VYPR

rpm package

suse/kernel-source&distro=SUSE Manager Server 4.3

pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%204.3

Vulnerabilities (1,907)

  • CVE-2022-49809May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25_lapb_receive_frame() x25_lapb_receive_frame() using skb_copy() to get a private copy of skb, the new skb should be freed in the undersized/fragmented skb error handling path. Otherw

  • CVE-2022-49807May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a memory leak in nvmet_auth_set_key When changing dhchap secrets we need to release the old secrets as well. kmemleak complaint: -- unreferenced object 0xffff8c7f44ed8180 (size 64): comm "check",

  • CVE-2022-49802May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix null pointer dereference in ftrace_add_mod() The @ftrace_mod is allocated by kzalloc(), so both the members {prev,next} of @ftrace_mode->list are NULL, it's not a valid state to call list_del(). If

  • CVE-2022-49801May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in tracing_read_pipe() kmemleak reports this issue: unreferenced object 0xffff888105a18900 (size 128): comm "test_progs", pid 18933, jiffies 4336275356 (age 22801.766s) hex dump (f

  • CVE-2022-49800May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() test_gen_synth_cmd() only free buf in fail path, hence buf will leak when there is no failure. Add kfree(buf) to prevent the memleak

  • CVE-2022-49799May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in register_synth_event() In register_synth_event(), if set_synth_event_print_fmt() failed, then both trace_remove_event_call() and unregister_trace_event() will be called, which

  • CVE-2022-49797May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() When trace_get_event_file() failed, gen_kretprobe_test will be assigned as the error code. If module kprobe_even

  • CVE-2022-49796May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() When test_gen_kprobe_cmd() failed after kprobe_event_gen_cmd_end(), it will goto delete, which will call kprobe_event

  • CVE-2022-49794May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() If iio_trigger_register() returns error, it should call iio_trigger_free() to give up the reference that hold in iio_trigger_alloc(),

  • CVE-2022-49793May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() dev_set_name() allocates memory for name, it need be freed when device_add() fails, call put_device() to give up the reference that hold in

  • CVE-2022-49792May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core.

  • CVE-2022-49790May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: Input: iforce - invert valid length check when fetching device IDs syzbot is reporting uninitialized value at iforce_init_device() [1], for commit 6ac0aec6b0a6 ("Input: iforce - allow callers supply data buffer

  • CVE-2022-49789May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcp_fsf_req_send()' to cache the FSF request ID when sending a new FSF request. This is used in case

  • CVE-2022-49788May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() `struct vmci_event_qp` allocated by qp_notify_peer() contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN

  • CVE-2022-49787May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for the returned pci_dev. We need to use pci_dev_put() to decrease the reference count

  • CVE-2022-49783May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Drop fpregs lock before inheriting FPU permissions Mike Galbraith reported the following against an old fork of preempt-rt but the same issue also applies to the current preempt-rt tree. BUG: sleep

  • CVE-2022-49779May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case In __unregister_kprobe_top(), if the currently unregistered probe has post_handler but other child probes of the aggrprobe do not have po

  • CVE-2022-49777May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_probe() or i8042_remove(), so that the device can be properly destroyed by

  • CVE-2022-49776May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at link creation. This patch avoids the current behavior (which could lead to crashes in ipv6 stack if the link is bro

  • CVE-2022-49775May 1, 2025
    affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: cdg: allow tcp_cdg_release() to be called multiple times Apparently, mptcp is able to call tcp_disconnect() on an already disconnected flow. This is generally fine, unless current congestion control is CDG

Page 16 of 96