VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (1,878)

  • CVE-2022-49120Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001_send_abort_all() In pm8001_send_abort_all(), make sure to free the allocated sas task if pm8001_tag_alloc() or pm8001_mpi_build_cmd() fail.

  • CVE-2022-49119Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() In pm8001_chip_fw_flash_update_build(), if pm8001_chip_fw_flash_update_build() fails, the struct fw_control_ex allocated must be freed.

  • CVE-2022-49118Feb 26, 2025
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Free irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in free_irq(), and this will c

  • CVE-2022-49114Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fc_exch_abts_resp() fc_exch_release(ep) will decrease the ep's reference count. When the reference count reaches zero, it is freed. But ep is still used in the following code,

  • CVE-2022-49111Feb 26, 2025
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hci_send_acl This fixes the following trace caused by receiving HCI_EV_DISCONN_PHY_LINK_COMPLETE which does call hci_conn_del without first checking if conn->type is in fact AMP

  • CVE-2022-49109Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode reference leakage in ceph_get_snapdir() The ceph_get_inode() will search for or insert a new inode into the hash for the given vino, and return a reference to it. If new is non-NULL, its referen

  • CVE-2022-49107Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_readdir when note_last_dentry returns error Reset the last_readdir at the same time, and add a comment explaining why we don't free last_readdir when dir_emit returns false.

  • CVE-2022-49100Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an init

  • CVE-2022-49098Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as modul

  • CVE-2022-49095Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() The error handling path of the probe releases a resource that is not freed in the remove function. In some cases, a ioremap() must be undone. Add th

  • CVE-2022-49089Feb 26, 2025
    affected < 4.12.14-122.250.1fixed 4.12.14-122.250.1

    In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition The documentation of the function rvt_error_qp says both r_lock and s_lock need to be held when calling that function. It also asserts us

  • CVE-2022-49086Feb 26, 2025
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to

  • CVE-2022-49085Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in get_initial_state In get_initial_state, it calls notify_initial_state_done(skb,..) if cb->args[5]==1. If genlmsg_put() failed in notify_initial_state_done(), the skb will b

  • CVE-2022-49084Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qede_build_skb() assumes build_skb() always works and goes straight to skb_reserve(). However, build_skb() can fail under memory pressure. This results in a kernel pa

  • CVE-2022-49080Feb 26, 2025
    affected < 4.12.14-122.250.1fixed 4.12.14-122.250.1

    In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix mpol_new leak in shared_policy_replace If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized

  • CVE-2022-49076Feb 26, 2025
    affected < 4.12.14-122.250.1fixed 4.12.14-122.250.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix use-after-free bug for mm struct Under certain conditions, such as MPI_Abort, the hfi1 cleanup code may represent the last reference held on the task mm. hfi1_mmu_rb_unregister() then drops the l

  • CVE-2022-49075Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve overflow the qgroup limit We use extent_changeset->bytes_changed in qgroup_reserve_data() to record how many bytes we set for EXTENT_QGROUP_RESERVED state. Currently the bytes_changed

  • CVE-2022-49074Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix GICR_CTLR.RWP polling It turns out that our polling of RWP is totally wrong when checking for it in the redistributors, as we test the *distributor* bit index, whereas it is a different bit

  • CVE-2022-49066Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth device with act_mirred, skb_headlen() may be 0. But veth_xmit() calls __dev_forward_skb(), which expects at least ET

  • CVE-2022-49065Feb 26, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svc_deferred_event trace class Fix a NULL deref crash that occurs when an svc_rqst is deferred while the sunrpc tracing subsystem is enabled. svc_revisit() sets dr->xprt to NULL, so it can't be

Page 70 of 94