VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server 15 SP3-LTSS

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Vulnerabilities (1,483)

  • CVE-2022-49825May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tport_add() In ata_tport_add(), the return value of transport_add_device() is not checked. As a result, it causes null-ptr-deref while removing the module, becau

  • CVE-2022-49824May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tlink_add() In ata_tlink_add(), the return value of transport_add_device() is not checked. As a result, it causes null-ptr-deref while removing the module, becau

  • CVE-2022-49823May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tdev_add() In ata_tdev_add(), the return value of transport_add_device() is not checked. As a result, it causes null-ptr-deref while removing the module, because

  • CVE-2022-49821May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_dsp_element_register() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, use put_dev

  • CVE-2022-49818May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: mISDN: fix misuse of put_device() in mISDN_register_device() We should not release reference by put_device() before calling device_initialize().

  • CVE-2022-49809May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25_lapb_receive_frame() x25_lapb_receive_frame() using skb_copy() to get a private copy of skb, the new skb should be freed in the undersized/fragmented skb error handling path. Otherw

  • CVE-2022-49802May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix null pointer dereference in ftrace_add_mod() The @ftrace_mod is allocated by kzalloc(), so both the members {prev,next} of @ftrace_mode->list are NULL, it's not a valid state to call list_del(). If

  • CVE-2022-49799May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in register_synth_event() In register_synth_event(), if set_synth_event_print_fmt() failed, then both trace_remove_event_call() and unregister_trace_event() will be called, which

  • CVE-2022-49794May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() If iio_trigger_register() returns error, it should call iio_trigger_free() to give up the reference that hold in iio_trigger_alloc(),

  • CVE-2022-49793May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() dev_set_name() allocates memory for name, it need be freed when device_add() fails, call put_device() to give up the reference that hold in

  • CVE-2022-49790May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: Input: iforce - invert valid length check when fetching device IDs syzbot is reporting uninitialized value at iforce_init_device() [1], for commit 6ac0aec6b0a6 ("Input: iforce - allow callers supply data buffer

  • CVE-2022-49789May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcp_fsf_req_send()' to cache the FSF request ID when sending a new FSF request. This is used in case

  • CVE-2022-49788May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() `struct vmci_event_qp` allocated by qp_notify_peer() contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN

  • CVE-2022-49787May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for the returned pci_dev. We need to use pci_dev_put() to decrease the reference count

  • CVE-2022-49777May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_probe() or i8042_remove(), so that the device can be properly destroyed by

  • CVE-2022-49775May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: cdg: allow tcp_cdg_release() to be called multiple times Apparently, mptcp is able to call tcp_disconnect() on an already disconnected flow. This is generally fine, unless current congestion control is CDG

  • CVE-2022-49772May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() snd_usbmidi_output_open() has a check of the NULL port with snd_BUG_ON(). snd_BUG_ON() was used as this shouldn't have happened, but in reality

  • CVE-2022-49771May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if list_versions races with module loading __list_versions will first estimate the required space using the "dm_target_iterate(list_version_get_needed, &needed)" call and then will fil

  • CVE-2022-49770May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'first_realm' and 'realm' pointing to the same snaprealm memory. And then it'll put it twice and

  • CVE-2022-49769May 1, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sb_bsize_shift after reading superblock Fuzzers like to scribble over sb_bsize_shift but in reality it's very unlikely that this field would be corrupted on its own. Nevertheless it should be checke

Page 15 of 75