VYPR

rpm package

suse/kernel-source&distro=SUSE Manager Server 4.3

pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%204.3

Vulnerabilities (1,907)

  • CVE-2022-50108Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: mfd: max77620: Fix refcount leak in max77620_initialise_fps of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_

  • CVE-2022-50104Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_get_max_prio of_find_node_by_path() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refc

  • CVE-2022-50103Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed With cgroup v2, the cpuset's cpus_allowed mask can be empty indicating that the cpuset will just use the effective CPUs of its parent. So cpu

  • CVE-2022-50102Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug i

  • CVE-2022-50101Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vt8623fb: Check the size of screen before memset_io() In the function vt8623fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the v

  • CVE-2022-50100Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpus_mask The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline.

  • CVE-2022-50099Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memset_io() In the function arkfb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value o

  • CVE-2022-50098Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts Ensure SRB is returned during I/O timeout error escalation. If that is not possible fail the escalation path. Following crash stack was seen

  • CVE-2022-50097Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memset_io() In the function s3fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of

  • CVE-2022-50095Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: Cleanup CPU timers before freeing them during exec Commit 55e8c8eb2c7b ("posix-cpu-timers: Store a reference to a pid not a task") started looking up tasks by PID when deleting a CPU timer. W

  • CVE-2022-50094Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions trace_spmi_write_begin() and trace_spmi_read_end() both call memcpy() with a length of "len + 1". This leads to one extra byte being read be

  • CVE-2022-50093Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) KASAN reports: [ 4.668325][ T0] BUG: KASAN: wild-memory-access in dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/a

  • CVE-2022-50092Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dm_pool_register_metadata_threshold+0x40/0x80 Read of size

  • CVE-2022-50087Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it

  • CVE-2022-50085Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert-raid.sh. The reason for the warning is that mddev->raid_disks is greater than rs

  • CVE-2022-50084Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and running this testsuite: https://gitlab.com/cki-project/kernel-tests/-/tree/main/sto

  • CVE-2022-50079Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check correct bounds for stream encoder instances for DCN303 [Why & How] eng_id for DCN303 cannot be more than 1, since we have only two instances of stream encoders. Check the correct boundar

  • CVE-2022-50077Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: fix reference count leak in aa_pivotroot() The aa_pivotroot() function has a reference counting bug in a specific path. When aa_replace_current_label() returns on success, the function forgets to decr

  • CVE-2022-50076Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak on the deferred close xfstests on smb21 report kmemleak as below: unreferenced object 0xffff8881767d6200 (size 64): comm "xfs_io", pid 1284, jiffies 4294777434 (age 20.789s) hex

  • CVE-2022-50074Jun 18, 2025
    affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in aa_simple_write_to_buffer() When copy_from_user failed, the memory is freed by kvfree. however the management struct and data blob are allocated independently, so only kvfree(data) caus

Page 5 of 96