rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (1,468)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49481 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt of_node_get() returns a node with refcount incremented. Calling of_node_put() to drop the reference when not needed anymore. | ||
| CVE-2022-49478 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then | ||
| CVE-2022-49475 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. | ||
| CVE-2022-49474 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout Connecting the same socket twice consecutively in sco_sock_connect() could lead to a race condition where two sco_conn objects are created | ||
| CVE-2022-49473 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_node_pu | ||
| CVE-2022-49467 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() drm_gem_object_lookup will call drm_gem_object_get inside. So cursor_bo needs to be put when msm_gem_get_and_pin_iova fails. | ||
| CVE-2022-49465 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s | ||
| CVE-2022-49462 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. a6xx_gmu_init() passes the node to | ||
| CVE-2022-49460 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFI device: [ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2 | ||
| CVE-2022-49459 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe platform_get_resource() may return NULL, add proper check to avoid potential NULL dereferencing. | ||
| CVE-2022-49455 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxl_file_register_afu info_release() will be called in device_unregister() when info->dev's reference count is 0. So there is no need to call ocxl_afu_put() and kfree() | ||
| CVE-2022-49451 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is curre | ||
| CVE-2022-49446 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, device_prepare(), operations, and device_shutdown() operations for 'nd_r | ||
| CVE-2022-49442 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fix compaction sysfs file leak Compaction sysfs file is created via compaction_register_node in register_node. But we forgot to remove it in unregister_node. Thus compaction sysfs file is | ||
| CVE-2022-49441 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: tty: fix deadlock caused by calling printk() under tty_port->lock pty_write() invokes kmalloc() which may invoke a normal printk() to print failure message. This can cause a deadlock in the scenario reported b | ||
| CVE-2022-49438 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbc_beep_probe of_find_node_by_path() calls of_find_node_opts_by_path(), which returns a node pointer with refcount incremented, we should use of_node_put() on it when do | ||
| CVE-2022-49437 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_spapr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid ref | ||
| CVE-2022-49422 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix the error handling path in idxd_cdev_register() If a call to alloc_chrdev_region() fails, the already allocated resources are leaking. Add the needed error handling path to fix the leak. | ||
| CVE-2022-49421 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node | ||
| CVE-2022-49416 | — | < 5.3.18-150300.59.201.1 | 5.3.18-150300.59.201.1 | Feb 26, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211_vif_use_reserved_context(), when we have an old context and the new context's replace_state is set to IEEE80211_CHANCTX_REPLACE_NONE, we free the |
- CVE-2022-49481Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt of_node_get() returns a node with refcount incremented. Calling of_node_put() to drop the reference when not needed anymore.
- CVE-2022-49478Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then
- CVE-2022-49475Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value.
- CVE-2022-49474Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout Connecting the same socket twice consecutively in sco_sock_connect() could lead to a race condition where two sco_conn objects are created
- CVE-2022-49473Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_node_pu
- CVE-2022-49467Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() drm_gem_object_lookup will call drm_gem_object_get inside. So cursor_bo needs to be put when msm_gem_get_and_pin_iova fails.
- CVE-2022-49465Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIO_THROTTLED when bio has been throttled 1.In current process, all bio will set the BIO_THROTTLED flag after __blk_throtl_bio(). 2.If bio needs to be throttled, it will start the timer and s
- CVE-2022-49462Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. a6xx_gmu_init() passes the node to
- CVE-2022-49460Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFI device: [ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2
- CVE-2022-49459Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe platform_get_resource() may return NULL, add proper check to avoid potential NULL dereferencing.
- CVE-2022-49455Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxl_file_register_afu info_release() will be called in device_unregister() when info->dev's reference count is 0. So there is no need to call ocxl_afu_put() and kfree()
- CVE-2022-49451Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is curre
- CVE-2022-49446Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, device_prepare(), operations, and device_shutdown() operations for 'nd_r
- CVE-2022-49442Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fix compaction sysfs file leak Compaction sysfs file is created via compaction_register_node in register_node. But we forgot to remove it in unregister_node. Thus compaction sysfs file is
- CVE-2022-49441Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: tty: fix deadlock caused by calling printk() under tty_port->lock pty_write() invokes kmalloc() which may invoke a normal printk() to print failure message. This can cause a deadlock in the scenario reported b
- CVE-2022-49438Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbc_beep_probe of_find_node_by_path() calls of_find_node_opts_by_path(), which returns a node pointer with refcount incremented, we should use of_node_put() on it when do
- CVE-2022-49437Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_spapr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid ref
- CVE-2022-49422Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix the error handling path in idxd_cdev_register() If a call to alloc_chrdev_region() fails, the already allocated resources are leaking. Add the needed error handling path to fix the leak.
- CVE-2022-49421Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node
- CVE-2022-49416Feb 26, 2025affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211_vif_use_reserved_context(), when we have an old context and the new context's replace_state is set to IEEE80211_CHANCTX_REPLACE_NONE, we free the
Page 21 of 74