rpm package
suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (383)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50629 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsi_coex_attach() The coex_cb needs to be freed when rsi_create_kthread() failed in rsi_coex_attach(). | ||
| CVE-2022-50626 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is due to not accounting for and freeing current iteration's adapter->priv in case of | ||
| CVE-2022-50625 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1] documentation describes a generic UART interface. Such generic UART does not su | ||
| CVE-2022-50623 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() The "hdr.count * sizeof(s32)" multiplication can overflow on 32 bit systems leading to memory corruption. Use array_size() to fix that. | ||
| CVE-2022-50622 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in this case 'state->fc_modified_inodes' may not be freed by krealloc, but 'state->fc_modified_inodes' already set | ||
| CVE-2022-50619 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, w | ||
| CVE-2022-50618 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. In | ||
| CVE-2022-50617 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/powerplay/psm: Fix memory leak in power state init Commit 902bc65de0b3 ("drm/amdgpu/powerplay/psm: return an error in power state init") made the power state init function return early in case of fai | ||
| CVE-2022-50615 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() pci_get_device() will increase the reference count for the returned pci_dev, so snr_uncore_get_mc_dev() will return a pci_dev with its re | ||
| CVE-2022-50614 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic The dma_map_single() doesn't permit zero length mapping. It causes a follow panic. A panic was reported on arm64: [ 60.137988] ------ | ||
| CVE-2025-40280 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_mon_reinit_self(). syzbot reported use-after-free of tipc_net(net)->monitors[] in tipc_mon_reinit_self(). [0] The array is protected by RTNL, but tipc_mon_reinit_self() iterate | ||
| CVE-2025-40277 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds acc | ||
| CVE-2025-40258 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race condition in mptcp_schedule_work() syzbot reported use-after-free in mptcp_schedule_work() [1] Issue here is that mptcp_schedule_work() schedules a work, then gets a refcount on sk->sk_refcnt i | ||
| CVE-2025-40257 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcp_pm_del_add_timer() mptcp_pm_del_add_timer() can call sk_stop_timer_sync(sk, &entry->add_timer) while another might have free entry already, as reported by syzbot. Add RCU protection | ||
| CVE-2025-40256 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added In commit b441cf3f8c4b ("xfrm: delete x->tunnel as we delete x"), I missed the case where state creation fails between f | ||
| CVE-2025-40233 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This trigg | ||
| CVE-2025-40220 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: fuse: fix livelock in synchronous file put from fuseblk workers I observed a hang when running generic/323 against a fuseblk server. This test opens a file, initiates a lot of AIO writes to that file descriptor | ||
| CVE-2025-40215 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x->tunnel as we delete x The ipcomp fallback tunnels currently get deleted (from the various lists and hashtables) as the last user state that needed that fallback is destroyed (not deleted). If a | ||
| CVE-2025-40139 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Nov 12, 2025 | In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_ge | ||
| CVE-2025-40044 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m |
- CVE-2022-50629Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsi_coex_attach() The coex_cb needs to be freed when rsi_create_kthread() failed in rsi_coex_attach().
- CVE-2022-50626Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is due to not accounting for and freeing current iteration's adapter->priv in case of
- CVE-2022-50625Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter "B Generic UART" in "ARM Server Base System Architecture" [1] documentation describes a generic UART interface. Such generic UART does not su
- CVE-2022-50623Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() The "hdr.count * sizeof(s32)" multiplication can overflow on 32 bit systems leading to memory corruption. Use array_size() to fix that.
- CVE-2022-50622Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in this case 'state->fc_modified_inodes' may not be freed by krealloc, but 'state->fc_modified_inodes' already set
- CVE-2022-50619Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, w
- CVE-2022-50618Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. In
- CVE-2022-50617Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/powerplay/psm: Fix memory leak in power state init Commit 902bc65de0b3 ("drm/amdgpu/powerplay/psm: return an error in power state init") made the power state init function return early in case of fai
- CVE-2022-50615Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() pci_get_device() will increase the reference count for the returned pci_dev, so snr_uncore_get_mc_dev() will return a pci_dev with its re
- CVE-2022-50614Dec 8, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic The dma_map_single() doesn't permit zero length mapping. It causes a follow panic. A panic was reported on arm64: [ 60.137988] ------
- CVE-2025-40280Dec 6, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_mon_reinit_self(). syzbot reported use-after-free of tipc_net(net)->monitors[] in tipc_mon_reinit_self(). [0] The array is protected by RTNL, but tipc_mon_reinit_self() iterate
- CVE-2025-40277Dec 6, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds acc
- CVE-2025-40258Dec 4, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race condition in mptcp_schedule_work() syzbot reported use-after-free in mptcp_schedule_work() [1] Issue here is that mptcp_schedule_work() schedules a work, then gets a refcount on sk->sk_refcnt i
- CVE-2025-40257Dec 4, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcp_pm_del_add_timer() mptcp_pm_del_add_timer() can call sk_stop_timer_sync(sk, &entry->add_timer) while another might have free entry already, as reported by syzbot. Add RCU protection
- CVE-2025-40256Dec 4, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added In commit b441cf3f8c4b ("xfrm: delete x->tunnel as we delete x"), I missed the case where state creation fails between f
- CVE-2025-40233Dec 4, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This trigg
- CVE-2025-40220Dec 4, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: fuse: fix livelock in synchronous file put from fuseblk workers I observed a hang when running generic/323 against a fuseblk server. This test opens a file, initiates a lot of AIO writes to that file descriptor
- CVE-2025-40215Dec 4, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: delete x->tunnel as we delete x The ipcomp fallback tunnels currently get deleted (from the various lists and hashtables) as the last user state that needed that fallback is destroyed (not deleted). If a
- CVE-2025-40139Nov 12, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). smc_clc_prfx_set() is called during connect() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_ge
- CVE-2025-40044Oct 28, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m
Page 17 of 20