rpm package
suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (1,468)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49015 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to netif_rx() which may free it, after calling this, dereferencing skb may trigger use-after-free. | ||
| CVE-2022-49014 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported use-after-free in tun_detach() [1]. This causes call trace like below: ================================================================== BUG: KASA | ||
| CVE-2022-49011 | — | < 5.3.18-150300.59.185.1 | 5.3.18-150300.59.185.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decremen | ||
| CVE-2022-49010 | — | < 5.3.18-150300.59.185.1 | 5.3.18-150300.59.185.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Check for null before removing sysfs attrs If coretemp_add_core() gets an error then pdata->core_data[indx] is already NULL and has been kfreed. Don't pass that to sysfs_remove_group() as that | ||
| CVE-2022-49006 | — | < 5.3.18-150300.59.185.1 | 5.3.18-150300.59.185.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" field of the event then uses the first type number that is available (not currently | ||
| CVE-2022-49003 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvme_ns_head list Walking the nvme_ns_head siblings list is protected by the head's srcu in nvme_ns_head_submit_bio() but not nvme_mpath_revalidate_paths(). Removing namespaces from | ||
| CVE-2022-48999 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference Gwangun Jung reported a slab-out-of-bounds access in fib_nh_match: fib_nh_match+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fib_ | ||
| CVE-2022-48991 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any codepath that zaps page table entries must invoke MMU notifiers to ensure that secondary MMUs (like KVM) don't keep accessing pages which are | ||
| CVE-2022-48988 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: memcg: fix possible use-after-free in memcg_write_event_control() memcg_write_event_control() accesses the dentry->d_name of the specified control fd to route the write call. As a cgroup interface file can't b | ||
| CVE-2022-48985 | — | < 5.3.18-150300.59.185.1 | 5.3.18-150300.59.185.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix race on per-CQ variable napi work_done After calling napi_complete_done(), the NAPIF_STATE_SCHED bit may be cleared, and another CPU can start napi thread and access per-CQ variable, cq->work_don | ||
| CVE-2022-48970 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Get user_ns from in_skb in unix_diag_get_exact(). Wei Chen reported a NULL deref in sk_user_ns() [0][1], and Paolo diagnosed the root cause: in unix_diag_get_exact(), the newly allocated skb does not h | ||
| CVE-2022-48967 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfc_target arrays While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported: memcpy: detected field-spanning write (size 129) of single field "target->sensf_res" at net/nf | ||
| CVE-2022-48962 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. | ||
| CVE-2022-48960 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. | ||
| CVE-2022-48956 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use | ||
| CVE-2022-48947 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventually it will wrap around the maximum number (i.e., 255). This patch prevents this | ||
| CVE-2024-50047 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt | ||
| CVE-2024-49991 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer, otherwise amdgpu_bo_unref clear the local variable, the original pointer not set | ||
| CVE-2024-49982 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 ("aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts") makes tx() calling dev_put() instead of d | ||
| CVE-2024-49974 | — | < 5.3.18-150300.59.182.2 | 5.3.18-150300.59.182.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimit |
- CVE-2022-49015Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to netif_rx() which may free it, after calling this, dereferencing skb may trigger use-after-free.
- CVE-2022-49014Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported use-after-free in tun_detach() [1]. This causes call trace like below: ================================================================== BUG: KASA
- CVE-2022-49011Oct 21, 2024affected < 5.3.18-150300.59.185.1fixed 5.3.18-150300.59.185.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decremen
- CVE-2022-49010Oct 21, 2024affected < 5.3.18-150300.59.185.1fixed 5.3.18-150300.59.185.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Check for null before removing sysfs attrs If coretemp_add_core() gets an error then pdata->core_data[indx] is already NULL and has been kfreed. Don't pass that to sysfs_remove_group() as that
- CVE-2022-49006Oct 21, 2024affected < 5.3.18-150300.59.185.1fixed 5.3.18-150300.59.185.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" field of the event then uses the first type number that is available (not currently
- CVE-2022-49003Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvme_ns_head list Walking the nvme_ns_head siblings list is protected by the head's srcu in nvme_ns_head_submit_bio() but not nvme_mpath_revalidate_paths(). Removing namespaces from
- CVE-2022-48999Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference Gwangun Jung reported a slab-out-of-bounds access in fib_nh_match: fib_nh_match+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fib_
- CVE-2022-48991Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any codepath that zaps page table entries must invoke MMU notifiers to ensure that secondary MMUs (like KVM) don't keep accessing pages which are
- CVE-2022-48988Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: memcg: fix possible use-after-free in memcg_write_event_control() memcg_write_event_control() accesses the dentry->d_name of the specified control fd to route the write call. As a cgroup interface file can't b
- CVE-2022-48985Oct 21, 2024affected < 5.3.18-150300.59.185.1fixed 5.3.18-150300.59.185.1
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix race on per-CQ variable napi work_done After calling napi_complete_done(), the NAPIF_STATE_SCHED bit may be cleared, and another CPU can start napi thread and access per-CQ variable, cq->work_don
- CVE-2022-48970Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: af_unix: Get user_ns from in_skb in unix_diag_get_exact(). Wei Chen reported a NULL deref in sk_user_ns() [0][1], and Paolo diagnosed the root cause: in unix_diag_get_exact(), the newly allocated skb does not h
- CVE-2022-48967Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfc_target arrays While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported: memcpy: detected field-spanning write (size 129) of single field "target->sensf_res" at net/nf
- CVE-2022-48962Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.
- CVE-2022-48960Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.
- CVE-2022-48956Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use
- CVE-2022-48947Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventually it will wrap around the maximum number (i.e., 255). This patch prevents this
- CVE-2024-50047Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt
- CVE-2024-49991Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer, otherwise amdgpu_bo_unref clear the local variable, the original pointer not set
- CVE-2024-49982Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 ("aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts") makes tx() calling dev_put() instead of d
- CVE-2024-49974Oct 21, 2024affected < 5.3.18-150300.59.182.2fixed 5.3.18-150300.59.182.2
In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimit
Page 32 of 74