rpm package
suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE Linux Enterprise Live Patching 15 SP5
pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5
Vulnerabilities (472)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48968 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential memory leak in otx2_init_tc() In otx2_init_tc(), if rhashtable_init() failed, it does not free tc->tc_entries_bitmap which is allocated in otx2_tc_alloc_ent_bitmap(). | ||
| CVE-2022-48967 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfc_target arrays While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported: memcpy: detected field-spanning write (size 129) of single field "target->sensf_res" at net/nf | ||
| CVE-2022-48966 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevent out of bounds read in mvneta_config_rss() The pp->indir[0] value comes from the user. It is passed to: if (cpu_online(pp->rxq_def)) inside the mvneta_percpu_elect() function. It needs | ||
| CVE-2022-48962 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. | ||
| CVE-2022-48961 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdio_device_release() There is warning report about of_node refcount leak while probing mdio device: OF: ERROR: memory leak, expected refcount 1 instead of 2 | ||
| CVE-2022-48960 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free. | ||
| CVE-2022-48959 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() When dsa_devlink_region_create failed in sja1105_setup_devlink_regions(), priv->regions is not released. | ||
| CVE-2022-48958 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ethernet: aeroflex: fix potential skb leak in greth_init_rings() The greth_init_rings() function won't free the newly allocated skb when dma_mapping_error() returns error, so add dev_kfree_skb() to fix it. Com | ||
| CVE-2022-48957 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() The cmd_buff needs to be freed when error happened in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_re | ||
| CVE-2022-48956 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use | ||
| CVE-2022-48955 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: thunderbolt: fix memory leak in tbnet_open() When tb_ring_alloc_rx() failed in tbnet_open(), ida that allocated in tb_xdomain_alloc_out_hopid() is not released. Add tb_xdomain_release_out_hopid() to the er | ||
| CVE-2022-48954 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix use-after-free in hsci KASAN found that addr was dereferenced after br2dev_event_work was freed. ================================================================== BUG: KASAN: use-after-free in | ||
| CVE-2022-48953 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpi_install_fixed_event_handler() enables the event automatically on success, it is incorrect to call it before the handler routine passed to it | ||
| CVE-2022-48951 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values | ||
| CVE-2022-48949 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: igb: Initialize mailbox message for VF reset When a MAC address is not assigned to the VF, that portion of the message sent to the VF is not set. The memory, however, is allocated from the stack meaning that in | ||
| CVE-2022-48948 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Prevent buffer overflow in setup handler Setup function uvc_function_setup permits control transfer requests with up to 64 bytes of payload (UVC_MAX_REQUEST_SIZE), data stage handler for OUT t | ||
| CVE-2022-48947 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventually it will wrap around the maximum number (i.e., 255). This patch prevents this | ||
| CVE-2022-48946 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: Fix preallocation discarding at indirect extent boundary When preallocation extent is the first one in the extent block, the code would corrupt extent tree header instead. Fix the problem and use udf_delet | ||
| CVE-2024-50063 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tail call between progs attached to different hooks bpf progs can be attached to kernel functions, and the attached functions can take different parameters or return different return values. If pro | ||
| CVE-2024-50062 | — | < 1-150500.11.5.1 | 1-150500.11.5.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path establishment, RTRS client initiates and completes con_num of connections. After establishing all its connections, the information |
- CVE-2022-48968Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential memory leak in otx2_init_tc() In otx2_init_tc(), if rhashtable_init() failed, it does not free tc->tc_entries_bitmap which is allocated in otx2_tc_alloc_ent_bitmap().
- CVE-2022-48967Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfc_target arrays While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported: memcpy: detected field-spanning write (size 129) of single field "target->sensf_res" at net/nf
- CVE-2022-48966Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevent out of bounds read in mvneta_config_rss() The pp->indir[0] value comes from the user. It is passed to: if (cpu_online(pp->rxq_def)) inside the mvneta_percpu_elect() function. It needs
- CVE-2022-48962Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.
- CVE-2022-48961Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdio_device_release() There is warning report about of_node refcount leak while probing mdio device: OF: ERROR: memory leak, expected refcount 1 instead of 2
- CVE-2022-48960Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is delivered to napi_gro_receive() which may free it, after calling this, dereferencing skb may trigger use-after-free.
- CVE-2022-48959Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() When dsa_devlink_region_create failed in sja1105_setup_devlink_regions(), priv->regions is not released.
- CVE-2022-48958Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: ethernet: aeroflex: fix potential skb leak in greth_init_rings() The greth_init_rings() function won't free the newly allocated skb when dma_mapping_error() returns error, so add dev_kfree_skb() to fix it. Com
- CVE-2022-48957Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() The cmd_buff needs to be freed when error happened in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_re
- CVE-2022-48956Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use
- CVE-2022-48955Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: net: thunderbolt: fix memory leak in tbnet_open() When tb_ring_alloc_rx() failed in tbnet_open(), ida that allocated in tb_xdomain_alloc_out_hopid() is not released. Add tb_xdomain_release_out_hopid() to the er
- CVE-2022-48954Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix use-after-free in hsci KASAN found that addr was dereferenced after br2dev_event_work was freed. ================================================================== BUG: KASAN: use-after-free in
- CVE-2022-48953Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpi_install_fixed_event_handler() enables the event automatically on success, it is incorrect to call it before the handler routine passed to it
- CVE-2022-48951Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values
- CVE-2022-48949Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: igb: Initialize mailbox message for VF reset When a MAC address is not assigned to the VF, that portion of the message sent to the VF is not set. The memory, however, is allocated from the stack meaning that in
- CVE-2022-48948Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Prevent buffer overflow in setup handler Setup function uvc_function_setup permits control transfer requests with up to 64 bytes of payload (UVC_MAX_REQUEST_SIZE), data stage handler for OUT t
- CVE-2022-48947Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAP_CONF_REQ packets, chan->num_conf_rsp increases multiple times and eventually it will wrap around the maximum number (i.e., 255). This patch prevents this
- CVE-2022-48946Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: udf: Fix preallocation discarding at indirect extent boundary When preallocation extent is the first one in the extent block, the code would corrupt extent tree header instead. Fix the problem and use udf_delet
- CVE-2024-50063Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tail call between progs attached to different hooks bpf progs can be attached to kernel functions, and the attached functions can take different parameters or return different return values. If pro
- CVE-2024-50062Oct 21, 2024affected < 1-150500.11.5.1fixed 1-150500.11.5.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path establishment, RTRS client initiates and completes con_num of connections. After establishing all its connections, the information
Page 11 of 24