rpm package
suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (383)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50846 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. I | ||
| CVE-2022-50845 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: [localhost]# fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 (12-Sep-2022) Pass 1: Ch | ||
| CVE-2022-50844 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function p | ||
| CVE-2022-50843 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clone_dtr() Dm_clone also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in clone_dtr(). | ||
| CVE-2022-50842 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether transferred 2D BO is shmem Transferred 2D BO always must be a shmem BO. Add check for that to prevent NULL dereference if userspace passes a VRAM BO. | ||
| CVE-2022-50840 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snic_tgt_create() Smatch reports a warning as follows: drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn: '&tgt->list' not removed from list If device_add() fails in s | ||
| CVE-2022-50839 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without update 'journal->j_fc_off'. But 'jbd2_fc_release_bufs' will release buffer head | ||
| CVE-2022-50836 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() The kfree() should be called when of_irq_get_byname() fails or devm_request_threaded_irq() fails in qcom_add_sysmon_subdev(), otherwise there will | ||
| CVE-2022-50835 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fc_do_one_pass() In fc_do_one_pass() miss release buffer head after use which will lead to reference count leak. | ||
| CVE-2022-50834 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfc_get_device() take reference for the device, add missing nfc_put_device() to release it when not need anymore. Also fix the style warnning by use error EOPNOTSUPP instead of | ||
| CVE-2022-50832 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() The wilc_mac_xmit() returns NETDEV_TX_OK without freeing skb, add dev_kfree_skb() to fix it. Compile tested only. | ||
| CVE-2022-50830 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() hd44780_probe() allocates a memory chunk for hd with kzalloc() and makes "lcd->drvdata->hd44780" point to it. When we call hd44780_remove(), we | ||
| CVE-2022-50829 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), then usb_submit_urb() fails and we try to free skb again. It causes use-after-free b | ||
| CVE-2022-50828 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy` "BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68" Linux-ATF interface is using 16 bytes of SMC payload. In case clock name is longer than 15 bytes, string | ||
| CVE-2022-50827 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix memory leak in lpfc_create_port() Commit 5e633302ace1 ("scsi: lpfc: vmid: Add support for VMID in mailbox command") introduced allocations for the VMID resources in lpfc_create_port() after the | ||
| CVE-2022-50826 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() Calling v4l2_subdev_get_try_crop() and v4l2_subdev_get_try_compose() with a subdev state of NULL leads to a NULL pointer dereference. This | ||
| CVE-2022-50824 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak In check_acpi_tpm2(), we get the TPM2 table just to make sure the table is there, not used after the init, so the acpi_put_table() should be adde | ||
| CVE-2022-50823 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra114_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() | ||
| CVE-2022-50822 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memory leak as the task struct won't be released. | ||
| CVE-2022-50821 | — | < 1-150400.9.7.1 | 1-150400.9.7.1 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails |
- CVE-2022-50846Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. I
- CVE-2022-50845Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4_xattr_inode_create() on an error path There is issue as follows when do setxattr with inject fault: [localhost]# fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 (12-Sep-2022) Pass 1: Ch
- CVE-2022-50844Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function p
- CVE-2022-50843Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clone_dtr() Dm_clone also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in clone_dtr().
- CVE-2022-50842Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether transferred 2D BO is shmem Transferred 2D BO always must be a shmem BO. Add check for that to prevent NULL dereference if userspace passes a VRAM BO.
- CVE-2022-50840Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snic_tgt_create() Smatch reports a warning as follows: drivers/scsi/snic/snic_disc.c:307 snic_tgt_create() warn: '&tgt->list' not removed from list If device_add() fails in s
- CVE-2022-50839Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2_fc_wait_bufs' if buffer isn't uptodate, will return -EIO without update 'journal->j_fc_off'. But 'jbd2_fc_release_bufs' will release buffer head
- CVE-2022-50836Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() The kfree() should be called when of_irq_get_byname() fails or devm_request_threaded_irq() fails in qcom_add_sysmon_subdev(), otherwise there will
- CVE-2022-50835Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fc_do_one_pass() In fc_do_one_pass() miss release buffer head after use which will lead to reference count leak.
- CVE-2022-50834Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfc_get_device() take reference for the device, add missing nfc_put_device() to release it when not need anymore. Also fix the style warnning by use error EOPNOTSUPP instead of
- CVE-2022-50832Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() The wilc_mac_xmit() returns NETDEV_TX_OK without freeing skb, add dev_kfree_skb() to fix it. Compile tested only.
- CVE-2022-50830Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() hd44780_probe() allocates a memory chunk for hd with kzalloc() and makes "lcd->drvdata->hd44780" point to it. When we call hd44780_remove(), we
- CVE-2022-50829Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() It is possible that skb is freed in ath9k_htc_rx_msg(), then usb_submit_urb() fails and we try to free skb again. It causes use-after-free b
- CVE-2022-50828Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy` "BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68" Linux-ATF interface is using 16 bytes of SMC payload. In case clock name is longer than 15 bytes, string
- CVE-2022-50827Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix memory leak in lpfc_create_port() Commit 5e633302ace1 ("scsi: lpfc: vmid: Add support for VMID in mailbox command") introduced allocations for the VMID resources in lpfc_create_port() after the
- CVE-2022-50826Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection() Calling v4l2_subdev_get_try_crop() and v4l2_subdev_get_try_compose() with a subdev state of NULL leads to a NULL pointer dereference. This
- CVE-2022-50824Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak In check_acpi_tpm2(), we get the TPM2 table just to make sure the table is there, not used after the init, so the acpi_put_table() should be adde
- CVE-2022-50823Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra114_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put()
- CVE-2022-50822Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memory leak as the task struct won't be released.
- CVE-2022-50821Dec 30, 2025affected < 1-150400.9.7.1fixed 1-150400.9.7.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
Page 6 of 20