VYPR

rpm package

suse/kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP3-LTSS

pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Vulnerabilities (1,483)

  • CVE-2022-50459Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. isc

  • CVE-2022-50458Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put()

  • CVE-2022-50454Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() nouveau_bo_init() is backed by ttm_bo_init() and ferries its return code back to the caller. On failures, ttm will call nouveau_bo_del_tt

  • CVE-2021-4460Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If get_num_sdma_queues or get_num_xgmi_sdma_queues is 0, we end up doing a shift operation where the number of bits shifted equals number of bits in the operand

  • CVE-2023-53464Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad ("scsi: iscsi: iscsi_tcp: Fix null-ptr-

  • CVE-2022-50444Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: clk: tegra20: Fix refcount leak in tegra20_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put()

  • CVE-2022-50440Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimens

  • CVE-2022-50437Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight b

  • CVE-2022-50435Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid crash when inline data creation follows DIO write When inode is created and written to using direct IO, there is nothing to clear the EXT4_STATE_MAY_INLINE_DATA flag. Thus when inode gets truncated

  • CVE-2022-50432Oct 1, 2025
    affected < 5.3.18-150300.59.226.2fixed 5.3.18-150300.59.226.2

    In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in __kernfs_remove Syzkaller managed to trigger concurrent calls to kernfs_remove_by_name_ns() for the same file resulting in a KASAN detected use-after-free. The race occurs when the

  • CVE-2022-50431Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() dev_set_name() in soundbus_add_one() allocates memory for name, it need be freed when of_device_register() fails, call soundbus_dev_put() to give

  • CVE-2022-50427Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() If device_register() fails in snd_ac97_dev_register(), it should call put_device() to give up reference, or the name allocated in dev_set_name() i

  • CVE-2022-50423Oct 1, 2025
    affected < 5.3.18-150300.59.226.2fixed 5.3.18-150300.59.226.2

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() There is an use-after-free reported by KASAN: BUG: KASAN: use-after-free in acpi_ut_remove_reference+0x3b/0x82 Read of size 1 at addr ffff8

  • CVE-2022-50422Oct 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() When executing SMP task failed, the smp_execute_task_sg() calls del_timer() to delete "slow_task->timer". However, if the timer handler sas_task_int

  • CVE-2023-53438Sep 18, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch (IF) units on current AMD Zen-based systems do not guarantee a synchronous #MC is delivered for poison consumption errors. Ther

  • CVE-2022-50419Sep 18, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times device_add shall not be called multiple times as stated in its documentation: 'Do not call this routine or device_register() more than on

  • CVE-2022-50414Sep 18, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails fcoe_init() calls fcoe_transport_attach(&fcoe_sw_transport), but when fcoe_if_init() fails, &fcoe_sw_transport is not detached and leaves freed

  • CVE-2022-50412Sep 18, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cec_unregister_adapter() assumes that the underlying adapter ops are callable. For example, if the CEC adapter currently has a valid physical ad

  • CVE-2022-50410Sep 18, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single arr

  • CVE-2022-50409Sep 18, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory Fixes the below NULL pointer dereference: [...] [ 14.471200] Call Trace: [ 14.471562] [ 14.471882] lock_acquire+0x

Page 3 of 75