rpm package
suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (1,678)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49446 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, device_prepare(), operations, and device_shutdown() operations for 'nd_r | ||
| CVE-2022-49442 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fix compaction sysfs file leak Compaction sysfs file is created via compaction_register_node in register_node. But we forgot to remove it in unregister_node. Thus compaction sysfs file is | ||
| CVE-2022-49441 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: fix deadlock caused by calling printk() under tty_port->lock pty_write() invokes kmalloc() which may invoke a normal printk() to print failure message. This can cause a deadlock in the scenario reported b | ||
| CVE-2022-49438 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbc_beep_probe of_find_node_by_path() calls of_find_node_opts_by_path(), which returns a node pointer with refcount incremented, we should use of_node_put() on it when do | ||
| CVE-2022-49437 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_spapr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid ref | ||
| CVE-2022-49422 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix the error handling path in idxd_cdev_register() If a call to alloc_chrdev_region() fails, the already allocated resources are leaking. Add the needed error handling path to fix the leak. | ||
| CVE-2022-49421 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node | ||
| CVE-2022-49416 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211_vif_use_reserved_context(), when we have an old context and the new context's replace_state is set to IEEE80211_CHANCTX_REPLACE_NONE, we free the | ||
| CVE-2022-49414 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4_write and ext4_convert_inline_data Hulk Robot reported a BUG_ON: ================================================================== EXT4-fs error (device loop3): ext4_mb_ | ||
| CVE-2022-49413 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different cgroup (or in case of writeback just starts submitting bios associated with a different cgroup) bfq_merge_bio() can | ||
| CVE-2022-49411 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgroup that was already offlined. This may then cause insertion of this bfq_group into | ||
| CVE-2022-49410 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential double free in create_var_ref() In create_var_ref(), init_var_ref() is called to initialize the fields of variable ref_field, which is allocated in the previous function call to create_hi | ||
| CVE-2022-49409 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/extents_status.c:199! [...] RIP: 0010:ext4_es_end fs/e | ||
| CVE-2022-49404 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. This is because the conversion is done | ||
| CVE-2022-49402 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash direct_functions on register failures We see the following GPF when register_ftrace_direct fails: [ ] general protection fault, probably for non-canonical address \ 0x200000000000010: 0 | ||
| CVE-2022-49399 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Use tty_port_destroy() to destroy port In goldfish_tty_probe(), the port initialized through tty_port_init() should be destroyed in error paths.In goldfish_tty_remove(), qtty->port also should be | ||
| CVE-2022-49398 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback The list_for_each_entry_safe() macro saves the current item (n) and the item after (n+1), so that n can be safely removed without corrupti | ||
| CVE-2022-49397 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error (e.g. probe deferral). | ||
| CVE-2022-49396 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error (e.g. probe deferral). Note that due to the reset controller being defined | ||
| CVE-2022-49394 | — | < 5.3.18-150300.205.1 | 5.3.18-150300.205.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. As this tracking can be expensive, it is disabled when no cgroup has iolatenc |
- CVE-2022-49446Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, device_prepare(), operations, and device_shutdown() operations for 'nd_r
- CVE-2022-49442Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fix compaction sysfs file leak Compaction sysfs file is created via compaction_register_node in register_node. But we forgot to remove it in unregister_node. Thus compaction sysfs file is
- CVE-2022-49441Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: tty: fix deadlock caused by calling printk() under tty_port->lock pty_write() invokes kmalloc() which may invoke a normal printk() to print failure message. This can cause a deadlock in the scenario reported b
- CVE-2022-49438Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbc_beep_probe of_find_node_by_path() calls of_find_node_opts_by_path(), which returns a node pointer with refcount incremented, we should use of_node_put() on it when do
- CVE-2022-49437Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_spapr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid ref
- CVE-2022-49422Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix the error handling path in idxd_cdev_register() If a call to alloc_chrdev_region() fails, the already allocated resources are leaking. Add the needed error handling path to fix the leak.
- CVE-2022-49421Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node
- CVE-2022-49416Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211_vif_use_reserved_context(), when we have an old context and the new context's replace_state is set to IEEE80211_CHANCTX_REPLACE_NONE, we free the
- CVE-2022-49414Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4_write and ext4_convert_inline_data Hulk Robot reported a BUG_ON: ================================================================== EXT4-fs error (device loop3): ext4_mb_
- CVE-2022-49413Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different cgroup (or in case of writeback just starts submitting bios associated with a different cgroup) bfq_merge_bio() can
- CVE-2022-49411Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgroup that was already offlined. This may then cause insertion of this bfq_group into
- CVE-2022-49410Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential double free in create_var_ref() In create_var_ref(), init_var_ref() is called to initialize the fields of variable ref_field, which is allocated in the previous function call to create_hi
- CVE-2022-49409Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/extents_status.c:199! [...] RIP: 0010:ext4_es_end fs/e
- CVE-2022-49404Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. This is because the conversion is done
- CVE-2022-49402Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash direct_functions on register failures We see the following GPF when register_ftrace_direct fails: [ ] general protection fault, probably for non-canonical address \ 0x200000000000010: 0
- CVE-2022-49399Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Use tty_port_destroy() to destroy port In goldfish_tty_probe(), the port initialized through tty_port_init() should be destroyed in error paths.In goldfish_tty_remove(), qtty->port also should be
- CVE-2022-49398Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback The list_for_each_entry_safe() macro saves the current item (n) and the item after (n+1), so that n can be safely removed without corrupti
- CVE-2022-49397Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error (e.g. probe deferral).
- CVE-2022-49396Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error (e.g. probe deferral). Note that due to the reset controller being defined
- CVE-2022-49394Feb 26, 2025affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1
In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. As this tracking can be expensive, it is disabled when no cgroup has iolatenc
Page 27 of 84