rpm package
suse/kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS
Vulnerabilities (2,843)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49478 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then | ||
| CVE-2022-49477 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in aries_audio_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. If extcon_find_edev_by_node() fails, it do | ||
| CVE-2022-49475 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. | ||
| CVE-2022-49474 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout Connecting the same socket twice consecutively in sco_sock_connect() could lead to a race condition where two sco_conn objects are created | ||
| CVE-2022-49473 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_node_pu | ||
| CVE-2022-49472 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the phy_driver structure and the .driver_data is not, a NULL pointer dereference happens. Allow passing .prob | ||
| CVE-2022-49468 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal/core: Fix memory leak in __thermal_cooling_device_register() I got memory leak as follows when doing fault injection test: unreferenced object 0xffff888010080000 (size 264312): comm "182", pid 102533 | ||
| CVE-2022-49467 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() drm_gem_object_lookup will call drm_gem_object_get inside. So cursor_bo needs to be put when msm_gem_get_and_pin_iova fails. | ||
| CVE-2022-49466 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: scmi: Fix refcount leak in scmi_regulator_probe of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoi | ||
| CVE-2022-49465 | — | < 5.14.21-150400.24.161.1 | 5.14.21-150400.24.161.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s | ||
| CVE-2022-49463 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_nod | ||
| CVE-2022-49462 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. a6xx_gmu_init() passes the node to | ||
| CVE-2022-49460 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFI device: [ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2 | ||
| CVE-2022-49459 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe platform_get_resource() may return NULL, add proper check to avoid potential NULL dereferencing. | ||
| CVE-2022-49455 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxl_file_register_afu info_release() will be called in device_unregister() when info->dev's reference count is 0. So there is no need to call ocxl_afu_put() and kfree() | ||
| CVE-2022-49453 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc The allocation funciton devm_kcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better | ||
| CVE-2022-49451 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is curre | ||
| CVE-2022-49449 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resou | ||
| CVE-2022-49448 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: bcm: Check for NULL return of devm_kzalloc() As the potential failure of allocation, devm_kzalloc() may return NULL. Then the 'pd->pmb' and the follow lines of code may bring null pointer dereference. Th | ||
| CVE-2022-49447 | — | < 5.14.21-150400.24.158.1 | 5.14.21-150400.24.158.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ARM: hisi: Add missing of_node_put after of_find_compatible_node of_find_compatible_node will increment the refcount of the returned device_node. Calling of_node_put() to avoid the refcount leak |
- CVE-2022-49478Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then
- CVE-2022-49477Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in aries_audio_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. If extcon_find_edev_by_node() fails, it do
- CVE-2022-49475Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value.
- CVE-2022-49474Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout Connecting the same socket twice consecutively in sco_sock_connect() could lead to a race condition where two sco_conn objects are created
- CVE-2022-49473Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_node_pu
- CVE-2022-49472Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the phy_driver structure and the .driver_data is not, a NULL pointer dereference happens. Allow passing .prob
- CVE-2022-49468Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: thermal/core: Fix memory leak in __thermal_cooling_device_register() I got memory leak as follows when doing fault injection test: unreferenced object 0xffff888010080000 (size 264312): comm "182", pid 102533
- CVE-2022-49467Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() drm_gem_object_lookup will call drm_gem_object_get inside. So cursor_bo needs to be put when msm_gem_get_and_pin_iova fails.
- CVE-2022-49466Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: regulator: scmi: Fix refcount leak in scmi_regulator_probe of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoi
- CVE-2022-49465Feb 26, 2025affected < 5.14.21-150400.24.161.1fixed 5.14.21-150400.24.161.1
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s
- CVE-2022-49463Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_nod
- CVE-2022-49462Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. a6xx_gmu_init() passes the node to
- CVE-2022-49460Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFI device: [ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2
- CVE-2022-49459Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe platform_get_resource() may return NULL, add proper check to avoid potential NULL dereferencing.
- CVE-2022-49455Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxl_file_register_afu info_release() will be called in device_unregister() when info->dev's reference count is 0. So there is no need to call ocxl_afu_put() and kfree()
- CVE-2022-49453Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc The allocation funciton devm_kcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better
- CVE-2022-49451Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is curre
- CVE-2022-49449Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resou
- CVE-2022-49448Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: soc: bcm: Check for NULL return of devm_kzalloc() As the potential failure of allocation, devm_kzalloc() may return NULL. Then the 'pd->pmb' and the follow lines of code may bring null pointer dereference. Th
- CVE-2022-49447Feb 26, 2025affected < 5.14.21-150400.24.158.1fixed 5.14.21-150400.24.158.1
In the Linux kernel, the following vulnerability has been resolved: ARM: hisi: Add missing of_node_put after of_find_compatible_node of_find_compatible_node will increment the refcount of the returned device_node. Calling of_node_put() to avoid the refcount leak
Page 74 of 143