VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_21&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (472)

  • CVE-2022-49021Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe() failed I got a null-ptr-deref report as following when doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 Oops: 0000 [#1] PRE

  • CVE-2022-49020Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix a potential socket leak in p9_socket_open Both p9_fd_create_tcp() and p9_fd_create_unix() will call p9_socket_open(). If the creation of p9_trans_fd fails, p9_fd_create_tcp() and p9_fd_create_unix()

  • CVE-2022-49019Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: nixge: fix NULL dereference In function nixge_hw_dma_bd_release() dereference of NULL pointer priv->rx_bd_v is possible for the case of its allocation failure in nixge_hw_dma_bd_init(). Move for

  • CVE-2022-49017Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: tipc: re-fetch skb cb after tipc_msg_validate As the call trace shows, the original skb was freed in tipc_msg_validate(), and dereferencing the old skb cb would cause an use-after-free crash. BUG: KASAN: use

  • CVE-2022-49016Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: mdiobus: fix unbalanced node reference count I got the following report while doing device(mscc-miim) load test with CONFIG_OF_UNITTEST and CONFIG_OF_DYNAMIC enabled: OF: ERROR: memory leak, expected re

  • CVE-2022-49015Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to netif_rx() which may free it, after calling this, dereferencing skb may trigger use-after-free.

  • CVE-2022-49014Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported use-after-free in tun_detach() [1]. This causes call trace like below: ================================================================== BUG: KASA

  • CVE-2022-49012Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: afs: Fix server->active leak in afs_put_server The atomic_read was accidentally replaced with atomic_inc_return, which prevents the server from getting cleaned up and causes rmmod to hang with a warning: C

  • CVE-2022-49011Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decremen

  • CVE-2022-49010Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Check for null before removing sysfs attrs If coretemp_add_core() gets an error then pdata->core_data[indx] is already NULL and has been kfreed. Don't pass that to sysfs_remove_group() as that

  • CVE-2022-49007Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() Syzbot reported a null-ptr-deref bug: NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds

  • CVE-2022-49006Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" field of the event then uses the first type number that is available (not currently

  • CVE-2022-49005Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Fix bounds check for _sx controls For _sx controls the semantics of the max field is not the usual one, max is the number of steps rather than the maximum value. This means that our check in snd_soc_

  • CVE-2022-49003Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvme_ns_head list Walking the nvme_ns_head siblings list is protected by the head's srcu in nvme_ns_head_submit_bio() but not nvme_mpath_revalidate_paths(). Removing namespaces from

  • CVE-2022-49002Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the re

  • CVE-2022-49000Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in has_external_pci() for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the retur

  • CVE-2022-48999Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference Gwangun Jung reported a slab-out-of-bounds access in fib_nh_match: fib_nh_match+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fib_

  • CVE-2022-48997Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpm_pm_suspend with locks Currently tpm transactions are executed unconditionally in tpm_pm_suspend() function, which may lead to races with other tpm accessors in the system. Specifically,

  • CVE-2022-48995Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send() There is a kmemleak when test the raydium_i2c_ts with bpf mock device: unreferenced object 0xffff88812d3675a0 (size 8): comm "python3", pid 3

  • CVE-2022-48994Oct 21, 2024
    affected < 1-150500.11.5.1fixed 1-150500.11.5.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function poin

Page 9 of 24