VYPR

rpm package

suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.2

pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Vulnerabilities (1,678)

  • CVE-2022-49153Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: wireguard: socket: free skb in send6 when ipv6 is disabled I got a memory leak report: unreferenced object 0xffff8881191fc040 (size 232): comm "kworker/u17:0", pid 23193, jiffies 4295238848 (age 3464.870s)

  • CVE-2022-49151Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: properly check endpoint type Syzbot reported warning in usb_submit_urb() which is caused by wrong endpoint type. We should check that in endpoint is actually present to prevent this warning. Fou

  • CVE-2022-49145Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data If the NumEntries field in the _CPC return package is less than 2, do not attempt to access the "Revision" element of that package, because it may n

  • CVE-2022-49139Feb 26, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt This event is just specified for SCO and eSCO link types. On the reception of a HCI_Synchronous_Connection_Complete for a BDADDR of an existing LE con

  • CVE-2022-49137Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj This issue takes place in an error path in amdgpu_cs_fence_to_handle_ioctl(). When `info->in.what` falls into default case, the function simply ret

  • CVE-2022-49122Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to u

  • CVE-2022-49114Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fc_exch_abts_resp() fc_exch_release(ep) will decrease the ep's reference count. When the reference count reaches zero, it is freed. But ep is still used in the following code,

  • CVE-2022-49111Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hci_send_acl This fixes the following trace caused by receiving HCI_EV_DISCONN_PHY_LINK_COMPLETE which does call hci_conn_del without first checking if conn->type is in fact AMP

  • CVE-2022-49110Feb 26, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning as of commit 4608fdfc07e1 ("netfilter: conntrack: collect all entries in one cycle") conntrack gc was changed to run every 2 minutes. On systems where conntrack hash

  • CVE-2022-49100Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an init

  • CVE-2022-49098Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as modul

  • CVE-2022-49095Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() The error handling path of the probe releases a resource that is not freed in the remove function. In some cases, a ioremap() must be undone. Add th

  • CVE-2022-49091Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: drm/imx: Fix memory leak in imx_pd_connector_get_modes Avoid leaking the display mode variable if of_get_drm_display_mode fails. Addresses-Coverity-ID: 1443943 ("Resource leak")

  • CVE-2022-49085Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in get_initial_state In get_initial_state, it calls notify_initial_state_done(skb,..) if cb->args[5]==1. If genlmsg_put() failed in notify_initial_state_done(), the skb will b

  • CVE-2022-49083Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix regression in probe for NULL pointer dereference Commit 3f6634d997db ("iommu: Use right way to retrieve iommu_ops") started triggering a NULL pointer dereference for some omap variants: __iommu

  • CVE-2022-49082Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() The function mpt3sas_transport_port_remove() called in _scsih_expander_node_remove() frees the port field of the sas_expander structure, leadin

  • CVE-2022-49080Feb 26, 2025
    affected < 5.3.18-150300.202.1fixed 5.3.18-150300.202.1

    In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized

  • CVE-2022-49078Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corn

  • CVE-2022-49076Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix use-after-free bug for mm struct Under certain conditions, such as MPI_Abort, the hfi1 cleanup code may represent the last reference held on the task mm. hfi1_mmu_rb_unregister() then drops the l

  • CVE-2022-49073Feb 26, 2025
    affected < 5.3.18-150300.205.1fixed 5.3.18-150300.205.1

    In the Linux kernel, the following vulnerability has been resolved: ata: sata_dwc_460ex: Fix crash due to OOB write the driver uses libata's "tag" values from in various arrays. Since the mentioned patch bumped the ATA_TAG_INTERNAL to 32, the value of the SATA_DWC_QCMD_MAX need

Page 32 of 84