rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (1,468)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49100 | Med | 5.5 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an init | |
| CVE-2022-49098 | Med | 5.5 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as modul | |
| CVE-2022-49095 | Med | 5.5 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() The error handling path of the probe releases a resource that is not freed in the remove function. In some cases, a ioremap() must be undone. Add th | |
| CVE-2022-49091 | Med | 5.5 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/imx: Fix memory leak in imx_pd_connector_get_modes Avoid leaking the display mode variable if of_get_drm_display_mode fails. Addresses-Coverity-ID: 1443943 ("Resource leak") | |
| CVE-2022-49085 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in get_initial_state In get_initial_state, it calls notify_initial_state_done(skb,..) if cb->args[5]==1. If genlmsg_put() failed in notify_initial_state_done(), the skb will b | |
| CVE-2022-49083 | Med | 5.5 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix regression in probe for NULL pointer dereference Commit 3f6634d997db ("iommu: Use right way to retrieve iommu_ops") started triggering a NULL pointer dereference for some omap variants: __iommu | |
| CVE-2022-49082 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() The function mpt3sas_transport_port_remove() called in _scsih_expander_node_remove() frees the port field of the sas_expander structure, leadin | |
| CVE-2022-49080 | Med | 5.5 | < 5.3.18-150300.59.198.1 | 5.3.18-150300.59.198.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized | |
| CVE-2022-49078 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corn | |
| CVE-2022-49076 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix use-after-free bug for mm struct Under certain conditions, such as MPI_Abort, the hfi1 cleanup code may represent the last reference held on the task mm. hfi1_mmu_rb_unregister() then drops the l | |
| CVE-2022-49073 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ata: sata_dwc_460ex: Fix crash due to OOB write the driver uses libata's "tag" values from in various arrays. Since the mentioned patch bumped the ATA_TAG_INTERNAL to 32, the value of the SATA_DWC_QCMD_MAX need | |
| CVE-2022-49065 | Med | 5.5 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svc_deferred_event trace class Fix a NULL deref crash that occurs when an svc_rqst is deferred while the sunrpc tracing subsystem is enabled. svc_revisit() sets dr->xprt to NULL, so it can't be | |
| CVE-2022-49063 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ice: arfs: fix use-after-free when freeing @rx_cpu_rmap The CI testing bots triggered the following splat: [ 718.203054] BUG: KASAN: use-after-free in free_irq_cpu_rmap+0x53/0x80 [ 718.206349] Read of size 4 | |
| CVE-2022-49059 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flush_workqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed m | |
| CVE-2022-49058 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' too small (16 vs u32max) It's caused be | |
| CVE-2022-49055 | Med | 5.5 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for potential null return of kmalloc_array() As the kmalloc_array() may return null, the 'event_waiters[i].wait' would lead to null-pointer dereference. Therefore, it is better to check the re | |
| CVE-2022-49053 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th | |
| CVE-2022-49051 | Med | 6.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111_rx_fixup() contains several out-of-bounds accesses that can be triggered by a malicious (or defective) USB device, in particular: - The metadata | |
| CVE-2022-49044 | Hig | 7.8 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tag_size is less than digest size It is possible to set up dm-integrity in such a way that the "tag_size" parameter is less than the actual digest size. In this situatio | |
| CVE-2021-47659 | Med | 5.5 | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for format_count earlier While the check for format_count > 64 in __drm_universal_plane_init() shouldn't be hit (it's a WARN_ON), in its current position it will then leak the plane- |
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an init
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as modul
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() The error handling path of the probe releases a resource that is not freed in the remove function. In some cases, a ioremap() must be undone. Add th
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: drm/imx: Fix memory leak in imx_pd_connector_get_modes Avoid leaking the display mode variable if of_get_drm_display_mode fails. Addresses-Coverity-ID: 1443943 ("Resource leak")
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in get_initial_state In get_initial_state, it calls notify_initial_state_done(skb,..) if cb->args[5]==1. If genlmsg_put() failed in notify_initial_state_done(), the skb will b
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix regression in probe for NULL pointer dereference Commit 3f6634d997db ("iommu: Use right way to retrieve iommu_ops") started triggering a NULL pointer dereference for some omap variants: __iommu
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() The function mpt3sas_transport_port_remove() called in _scsih_expander_node_remove() frees the port field of the sas_expander structure, leadin
- affected < 5.3.18-150300.59.198.1fixed 5.3.18-150300.59.198.1
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corn
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix use-after-free bug for mm struct Under certain conditions, such as MPI_Abort, the hfi1 cleanup code may represent the last reference held on the task mm. hfi1_mmu_rb_unregister() then drops the l
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: ata: sata_dwc_460ex: Fix crash due to OOB write the driver uses libata's "tag" values from in various arrays. Since the mentioned patch bumped the ATA_TAG_INTERNAL to 32, the value of the SATA_DWC_QCMD_MAX need
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svc_deferred_event trace class Fix a NULL deref crash that occurs when an svc_rqst is deferred while the sunrpc tracing subsystem is enabled. svc_revisit() sets dr->xprt to NULL, so it can't be
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: ice: arfs: fix use-after-free when freeing @rx_cpu_rmap The CI testing bots triggered the following splat: [ 718.203054] BUG: KASAN: use-after-free in free_irq_cpu_rmap+0x53/0x80 [ 718.206349] Read of size 4
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flush_workqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed m
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' too small (16 vs u32max) It's caused be
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for potential null return of kmalloc_array() As the kmalloc_array() may return null, the 'event_waiters[i].wait' would lead to null-pointer dereference. Therefore, it is better to check the re
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not take refcount properly and just returns page pointer. When tcmu_try_get_data_page() returns, th
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111_rx_fixup() contains several out-of-bounds accesses that can be triggered by a malicious (or defective) USB device, in particular: - The metadata
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tag_size is less than digest size It is possible to set up dm-integrity in such a way that the "tag_size" parameter is less than the actual digest size. In this situatio
- affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for format_count earlier While the check for format_count > 64 in __drm_universal_plane_init() shouldn't be hit (it's a WARN_ON), in its current position it will then leak the plane-
Page 27 of 74