rpm package
suse/kernel-livepatch-SLE15-SP4_Update_38&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_38&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (486)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49704 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: 9p: fix fid refcount leak in v9fs_vfs_get_link we check for protocol version later than required, after a fid has been obtained. Just move the version check earlier. | ||
| CVE-2022-49703 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue i | ||
| CVE-2022-49701 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Allocate/free queue resource only during probe/remove Currently, the sub-queues and event pool resources are allocated/freed for every CRQ connection event such as reset and LPM. This exposes the | ||
| CVE-2022-49700 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as the TID stays the same. However, two places in __slab_alloc() currently don't up | ||
| CVE-2022-49699 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemap_get_read_batch() If a read races with an invalidation followed by another read, it is possible for a folio to be replaced with a higher-order folio. If that happens, | ||
| CVE-2022-49695 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: igb: fix a use-after-free issue in igb_clean_tx_ring Fix the following use-after-free bug in igb_clean_tx_ring routine when the NIC is running in XDP mode. The issue can be triggered redirecting traffic into th | ||
| CVE-2022-49693 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_graph_get_remote_node() returns remote device node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add mi | ||
| CVE-2022-49688 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afs_getattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to acc | ||
| CVE-2022-49687 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using virtio_net: # ip link set eth0 up # echo mem > /sys/power/state (or e.g. # rtcw | ||
| CVE-2022-49685 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after- | ||
| CVE-2022-49683 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of | ||
| CVE-2022-49680 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: exynos: Fix refcount leak in exynos_map_pmu of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to a | ||
| CVE-2022-49679 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: Fix refcount leak in axxia_boot_secondary of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcoun | ||
| CVE-2022-49678 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missin | ||
| CVE-2022-49677 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: cns3xxx: Fix refcount leak in cns3xxx_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcou | ||
| CVE-2022-49676 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. This funct | ||
| CVE-2022-49675 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport __init-annotated tick_nohz_full_setup() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols a | ||
| CVE-2022-49674 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load (using raid_ctr), dm-raid allocates an array rs->devs[rs->raid_disks] for the raid device members. rs->raid_disks is defined by the nu | ||
| CVE-2022-49673 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warning happens in the test lvconvert-raid-reshape-linear_to_raid6-single-type.sh. We | ||
| CVE-2022-49672 | — | < 1-150400.9.3.1 | 1-150400.9.3.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tun_file which can get destroyed before the netdev so we have to del them expli |
- CVE-2022-49704Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: 9p: fix fid refcount leak in v9fs_vfs_get_link we check for protocol version later than required, after a fid has been obtained. Just move the version check earlier.
- CVE-2022-49703Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue i
- CVE-2022-49701Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Allocate/free queue resource only during probe/remove Currently, the sub-queues and event pool resources are allocated/freed for every CRQ connection event such as reset and LPM. This exposes the
- CVE-2022-49700Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slab_alloc_node() assumes that c->slab is stable as long as the TID stays the same. However, two places in __slab_alloc() currently don't up
- CVE-2022-49699Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemap_get_read_batch() If a read races with an invalidation followed by another read, it is possible for a folio to be replaced with a higher-order folio. If that happens,
- CVE-2022-49695Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: igb: fix a use-after-free issue in igb_clean_tx_ring Fix the following use-after-free bug in igb_clean_tx_ring routine when the NIC is running in XDP mode. The issue can be triggered redirecting traffic into th
- CVE-2022-49693Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_graph_get_remote_node() returns remote device node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add mi
- CVE-2022-49688Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afs_getattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to acc
- CVE-2022-49687Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix xdp_rxq_info bug after suspend/resume The following sequence currently causes a driver bug warning when using virtio_net: # ip link set eth0 up # echo mem > /sys/power/state (or e.g. # rtcw
- CVE-2022-49685Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irq_work has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-
- CVE-2022-49683Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of
- CVE-2022-49680Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: ARM: exynos: Fix refcount leak in exynos_map_pmu of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to a
- CVE-2022-49679Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: ARM: Fix refcount leak in axxia_boot_secondary of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcoun
- CVE-2022-49678Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missin
- CVE-2022-49677Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: ARM: cns3xxx: Fix refcount leak in cns3xxx_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcou
- CVE-2022-49676Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. This funct
- CVE-2022-49675Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport __init-annotated tick_nohz_full_setup() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols a
- CVE-2022-49674Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load (using raid_ctr), dm-raid allocates an array rs->devs[rs->raid_disks] for the raid device members. rs->raid_disks is defined by the nu
- CVE-2022-49673Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite. The warning happens in the test lvconvert-raid-reshape-linear_to_raid6-single-type.sh. We
- CVE-2022-49672Feb 26, 2025affected < 1-150400.9.3.1fixed 1-150400.9.3.1
In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tun_file which can get destroyed before the netdev so we have to del them expli
Page 3 of 25