VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Vulnerabilities (1,794)

  • CVE-2022-50098Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts Ensure SRB is returned during I/O timeout error escalation. If that is not possible fail the escalation path. Following crash stack was seen

  • CVE-2022-50097Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memset_io() In the function s3fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of

  • CVE-2022-50094Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions trace_spmi_write_begin() and trace_spmi_read_end() both call memcpy() with a length of "len + 1". This leads to one extra byte being read be

  • CVE-2022-50093Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) KASAN reports: [ 4.668325][ T0] BUG: KASAN: wild-memory-access in dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/a

  • CVE-2022-50092Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dm_pool_register_metadata_threshold+0x40/0x80 Read of size

  • CVE-2022-50091Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: locking/csd_lock: Change csdlock_debug from early_param to __setup The csdlock_debug kernel-boot parameter is parsed by the early_param() function csdlock_debug(). If set, csdlock_debug() invokes static_branch

  • CVE-2022-50087Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it

  • CVE-2022-50085Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert-raid.sh. The reason for the warning is that mddev->raid_disks is greater than rs

  • CVE-2022-50084Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and running this testsuite: https://gitlab.com/cki-project/kernel-tests/-/tree/main/sto

  • CVE-2022-50080Jun 18, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in register_shm_helper() With special lengths supplied by user space, register_shm_helper() has an integer overflow when calculating the number of pages covered by a supplied user space

  • CVE-2022-50073Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null Fixes a NULL pointer derefence bug triggered from tap driver. When tap_get_user calls virtio_net_hdr_to_skb the skb->dev is nu

  • CVE-2022-50067Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_t

  • CVE-2022-50066Jun 18, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range

  • CVE-2022-50065Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is new

  • CVE-2022-50055Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration

  • CVE-2022-50045Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/pci: Fix get_phb_number() locking The recent change to get_phb_number() causes a DEBUG_ATOMIC_SLEEP warning on some systems: BUG: sleeping function called from invalid context at kernel/locking/mutex

  • CVE-2022-50033Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-ppc-of: Fix refcount leak bug In ohci_hcd_ppc_of_probe(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore.

  • CVE-2022-50030Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, l

  • CVE-2022-50027Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfc_sli4_issue_wqe fails to issue the CMF WQE in lpfc_issue_cmf_sync_wqe. If ret_val is non-zero, t

  • CVE-2022-50025Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: cxl: Fix a memory leak in an error handling path A bitmap_zalloc() must be balanced by a corresponding bitmap_free() in the error handling path of afu_allocate_irqs().

Page 39 of 90