VYPR

rpm package

suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.2

pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Vulnerabilities (1,678)

  • CVE-2022-50099Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memset_io() In the function arkfb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value o

  • CVE-2022-50098Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts Ensure SRB is returned during I/O timeout error escalation. If that is not possible fail the escalation path. Following crash stack was seen

  • CVE-2022-50097Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memset_io() In the function s3fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of

  • CVE-2022-50094Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions trace_spmi_write_begin() and trace_spmi_read_end() both call memcpy() with a length of "len + 1". This leads to one extra byte being read be

  • CVE-2022-50093Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) KASAN reports: [ 4.668325][ T0] BUG: KASAN: wild-memory-access in dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/a

  • CVE-2022-50092Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dm_pool_register_metadata_threshold+0x40/0x80 Read of size

  • CVE-2022-50091Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: locking/csd_lock: Change csdlock_debug from early_param to __setup The csdlock_debug kernel-boot parameter is parsed by the early_param() function csdlock_debug(). If set, csdlock_debug() invokes static_branch

  • CVE-2022-50087Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it

  • CVE-2022-50085Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert-raid.sh. The reason for the warning is that mddev->raid_disks is greater than rs

  • CVE-2022-50084Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and running this testsuite: https://gitlab.com/cki-project/kernel-tests/-/tree/main/sto

  • CVE-2022-50072Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by t

  • CVE-2022-50067Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_t

  • CVE-2022-50065Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is new

  • CVE-2022-50061Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_

  • CVE-2022-50059Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snap_rwsem in handle_cap_grant When handle_cap_grant is called on an IMPORT op, then the snap_rwsem is held and the function is expected to release it before returning. It currently fails to do

  • CVE-2022-50051Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflo

  • CVE-2022-50045Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/pci: Fix get_phb_number() locking The recent change to get_phb_number() causes a DEBUG_ATOMIC_SLEEP warning on some systems: BUG: sleeping function called from invalid context at kernel/locking/mutex

  • CVE-2022-50038Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() In this function, there are two refcount leak bugs: (1) when breaking out of for_each_endpoint_of_node(), we need call the of_node_put() for

  • CVE-2022-50036Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: dsi: Prevent underflow when computing packet sizes Currently, the packet overhead is subtracted using unsigned arithmetic. With a short sync pulse, this could underflow and wrap around to near the ma

  • CVE-2022-50033Jun 18, 2025
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-ppc-of: Fix refcount leak bug In ohci_hcd_ppc_of_probe(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore.

Page 15 of 84