VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS

Vulnerabilities (1,350)

  • CVE-2022-49402Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash direct_functions on register failures We see the following GPF when register_ftrace_direct fails: [ ] general protection fault, probably for non-canonical address \ 0x200000000000010: 0

  • CVE-2022-49399Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Use tty_port_destroy() to destroy port In goldfish_tty_probe(), the port initialized through tty_port_init() should be destroyed in error paths.In goldfish_tty_remove(), qtty->port also should be

  • CVE-2022-49398Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback The list_for_each_entry_safe() macro saves the current item (n) and the item after (n+1), so that n can be safely removed without corrupti

  • CVE-2022-49397Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error (e.g. probe deferral).

  • CVE-2022-49396Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error (e.g. probe deferral). Note that due to the reset controller being defined

  • CVE-2022-49394Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. As this tracking can be expensive, it is disabled when no cgroup has iolatenc

  • CVE-2022-49389Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stub_probe() usb_get_dev() is called in stub_device_alloc(). When stub_probe() fails after that, usb_put_dev() needs to be called to release the reference. Fix this by moving

  • CVE-2022-49385Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driver_attach failed When driver_attach(drv); failed, the driver_private will be freed. But it has been added to the bus, which caused a UAF. To fix it, we need to delete it from the

  • CVE-2022-49382Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: soc: rockchip: Fix refcount leak in rockchip_grf_init of_find_matching_node_and_match returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to

  • CVE-2022-49376Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix potential NULL pointer dereference If sd_probe() sees an early error before sdkp->device is initialized, sd_zbc_release_disk() is called. This causes a NULL pointer dereference when sd_is_zoned()

  • CVE-2022-49375Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.

  • CVE-2022-49373Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() in some e

  • CVE-2022-49371Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in __device_attach In __device_attach function, The lock holding logic is as follows: ... __device_attach device_lock(dev) // get lock dev async_schedule_dev(__device_attach_asy

  • CVE-2022-49370Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add() If this function returns an error,

  • CVE-2022-49357Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: efi: Do not import certificates from UEFI Secure Boot for T2 Macs On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot certificates, a page fault occ

  • CVE-2022-49352Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4_handle_inode_extension We got issue as follows: EXT4-fs error (device loop0) in ext4_reserve_inode_write:5741: Out of memory EXT4-fs error (device loop0): ext4_setattr:5462: inode #13:

  • CVE-2022-49349Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4_rename_dir_prepare We got issue as follows: EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue ext4_get_first_dir_block: bh->b_data=0xffff88810bee6000 l

  • CVE-2022-49347Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in ext4_writepages we got issue as follows: EXT4-fs error (device loop0): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 25 vs 31513 free cls ------------[ c

  • CVE-2022-49343Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid cycles in directory h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. That can easily lead to the kernel corrupting tree nodes that were already v

  • CVE-2022-49335Feb 26, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. Submitting a cs with 0 chunks, causes an oops later, found trying to execute the wrong userspace driver. MESA_LOADER_DRIVER_OVERRIDE=v3d glxinfo [

Page 17 of 68