VYPR

rpm package

suse/kernel-source&distro=SUSE Manager Server LTS 4.3

pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%20LTS%204.3

Vulnerabilities (542)

  • CVE-2023-53349Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fix memleak in ov2740_init_controls() There is a kmemleak when testing the media/i2c/ov2740.c with bpf mock device: unreferenced object 0xffff8881090e19e0 (size 16): comm "51-i2c-ov2740", pid

  • CVE-2023-53344Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write Syzkaller reported the following issue: ===================================================== BUG: KMSAN: uninit-value in aio_rw_done fs/aio.c:1520

  • CVE-2023-53337Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, mark_buffer_dirty() called from nilfs_segctor_do_construct() outputs a warning with some patterns after nilfs2 detec

  • CVE-2023-53335Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish() If get_ep_from_tid() fails to lookup non-NULL value for ep, ep is dereferenced later regardless of whether it is empty. This patch adds a simple sani

  • CVE-2022-50374Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure syzbot is reporting NULL pointer dereference at hci_uart_tty_close() [1], for rcu_sync_enter() is called without rcu_sync_init() due to hci_uart_

  • CVE-2022-50373Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queue_work() in _dlm_lowcomms_commit_msg() and srcu_read_unlock(). The queue_work() can take the final reference of a dlm_msg and so msg->idx can co

  • CVE-2022-50372Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xffff888166059600 (size 448): comm "mount.cifs", pid 51391, jiffies 4295596373 (

  • CVE-2022-50370Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: designware: Fix handling of real but unexpected device interrupts Commit c7b79a752871 ("mfd: intel-lpss: Add Intel Alder Lake PCH-S PCI IDs") caused a regression on certain Gigabyte motherboards for Intel

  • CVE-2022-50369Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkms_release() A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms->output.composer_workq in vkms_release(). KASAN: null-ptr-deref in range [0x00000000

  • CVE-2022-50368Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight br

  • CVE-2022-50367Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilfs_is_metadata_file_inode(

  • CVE-2022-50364Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: mux: reg: check return value after calling platform_get_resource() It will cause null-ptr-deref in resource_size(), if platform_get_resource() returns NULL, move calling resource_size() after devm_ioremap_

  • CVE-2022-50362Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: hisilicon: Add multi-thread support for a DMA channel When we get a DMA channel and try to use it in multiple threads it will cause oops and hanging the system. % echo 100 > /sys/module/dmatest/para

  • CVE-2022-50359Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in buffer_prepare() When the driver calls cx88_risc_buffer() to prepare the buffer, the function call may fail, resulting in a empty buffer and null-ptr-deref later in buff

  • CVE-2022-50358Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid max_flowrings from dongle When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cause kernel panic when doin

  • CVE-2022-50355Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" i

  • CVE-2022-50353Sep 17, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: mmc: wmt-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel cr

  • CVE-2023-53334Sep 16, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: USB: chipidea: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call de

  • CVE-2023-53333Sep 16, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Eric Dumazet says: nf_conntrack_dccp_packet() has an unique: dh = skb_header_pointer(skb, dataoff, sizeof(_dh), &_dh);

  • CVE-2023-53331Sep 16, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a ("pstore/ram: Do not treat empty buffers as valid"), initialization would assume a prz was valid after seeing that the buffer_size is

Page 16 of 28