running even after the path raid_dtr -> md_stop -> __md_stop. Let's stop write first in destructor to align with normal md-raid to

  • CVE-2022-49986Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq storvsc_error_wq workqueue should not be marked as WQ_MEM_RECLAIM as it doesn't need to make forward progress under memory pressure. Marking this work

  • CVE-2022-49985Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnum_range on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-

  • CVE-2022-49984Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report It is possible for a malicious device to forgo submitting a Feature Report. The HID Steam driver presently makes no prevision for this a

  • CVE-2022-49981Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix memory leak in hidraw_release() Free the buffered reports before deleting the list entry. BUG: memory leak unreferenced object 0xffff88810e72f180 (size 32): comm "softirq", pid 0, jiffies 42

  • CVE-2022-49980Jun 18, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usb_udc_uevent() The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug: --------------------------

  • CVE-2022-49978Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: fbdev: fb_pm2fb: Avoid potential divide by zero error In `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be copied from user, then go through `fb_set_var()` and `info->fbops->fb_check_var()`

  • CVE-2022-49977Jun 18, 2025
    affected < 5.3.18-150300.59.211.1fixed 5.3.18-150300.59.211.1

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead ftrace_startup does not remove ops from ftrace_ops_list when ftrace_startup_enable fails: register_ftrace_function ftrace_star

Page 11 of 74