rpm package
suse/kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Vulnerabilities (2,318)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49494 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resou | |
| CVE-2022-49493 | Hig | 7.8 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645_i2c_remove() first cancel the &rt5645->jack_detect_work and delete the &rt5645->btn_check_tim | |
| CVE-2022-49492 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which | |
| CVE-2022-49491 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() It will cause null-ptr-deref in resource_size(), if platform_get_resource() returns NULL, move calling resource_size() after devm_ioremap_resource() | |
| CVE-2022-49490 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected mdp5_get_global_state runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5_pipe_release doesn't | |
| CVE-2022-49489 | Hig | 7.8 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpu_vbif_init | |
| CVE-2022-49488 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected There is a possibility for mdp5_get_global_state to return -EDEADLK when acquiring the modeset lock, but currently global_state in | |
| CVE-2022-49487 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() tha | |
| CVE-2022-49486 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak. | |
| CVE-2022-49485 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix null pointer dereference of pointer perfmon In the unlikely event that pointer perfmon is null the WARN_ON return path occurs after the pointer has already been deferenced. Fix this by only derefer | |
| CVE-2022-49484 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector Fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector routine if the chip does not support dbdc and the hw reports b | |
| CVE-2022-49483 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: avoid clearing hw interrupts if hw_intr is null during drm uninit If edp modeset init is failed due to panel being not ready and probe defers during drm bind, avoid clearing irqs and derefere | |
| CVE-2022-49482 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. | |
| CVE-2022-49481 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt of_node_get() returns a node with refcount incremented. Calling of_node_put() to drop the reference when not needed anymore. | |
| CVE-2022-49480 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe of_find_device_by_node() takes reference, we should use put_device() to release it. when devm_kzalloc() fails, it doesn't have a put_device(), it will cause r | |
| CVE-2022-49479 | Hig | 7.8 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mt76: fix tx status related use-after-free race on station removal There is a small race window where ongoing tx activity can lead to a skb getting added to the status tracking idr after that idr has already be | |
| CVE-2022-49478 | Hig | 7.8 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then | |
| CVE-2022-49477 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in aries_audio_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. If extcon_find_edev_by_node() fails, it do | |
| CVE-2022-49476 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash at mt7921_pci_remove The crash log shown it is possible that mt7921_irq_handler is called while devm_free_irq is being handled so mt76_free_device need to be postponed until devm_ | |
| CVE-2022-49475 | Med | 5.5 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. |
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resou
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645_i2c_remove() first cancel the &rt5645->jack_detect_work and delete the &rt5645->btn_check_tim
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() It will cause null-ptr-deref in resource_size(), if platform_get_resource() returns NULL, move calling resource_size() after devm_ioremap_resource()
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected mdp5_get_global_state runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5_pipe_release doesn't
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpu_vbif_init
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected There is a possibility for mdp5_get_global_state to return -EDEADLK when acquiring the modeset lock, but currently global_state in
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: intel: fix possible null-ptr-deref in ebu_nand_probe() It will cause null-ptr-deref when using 'res', if platform_get_resource() returns NULL, so move using 'res' after devm_ioremap_resource() tha
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak.
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix null pointer dereference of pointer perfmon In the unlikely event that pointer perfmon is null the WARN_ON return path occurs after the pointer has already been deferenced. Fix this by only derefer
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector Fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector routine if the chip does not support dbdc and the hw reports b
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: avoid clearing hw interrupts if hw_intr is null during drm uninit If edp modeset init is failed due to panel being not ready and probe defers during drm bind, avoid clearing irqs and derefere
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done.
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt of_node_get() returns a node with refcount incremented. Calling of_node_put() to drop the reference when not needed anymore.
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe of_find_device_by_node() takes reference, we should use put_device() to release it. when devm_kzalloc() fails, it doesn't have a put_device(), it will cause r
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: mt76: fix tx status related use-after-free race on station removal There is a small race window where ongoing tx activity can lead to a skb getting added to the status tracking idr after that idr has already be
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in aries_audio_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. If extcon_find_edev_by_node() fails, it do
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash at mt7921_pci_remove The crash log shown it is possible that mt7921_irq_handler is called while devm_free_irq is being handled so mt76_free_device need to be postponed until devm_
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value.
Page 85 of 116