VYPR

rpm package

suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.2

pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Vulnerabilities (1,678)

  • CVE-2025-68285Dec 16, 2025
    affected < 5.3.18-150300.238.1fixed 5.3.18-150300.238.1

    In the Linux kernel, the following vulnerability has been resolved: libceph: fix potential use-after-free in have_mon_and_osd_map() The wait loop in __ceph_open_session() can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both

  • CVE-2025-40331Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump() make sure not to exceed bounds in case the address l

  • CVE-2023-53827Dec 9, 2025
    affected < 5.3.18-150300.238.1fixed 5.3.18-150300.238.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Similar to commit d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"), just use l2cap_chan_hold_unless_zero to preve

  • CVE-2022-50678Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when enabling SCAN log level The variable i is changed when setting random MAC address and causes invalid address access when printing the value of pi->reqs[i]->reqid.

  • CVE-2022-50671Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix "kernel NULL pointer dereference" error When rxe_queue_init in the function rxe_qp_init_req fails, both qp->req.task.func and qp->req.task.arg are not initialized. Because of creation of qp fails

  • CVE-2022-50668Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4_xattr_block_set() where we constantly keep finding xattr block for reuse in mbca

  • CVE-2023-53794Dec 9, 2025
    affected < 5.3.18-150300.238.1fixed 5.3.18-150300.238.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2_reconnect_server(), because it will be released soon. Note that the exiting session will stay in s

  • CVE-2023-53781Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in tcp_write_timer_handler(). With Eric's ref tracker, syzbot finally found a repro for use-after-free in tcp_write_timer_handler() by kernel TCP sockets. [0] If SMC creates a kernel so

  • CVE-2022-50649Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type() ADP5061_CHG_STATUS_1_CHG_STATUS is masked with 0x07, which means a length of 8, but adp5061_chg_type array size is 4, may end up reading

  • CVE-2022-50646Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: Fix possible memory leak in hpsa_init_one() The hpda_alloc_ctlr_info() allocates h and its field reply_map. However, in hpsa_init_one(), if alloc_percpu() failed, the hpsa_init_one() jumps to clean1

  • CVE-2022-50644Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe pm_runtime_get_sync() will increment pm usage counter. Forgetting to putting operation will result in reference leak. Add missing pm_runtime_put_sy

  • CVE-2022-50641Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: HSI: omap_ssi: Fix refcount leak in ssi_probe When returning or breaking early from a for_each_available_child_of_node() loop, we need to explicitly call of_node_put() on the child node to possibly release the

  • CVE-2022-50640Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fix kernel panic when remove non-standard SDIO card SDIO tuple is only allocated for standard SDIO card, especially it causes memory corruption issues when the non-standard SDIO card has removed, whi

  • CVE-2022-50635Dec 9, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() I found a null pointer reference in arch_prepare_kprobe(): # echo 'p cmdline_proc_show' > kprobe_events # echo 'p cmdline_proc_show+16'

  • CVE-2023-53761Dec 8, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a user submits an ioctl for a 0-length control transfer, the driver does not check tha

  • CVE-2022-50630Dec 8, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlb_handle_userfault The vma_lock and hugetlb_fault_mutex are dropped before handling userfault and reacquire them again after handle_userfault(), but reacquire the vma_lock could le

  • CVE-2022-50623Dec 8, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() The "hdr.count * sizeof(s32)" multiplication can overflow on 32 bit systems leading to memory corruption. Use array_size() to fix that.

  • CVE-2025-40280Dec 6, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_mon_reinit_self(). syzbot reported use-after-free of tipc_net(net)->monitors[] in tipc_mon_reinit_self(). [0] The array is protected by RTNL, but tipc_mon_reinit_self() iterate

  • CVE-2025-40277Dec 6, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds acc

  • CVE-2025-40256Dec 4, 2025
    affected < 5.3.18-150300.232.1fixed 5.3.18-150300.232.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added In commit b441cf3f8c4b ("xfrm: delete x->tunnel as we delete x"), I missed the case where state creation fails between f

Page 4 of 84