rpm package
suse/kernel-source&distro=SUSE Manager Server 4.3
pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%204.3
Vulnerabilities (1,907)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49888 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortex_a76_erratum_1463225_debug_handler() function is called when handling debug exceptions (and synchronous exceptions from BRK instructions), and so is called when a | ||
| CVE-2022-49887 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or vdec_remove is called. | ||
| CVE-2022-49885 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Change num_ghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc() to fail. The overflow happens in ghes_estatus_pool | ||
| CVE-2022-49881 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in query_regdb_file() In the function query_regdb_file() the alpha2 parameter is duplicated using kmemdup() and subsequently freed in regdb_fw_cb(). However, request_firmware_now | ||
| CVE-2022-49880 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in 'ext4_da_release_space' Syzkaller report issue as follows: EXT4-fs (loop0): Free/Dirty block details EXT4-fs (loop0): free_blocks=0 EXT4-fs (loop0): dirty_blocks=0 EXT4-fs (loop0): Block re | ||
| CVE-2022-49879 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG_ON() when directory entry has invalid rec_len The rec_len field in the directory entry has to be a multiple of 4. A corrupted filesystem image can be used to hit a BUG() in ext4_rec_len_to_disk() | ||
| CVE-2022-49874 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: fix possible memory leak in mousevsc_probe() If hid_add_device() returns error, it should call hid_destroy_device() to free hid_dev which is allocated in hid_allocate_device(). | ||
| CVE-2022-49871 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks of napi_get_frags kmemleak reports after running test_progs: unreferenced object 0xffff8881b1672dc0 (size 232): comm "test_progs", pid 394388, jiffies 4354712116 (age 841.975s) h | ||
| CVE-2022-49870 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAP_TO_MASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: s | ||
| CVE-2022-49869 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() During the error recovery sequence, the rtnl_lock is not held for the entire duration and some datastructures may be freed during the sequence. Check for the | ||
| CVE-2022-49868 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table With mt7621 soc_dev_attr fixed to register the soc as a device, kernel will experience an oops in soc_device_match_attr This quirk test was introduced in t | ||
| CVE-2022-49865 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network When copying a `struct ifaddrlblmsg` to the network, __ifal_reserved remained uninitialized, resulting in a 1-byte infoleak: BUG: KMS | ||
| CVE-2022-49864 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() ./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p is NULL but dereferenced. | ||
| CVE-2022-49863 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rx_register() It causes NULL pointer dereference when testing as following: (a) use syscall(__NR_socket, 0x10ul, 3ul, 0) to create netlink socket. (b) use syscal | ||
| CVE-2022-49861 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() A clk_prepare_enable() call in the probe is not balanced by a corresponding clk_disable_unprepare() in the remove function. Add the missing call. | ||
| CVE-2022-49860 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If device_register() fails, it should call put_device() to give up reference, the name allocated in dev_set_name() can be freed in callback | ||
| CVE-2022-49858 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitte | ||
| CVE-2022-49853 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fix memory leaks of macvlan_common_newlink kmemleak reports memory leaks in macvlan_common_newlink, as follows: ip link add link eth0 name .. type macvlan mode source macaddr add km | ||
| CVE-2022-49850 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix deadlock in nilfs_count_free_blocks() A semaphore deadlock can occur if nilfs_get_block() detects metadata corruption while locating data blocks and a superblock writeback occurs at the same time: | ||
| CVE-2022-49846 | — | < 5.14.21-150400.24.167.1 | 5.14.21-150400.24.167.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() Syzbot reported a slab-out-of-bounds Write bug: loop0: detected capacity change from 0 to 2048 ====================================================== |
- CVE-2022-49888May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortex_a76_erratum_1463225_debug_handler() function is called when handling debug exceptions (and synchronous exceptions from BRK instructions), and so is called when a
- CVE-2022-49887May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or vdec_remove is called.
- CVE-2022-49885May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() Change num_ghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc() to fail. The overflow happens in ghes_estatus_pool
- CVE-2022-49881May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in query_regdb_file() In the function query_regdb_file() the alpha2 parameter is duplicated using kmemdup() and subsequently freed in regdb_fw_cb(). However, request_firmware_now
- CVE-2022-49880May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in 'ext4_da_release_space' Syzkaller report issue as follows: EXT4-fs (loop0): Free/Dirty block details EXT4-fs (loop0): free_blocks=0 EXT4-fs (loop0): dirty_blocks=0 EXT4-fs (loop0): Block re
- CVE-2022-49879May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG_ON() when directory entry has invalid rec_len The rec_len field in the directory entry has to be a multiple of 4. A corrupted filesystem image can be used to hit a BUG() in ext4_rec_len_to_disk()
- CVE-2022-49874May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: fix possible memory leak in mousevsc_probe() If hid_add_device() returns error, it should call hid_destroy_device() to free hid_dev which is allocated in hid_allocate_device().
- CVE-2022-49871May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks of napi_get_frags kmemleak reports after running test_progs: unreferenced object 0xffff8881b1672dc0 (size 232): comm "test_progs", pid 394388, jiffies 4354712116 (age 841.975s) h
- CVE-2022-49870May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAP_TO_MASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: s
- CVE-2022-49869May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() During the error recovery sequence, the rtnl_lock is not held for the entire duration and some datastructures may be freed during the sequence. Check for the
- CVE-2022-49868May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table With mt7621 soc_dev_attr fixed to register the soc as a device, kernel will experience an oops in soc_device_match_attr This quirk test was introduced in t
- CVE-2022-49865May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network When copying a `struct ifaddrlblmsg` to the network, __ifal_reserved remained uninitialized, resulting in a 1-byte infoleak: BUG: KMS
- CVE-2022-49864May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() ./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p is NULL but dereferenced.
- CVE-2022-49863May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rx_register() It causes NULL pointer dereference when testing as following: (a) use syscall(__NR_socket, 0x10ul, 3ul, 0) to create netlink socket. (b) use syscal
- CVE-2022-49861May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() A clk_prepare_enable() call in the probe is not balanced by a corresponding clk_disable_unprepare() in the remove function. Add the missing call.
- CVE-2022-49860May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If device_register() fails, it should call put_device() to give up reference, the name allocated in dev_set_name() can be freed in callback
- CVE-2022-49858May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitte
- CVE-2022-49853May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fix memory leaks of macvlan_common_newlink kmemleak reports memory leaks in macvlan_common_newlink, as follows: ip link add link eth0 name .. type macvlan mode source macaddr add km
- CVE-2022-49850May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix deadlock in nilfs_count_free_blocks() A semaphore deadlock can occur if nilfs_get_block() detects metadata corruption while locating data blocks and a superblock writeback occurs at the same time:
- CVE-2022-49846May 1, 2025affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1
In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() Syzbot reported a slab-out-of-bounds Write bug: loop0: detected capacity change from 0 to 2048 ======================================================
Page 14 of 96