suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5

Vulnerabilities (2,310)

• CVE-2022-49236Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btf_try_get_module and load_module While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the

• CVE-2022-49235Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix uninit value bugs Syzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing field initialization. In htc_connect_service() svc_meta_len and pad are not initialized. Based on code

• CVE-2022-49233Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Call dc_stream_release for remove link enc assignment [Why] A porting error resulted in the stream assignment for the link being retained without being released - a memory leak. [How] Fix the

• CVE-2022-49232Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() In amdgpu_dm_connector_add_common_modes(), amdgpu_dm_create_common_mode() is assigned to mode and is passed to drm_mode_

• CVE-2022-49230Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix possible memory leak in mt7915_mcu_add_sta Free allocated skb in mt7915_mcu_add_sta routine in case of failures.

• CVE-2022-49228Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decl_tag bug when tagging a function syzbot reported a btf decl_tag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEM

• CVE-2022-49227Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: igc: avoid kernel warning when changing RX ring parameters Calling ethtool changing the RX ring parameters like this: $ ethtool -G eth0 rx 1024 on igc triggers kernel warnings like this: [ 225.198467] ---

• CVE-2022-49226Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asix_read_cmd() reads less bytes, than was requested by caller. Since al

• CVE-2022-49225Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921s: fix a possible memory leak in mt7921_load_patch Always release fw data at the end of mt7921_load_patch routine.

• CVE-2022-49224Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add()： If this function returns an error, k

• CVE-2022-49222Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: drm/bridge: anx7625: Fix overflow issue on reading EDID The length of EDID block can be longer than 256 bytes, so we should use `int` instead of `u8` for the `edid_pos` variable.

• CVE-2022-49221Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: populate connector of struct dp_panel DP CTS test case 4.2.2.6 has valid edid with bad checksum on purpose and expect DP source return correct checksum. During drm edid read, correct edid checksum i

• CVE-2022-49219Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix memory leak during D3hot to D0 transition If 'vfio_pci_core_device::needs_pm_restore' is set (PCI device does not have No_Soft_Reset bit set in its PMCSR config register), then the current PCI sta

• CVE-2022-49218Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix OOB read when handling Post Cursor2 register The link_status array was not large enough to read the Adjust Request Post Cursor2 register, so remove the common helper function to avoid an OOB read, f

• CVE-2022-49217Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xx_send_abort_all(), the n_elem field of the ccb used is not initialized to 0. This missing initialization sometimes lead to the task completion path seein

• CVE-2022-49216Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix reference leak in tegra_dsi_ganged_probe The reference taken by 'of_find_device_by_node()' must be released when not needed anymore. Add put_device() call to fix this.

• CVE-2022-49215Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xsk_unbind_dev() starts by setting xs->state to XSK_

• CVE-2022-49214Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 ("powerpc/mm: Show if a bad page fault on data is read or write.") we use page_fault_is_write(regs->dsisr) in __bad_page_fault() to determin

• CVE-2022-49213Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix error handling in ath10k_setup_msa_resources The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only cal

• CVE-2022-49212Feb 26, 2025
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init The reference counting issue happens in several error handling paths on a refcounted object "nc->dmac". In these paths, the function simply