rpm package
suse/kernel-livepatch-SLE15-SP3_Update_56&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_56&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (265)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49700 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as the TID stays the same. However, two places in __slab_alloc() currently don't up | ||
| CVE-2022-49693 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_graph_get_remote_node() returns remote device node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add mi | ||
| CVE-2022-49687 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using virtio_net: # ip link set eth0 up # echo mem > /sys/power/state (or e.g. # rtcw | ||
| CVE-2022-49685 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after- | ||
| CVE-2022-49678 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missin | ||
| CVE-2022-49674 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load (using raid_ctr), dm-raid allocates an array rs->devs[rs->raid_disks] for the raid device members. rs->raid_disks is defined by the nu | ||
| CVE-2022-49673 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warning happens in the test lvconvert-raid-reshape-linear_to_raid6-single-type.sh. We | ||
| CVE-2022-49671 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. When cm_init_listen() fails it doesn't free it, leading to memory leak. Add the missing error unwind. | ||
| CVE-2022-49670 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: linux/dim: Fix divide by 0 in RDMA DIM Fix a divide 0 error in rdma_dim_stats_compare() when prev->cpe_ratio == 0. CallTrace: Hardware name: H3C R4900 G3/RS33M2C9S, BIOS 2.00.37P21 03/12/2020 task: ffff880 | ||
| CVE-2022-49661 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_open/close(): fix memory leak The gs_usb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usb_alloc_coherent() to allocate a number of USB re | ||
| CVE-2022-49657 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnet_write_cmd_async() mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer | ||
| CVE-2022-49652 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_no | ||
| CVE-2022-49649 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue xenvif_rx_next_skb() is expecting the rx queue not being empty, but in case the loop in xenvif_rx_action() is doing multiple iterations, t | ||
| CVE-2022-49648 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As commit 46bbe5c671e0 ("tracing: fix double free") said, the "double free" problem reported by clang s | ||
| CVE-2022-49647 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading css_sets for migration Each cset (css_set) is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and | ||
| CVE-2022-49646 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix queue selection for mesh/OCB interfaces When using iTXQ, the code assumes that there is only one vif queue for broadcast packets, using the BE queue. Allowing non-BE queue marking violates t | ||
| CVE-2022-49645 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix shrinker list corruption by madvise IOCTL Calling madvise IOCTL twice on BO causes memory shrinker list corruption and crashes kernel because BO is already on the list and it's added to the li | ||
| CVE-2022-49644 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() If drm_connector_init fails, intel_connector_free will be called to take care of proper free. So it is necessary to drop the refcount of po | ||
| CVE-2022-49643 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in ima_appraise_measurement When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be negative, which may cause the integer overflow problem. | ||
| CVE-2022-49641 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in proc_douintvec(). A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tea |
- CVE-2022-49700Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as the TID stays the same. However, two places in __slab_alloc() currently don't up
- CVE-2022-49693Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_graph_get_remote_node() returns remote device node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add mi
- CVE-2022-49687Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using virtio_net: # ip link set eth0 up # echo mem > /sys/power/state (or e.g. # rtcw
- CVE-2022-49685Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-
- CVE-2022-49678Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missin
- CVE-2022-49674Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load (using raid_ctr), dm-raid allocates an array rs->devs[rs->raid_disks] for the raid device members. rs->raid_disks is defined by the nu
- CVE-2022-49673Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warning happens in the test lvconvert-raid-reshape-linear_to_raid6-single-type.sh. We
- CVE-2022-49671Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix memory leak in ib_cm_insert_listen cm_alloc_id_priv() allocates resource for the cm_id_priv. When cm_init_listen() fails it doesn't free it, leading to memory leak. Add the missing error unwind.
- CVE-2022-49670Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: linux/dim: Fix divide by 0 in RDMA DIM Fix a divide 0 error in rdma_dim_stats_compare() when prev->cpe_ratio == 0. CallTrace: Hardware name: H3C R4900 G3/RS33M2C9S, BIOS 2.00.37P21 03/12/2020 task: ffff880
- CVE-2022-49661Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_open/close(): fix memory leak The gs_usb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usb_alloc_coherent() to allocate a number of USB re
- CVE-2022-49657Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnet_write_cmd_async() mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer
- CVE-2022-49652Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_no
- CVE-2022-49649Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue xenvif_rx_next_skb() is expecting the rx queue not being empty, but in case the loop in xenvif_rx_action() is doing multiple iterations, t
- CVE-2022-49648Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As commit 46bbe5c671e0 ("tracing: fix double free") said, the "double free" problem reported by clang s
- CVE-2022-49647Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading css_sets for migration Each cset (css_set) is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and
- CVE-2022-49646Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix queue selection for mesh/OCB interfaces When using iTXQ, the code assumes that there is only one vif queue for broadcast packets, using the BE queue. Allowing non-BE queue marking violates t
- CVE-2022-49645Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix shrinker list corruption by madvise IOCTL Calling madvise IOCTL twice on BO causes memory shrinker list corruption and crashes kernel because BO is already on the list and it's added to the li
- CVE-2022-49644Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() If drm_connector_init fails, intel_connector_free will be called to take care of proper free. So it is necessary to drop the refcount of po
- CVE-2022-49643Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in ima_appraise_measurement When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be negative, which may cause the integer overflow problem.
- CVE-2022-49641Feb 26, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in proc_douintvec(). A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tea
Page 3 of 14