suse/kernel-source&distro=SUSE Manager Server 4.3

Vulnerabilities (1,907)

• CVE-2022-49957Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: kcm: fix strp_init() order and cleanup strp_init() is called just a few lines above this csk->sk_user_data check, it also initializes strp->work etc., therefore, it is unnecessary to call strp_done() to cancel

• CVE-2022-49956Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs _Read/Write_MACREG callbacks are NULL so the read/write_macreg_hdl() functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delet

• CVE-2022-49954Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag syzbot is reporting hung task at __input_unregister_device() [1], for iforce_close() waiting at wait_event_interruptible() with dev->mutex held is

• CVE-2022-49952Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on probe Add the missing sanity check on the probed-session count to avoid corrupting memory beyond the fixed-size slab-allocated session array when there are more than FAST

• CVE-2022-49950Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on open The probe session-duplication overflow check incremented the session count also when there were no more available sessions so that memory beyond the fixed-size slab-

• CVE-2022-49948Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: vt: Clear selection before changing the font When changing the console font with ioctl(KDFONTOP) the new font size can be bigger than the previous font. A previous selection may thus now be outside of the new s

• CVE-2022-49946Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypi_discover_clocks() relies on the assumption that the id of the last clock element is zero. Because this data comes from the Videocore fir

• CVE-2022-49945Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: hwmon: (gpio-fan) Fix array out of bounds access The driver does not check if the cooling state passed to gpio_fan_set_cur_state() exceeds the maximum cooling state as stored in fan_data->num_speeds. Since the

• CVE-2022-49942Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected When we are not connected to a channel, sending channel "switch" announcement doesn't make any sense. The BSS list is empty in that case

• CVE-2022-49940Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() A null pointer dereference can happen when attempting to access the "gsm->receive()" function in gsmld_receive_buf(). Currently, the code assum

• CVE-2022-49938Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the request is sent, the checks would return -EIO when they should be rather setting rc

• CVE-2022-49937Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usb_control_msg_*() routines Automatic kernel fuzzing led to a WARN about invalid pipe direction in the mceusb driver: ------------[ cut here ]------------ usb 6-1: BOGUS control dir, pi

• CVE-2022-49936Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking det

• CVE-2022-49934Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211_scan_rx() ieee80211_scan_rx() tries to access scan_req->flags after a null check, but a UAF is observed when the scan is completed and __ieee80211_scan_completed() executes,

• CVE-2025-38014Jun 18, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper The idxd_cleanup() helper cleans up perfmon, interrupts, internals and so on. Refactor remove call with the idxd_cleanup() helper to avoid code d

• CVE-2025-38001Jun 6, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch (141d34391abbb315d68556b7c67ad97885407547) [1] can be bypassed,

• CVE-2025-38000Jun 6, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() When enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the child qdisc's peek() operation before incrementing sch->q.qlen and

• CVE-2025-37997May 29, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5.6-rc4 contained three macros to handle the region locks: ahash_bucket_start(), ahash_bucket_end() which gave back the start and

• CVE-2025-37963May 20, 2025
  affected < 5.14.21-150400.24.167.1fixed 5.14.21-150400.24.167.1

  In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In

• CVE-2025-37953May 20, 2025
  affected < 5.14.21-150400.24.170.1fixed 5.14.21-150400.24.170.1

  In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case it introduced some regres