rpm package
suse/kernel-livepatch-SLE15-SP3_Update_59&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_59&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (136)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50149 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential deadlock in __driver_attach In __driver_attach function, There are also AA deadlock problem, like the commit b232b02bf3c2 ("driver core: fix deadlock in __device_attach"). stack like | ||
| CVE-2022-50146 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors If dw_pcie_ep_init() fails to perform any action after the EPC memory is initialized and the MSI memory region is allocated, the latter parts won't be | ||
| CVE-2022-50143 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: intel_th: Fix a resource leak in an error handling path If an error occurs after calling 'pci_alloc_irq_vectors()', 'pci_free_irq_vectors()' must be called as already done in the remove function. | ||
| CVE-2022-50142 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: intel_th: msu: Fix vmalloced buffers After commit f5ff79fddf0e ("dma-mapping: remove CONFIG_DMA_REMAP") there's a chance of DMA buffer getting allocated via vmalloc(), which messes up the mmapping code: > RIP: | ||
| CVE-2022-50141 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missi | ||
| CVE-2022-50140 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_blocks_bitmap', it is likely that it should be freed also at the same time. Add the corr | ||
| CVE-2022-50138 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() __qedr_alloc_mr() allocates a memory chunk for "mr->info.pbl_table" with init_mr_info(). When rdma_alloc_tid() and rdma_register_tid() fail, "mr" is rel | ||
| CVE-2022-50136 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event If siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IW_CM_EVENT_CONNECT_REPLY | ||
| CVE-2022-50127 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxe_create_qp() In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, internally things like the spin locks are not setup until rxe_qp_init_req(). If an | ||
| CVE-2022-50126 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted Following process will fail assertion 'jh->b_frozen_data == NULL' in jbd2_journal_dirty_metadata(): jbd2_journal_ | ||
| CVE-2022-50124 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_nod | ||
| CVE-2022-50118 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable commit 2c9ac51b850d ("powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC | ||
| CVE-2022-50109 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfb_of_init_display(), we should call of_node_put() for the references returned by of_graph_get_next_endpoint() and of_graph_get_remote_port_parent() which | ||
| CVE-2022-50108 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: mfd: max77620: Fix refcount leak in max77620_initialise_fps of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_ | ||
| CVE-2022-50104 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_get_max_prio of_find_node_by_path() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refc | ||
| CVE-2022-50102 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug i | ||
| CVE-2022-50101 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vt8623fb: Check the size of screen before memset_io() In the function vt8623fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the v | ||
| CVE-2022-50099 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memset_io() In the function arkfb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value o | ||
| CVE-2022-50098 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts Ensure SRB is returned during I/O timeout error escalation. If that is not possible fail the escalation path. Following crash stack was seen | ||
| CVE-2022-50097 | — | < 1-150300.7.3.1 | 1-150300.7.3.1 | Jun 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memset_io() In the function s3fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of |
- CVE-2022-50149Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential deadlock in __driver_attach In __driver_attach function, There are also AA deadlock problem, like the commit b232b02bf3c2 ("driver core: fix deadlock in __device_attach"). stack like
- CVE-2022-50146Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors If dw_pcie_ep_init() fails to perform any action after the EPC memory is initialized and the MSI memory region is allocated, the latter parts won't be
- CVE-2022-50143Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: intel_th: Fix a resource leak in an error handling path If an error occurs after calling 'pci_alloc_irq_vectors()', 'pci_free_irq_vectors()' must be called as already done in the remove function.
- CVE-2022-50142Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: intel_th: msu: Fix vmalloced buffers After commit f5ff79fddf0e ("dma-mapping: remove CONFIG_DMA_REMAP") there's a chance of DMA buffer getting allocated via vmalloc(), which messes up the mmapping code: > RIP:
- CVE-2022-50141Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missi
- CVE-2022-50140Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: memstick/ms_block: Fix a memory leak 'erased_blocks_bitmap' is never freed. As it is allocated at the same time as 'used_blocks_bitmap', it is likely that it should be freed also at the same time. Add the corr
- CVE-2022-50138Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() __qedr_alloc_mr() allocates a memory chunk for "mr->info.pbl_table" with init_mr_info(). When rdma_alloc_tid() and rdma_register_tid() fail, "mr" is rel
- CVE-2022-50136Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event If siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IW_CM_EVENT_CONNECT_REPLY
- CVE-2022-50127Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxe_create_qp() In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, internally things like the spin locks are not setup until rxe_qp_init_req(). If an
- CVE-2022-50126Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted Following process will fail assertion 'jh->b_frozen_data == NULL' in jbd2_journal_dirty_metadata(): jbd2_journal_
- CVE-2022-50124Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_nod
- CVE-2022-50118Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable commit 2c9ac51b850d ("powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC
- CVE-2022-50109Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfb_of_init_display(), we should call of_node_put() for the references returned by of_graph_get_next_endpoint() and of_graph_get_remote_port_parent() which
- CVE-2022-50108Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: mfd: max77620: Fix refcount leak in max77620_initialise_fps of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_
- CVE-2022-50104Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_get_max_prio of_find_node_by_path() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refc
- CVE-2022-50102Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug i
- CVE-2022-50101Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vt8623fb: Check the size of screen before memset_io() In the function vt8623fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the v
- CVE-2022-50099Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memset_io() In the function arkfb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value o
- CVE-2022-50098Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts Ensure SRB is returned during I/O timeout error escalation. If that is not possible fail the escalation path. Following crash stack was seen
- CVE-2022-50097Jun 18, 2025affected < 1-150300.7.3.1fixed 1-150300.7.3.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memset_io() In the function s3fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of
Page 3 of 7