rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (1,468)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49414 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4_write and ext4_convert_inline_data Hulk Robot reported a BUG_ON: ================================================================== EXT4-fs error (device loop3): ext4_mb_ | ||
| CVE-2022-49413 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different cgroup (or in case of writeback just starts submitting bios associated with a different cgroup) bfq_merge_bio() can | ||
| CVE-2022-49411 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgroup that was already offlined. This may then cause insertion of this bfq_group into | ||
| CVE-2022-49410 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential double free in create_var_ref() In create_var_ref(), init_var_ref() is called to initialize the fields of variable ref_field, which is allocated in the previous function call to create_hi | ||
| CVE-2022-49409 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/extents_status.c:199! [...] RIP: 0010:ext4_es_end fs/e | ||
| CVE-2022-49404 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. This is because the conversion is done | ||
| CVE-2022-49402 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash direct_functions on register failures We see the following GPF when register_ftrace_direct fails: [ ] general protection fault, probably for non-canonical address \ 0x200000000000010: 0 | ||
| CVE-2022-49399 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Use tty_port_destroy() to destroy port In goldfish_tty_probe(), the port initialized through tty_port_init() should be destroyed in error paths.In goldfish_tty_remove(), qtty->port also should be | ||
| CVE-2022-49398 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback The list_for_each_entry_safe() macro saves the current item (n) and the item after (n+1), so that n can be safely removed without corrupti | ||
| CVE-2022-49397 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error (e.g. probe deferral). | ||
| CVE-2022-49396 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error (e.g. probe deferral). Note that due to the reset controller being defined | ||
| CVE-2022-49394 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. As this tracking can be expensive, it is disabled when no cgroup has iolatenc | ||
| CVE-2022-49389 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stub_probe() usb_get_dev() is called in stub_device_alloc(). When stub_probe() fails after that, usb_put_dev() needs to be called to release the reference. Fix this by moving | ||
| CVE-2022-49385 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driver_attach failed When driver_attach(drv); failed, the driver_private will be freed. But it has been added to the bus, which caused a UAF. To fix it, we need to delete it from the | ||
| CVE-2022-49382 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: rockchip: Fix refcount leak in rockchip_grf_init of_find_matching_node_and_match returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to | ||
| CVE-2022-49376 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix potential NULL pointer dereference If sd_probe() sees an early error before sdkp->device is initialized, sd_zbc_release_disk() is called. This causes a NULL pointer dereference when sd_is_zoned() | ||
| CVE-2022-49375 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. | ||
| CVE-2022-49373 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() in some e | ||
| CVE-2022-49371 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in __device_attach In __device_attach function, The lock holding logic is as follows: ... __device_attach device_lock(dev) // get lock dev async_schedule_dev(__device_attach_asy | ||
| CVE-2022-49370 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add() If this function returns an error, |
- CVE-2022-49414Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4_write and ext4_convert_inline_data Hulk Robot reported a BUG_ON: ================================================================== EXT4-fs error (device loop3): ext4_mb_
- CVE-2022-49413Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different cgroup (or in case of writeback just starts submitting bios associated with a different cgroup) bfq_merge_bio() can
- CVE-2022-49411Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgroup that was already offlined. This may then cause insertion of this bfq_group into
- CVE-2022-49410Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential double free in create_var_ref() In create_var_ref(), init_var_ref() is called to initialize the fields of variable ref_field, which is allocated in the previous function call to create_hi
- CVE-2022-49409Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/extents_status.c:199! [...] RIP: 0010:ext4_es_end fs/e
- CVE-2022-49404Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. This is because the conversion is done
- CVE-2022-49402Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash direct_functions on register failures We see the following GPF when register_ftrace_direct fails: [ ] general protection fault, probably for non-canonical address \ 0x200000000000010: 0
- CVE-2022-49399Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Use tty_port_destroy() to destroy port In goldfish_tty_probe(), the port initialized through tty_port_init() should be destroyed in error paths.In goldfish_tty_remove(), qtty->port also should be
- CVE-2022-49398Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback The list_for_each_entry_safe() macro saves the current item (n) and the item after (n+1), so that n can be safely removed without corrupti
- CVE-2022-49397Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error (e.g. probe deferral).
- CVE-2022-49396Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error (e.g. probe deferral). Note that due to the reset controller being defined
- CVE-2022-49394Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. As this tracking can be expensive, it is disabled when no cgroup has iolatenc
- CVE-2022-49389Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stub_probe() usb_get_dev() is called in stub_device_alloc(). When stub_probe() fails after that, usb_put_dev() needs to be called to release the reference. Fix this by moving
- CVE-2022-49385Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driver_attach failed When driver_attach(drv); failed, the driver_private will be freed. But it has been added to the bus, which caused a UAF. To fix it, we need to delete it from the
- CVE-2022-49382Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: soc: rockchip: Fix refcount leak in rockchip_grf_init of_find_matching_node_and_match returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to
- CVE-2022-49376Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix potential NULL pointer dereference If sd_probe() sees an early error before sdkp->device is initialized, sd_zbc_release_disk() is called. This causes a NULL pointer dereference when sd_is_zoned()
- CVE-2022-49375Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.
- CVE-2022-49373Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() in some e
- CVE-2022-49371Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in __device_attach In __device_attach function, The lock holding logic is as follows: ... __device_attach device_lock(dev) // get lock dev async_schedule_dev(__device_attach_asy
- CVE-2022-49370Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add() If this function returns an error,
Page 22 of 74