VYPR

rpm package

suse/kernel-livepatch-SLE15-SP3_Update_59&distro=SUSE Linux Enterprise Live Patching 15 SP3

pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_59&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3

Vulnerabilities (136)

  • CVE-2022-50094Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions trace_spmi_write_begin() and trace_spmi_read_end() both call memcpy() with a length of "len + 1". This leads to one extra byte being read be

  • CVE-2022-50093Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) KASAN reports: [ 4.668325][ T0] BUG: KASAN: wild-memory-access in dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/a

  • CVE-2022-50092Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dm_pool_register_metadata_threshold+0x40/0x80 Read of size

  • CVE-2022-50091Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: locking/csd_lock: Change csdlock_debug from early_param to __setup The csdlock_debug kernel-boot parameter is parsed by the early_param() function csdlock_debug(). If set, csdlock_debug() invokes static_branch

  • CVE-2022-50087Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it

  • CVE-2022-50085Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert-raid.sh. The reason for the warning is that mddev->raid_disks is greater than rs

  • CVE-2022-50084Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and running this testsuite: https://gitlab.com/cki-project/kernel-tests/-/tree/main/sto

  • CVE-2022-50072Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by t

  • CVE-2022-50067Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_t

  • CVE-2022-50065Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is new

  • CVE-2022-50061Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_

  • CVE-2022-50059Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snap_rwsem in handle_cap_grant When handle_cap_grant is called on an IMPORT op, then the snap_rwsem is held and the function is expected to release it before returning. It currently fails to do

  • CVE-2022-50051Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflo

  • CVE-2022-50045Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/pci: Fix get_phb_number() locking The recent change to get_phb_number() causes a DEBUG_ATOMIC_SLEEP warning on some systems: BUG: sleeping function called from invalid context at kernel/locking/mutex

  • CVE-2022-50038Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() In this function, there are two refcount leak bugs: (1) when breaking out of for_each_endpoint_of_node(), we need call the of_node_put() for

  • CVE-2022-50036Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: dsi: Prevent underflow when computing packet sizes Currently, the packet overhead is subtracted using unsigned arithmetic. With a short sync pulse, this could underflow and wrap around to near the ma

  • CVE-2022-50033Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-ppc-of: Fix refcount leak bug In ohci_hcd_ppc_of_probe(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore.

  • CVE-2022-50032Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: usb: renesas: Fix refcount leak bug In usbhs_rza1_hardware_init(), of_find_node_by_name() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore.

  • CVE-2022-50030Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, l

  • CVE-2022-50029Jun 18, 2025
    affected < 1-150300.7.3.1fixed 1-150300.7.3.1

    In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gcc_sleep_clk_src Once the usb sleep clocks are disabled, clock framework is trying to disable the sleep clock source also. However, it seems that it cannot be disabled and try

Page 4 of 7