VYPR

rpm package

suse/kernel-livepatch-SLE15-SP5_Update_28&distro=SUSE Linux Enterprise Live Patching 15 SP5

pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_28&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5

Vulnerabilities (281)

  • CVE-2022-50010Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740_calc_vclk() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug. If the

  • CVE-2022-50008Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call disarm_kprobe() for disabled kprobes The assumption in __disable_kprobe() is wrong, and it could try to disarm an already disarmed kprobe and fire the WARN_ONCE() below. [0] We can easily r

  • CVE-2022-50006Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with __nfs42_ssc_open A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If alloc_file_pseudo() has failed, we need to

  • CVE-2022-50005Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout When the pn532 uart device is detaching, the pn532_uart_remove() is called. But there are no functions in pn532_uart_remove() that could delete th

  • CVE-2022-50003Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z Above refers to a case where user would like to attach XSK socket in txonly

  • CVE-2022-50002Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: LAG, fix logic over MLX5_LAG_FLAG_NDEVS_READY Only set MLX5_LAG_FLAG_NDEVS_READY if both netdevices are registered. Doing so guarantees that both ldev->pf[MLX5_LAG_P0].dev and ldev->pf[MLX5_LAG_P1].de

  • CVE-2022-49999Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix space cache corruption and potential double allocations When testing space_cache v2 on a large set of machines, we encountered a few symptoms: 1. "unable to add free space :-17" (EEXIST) errors. 2.

  • CVE-2022-49995Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: writeback: avoid use-after-free after removing device When a disk is removed, bdi_unregister gets called to stop further writeback and wait for associated delayed work to complete. However, wb_inode_writeback_

  • CVE-2022-49993Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loop_config is passed (see lo_ioctl()'s case on line 1550 of drivers/block

  • CVE-2022-49990Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: s390: fix double free of GS and RI CBs on fork() failure The pointers for guarded storage and runtime instrumentation control blocks are stored in the thread_struct of the associated task. These pointers are in

  • CVE-2022-49989Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix error exit of privcmd_ioctl_dm_op() The error exit of privcmd_ioctl_dm_op() is calling unlock_pages() potentially with pages being NULL, leading to a NULL dereference. Additionally lock_pages(

  • CVE-2022-49987Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: md: call __md_stop_writes in md_stop From the link [1], we can see raid1d was running even after the path raid_dtr -> md_stop -> __md_stop. Let's stop write first in destructor to align with normal md-raid to

  • CVE-2022-49986Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq storvsc_error_wq workqueue should not be marked as WQ_MEM_RECLAIM as it doesn't need to make forward progress under memory pressure. Marking this work

  • CVE-2022-49985Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnum_range on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-

  • CVE-2022-49984Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report It is possible for a malicious device to forgo submitting a Feature Report. The HID Steam driver presently makes no prevision for this a

  • CVE-2022-49983Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device (v2) If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here:

  • CVE-2022-49982Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix memory leak in pvr_probe The error handling code in pvr2_hdw_create forgets to unregister the v4l2 device. When pvr2_hdw_create returns back to pvr2_context_create, it calls pvr2_context_des

  • CVE-2022-49981Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix memory leak in hidraw_release() Free the buffered reports before deleting the list entry. BUG: memory leak unreferenced object 0xffff88810e72f180 (size 32): comm "softirq", pid 0, jiffies 42

  • CVE-2022-49980Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usb_udc_uevent() The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug: --------------------------

  • CVE-2022-49978Jun 18, 2025
    affected < 1-150500.11.3.1fixed 1-150500.11.3.1

    In the Linux kernel, the following vulnerability has been resolved: fbdev: fb_pm2fb: Avoid potential divide by zero error In `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be copied from user, then go through `fb_set_var()` and `info->fbops->fb_check_var()`

Page 10 of 15