VYPR

rpm package

suse/kernel-source&distro=SUSE Manager Server LTS 4.3

pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%20LTS%204.3

Vulnerabilities (542)

  • CVE-2022-50485Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode. However, if iget the boot loader inode, allows a bad in

  • CVE-2022-50484Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, whe

  • CVE-2022-50482Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there w

  • CVE-2022-50480Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe() The break of for_each_available_child_of_node() needs a corresponding of_node_put() when the reference 'child' is not used anymore. Here we do not n

  • CVE-2022-50478Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() Patch series "nilfs2: fix UBSAN shift-out-of-bounds warnings on mount time". The first patch fixes a bug reported by syzbot, and the second on

  • CVE-2022-50475Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ib_port" is valid when access sysfs node The "ib_port" structure must be set before adding the sysfs kobject, and reset after removing it, otherwise it may crash when accessing the sysfs n

  • CVE-2022-50472Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ib_query_pkey() in atomic context. WARNING:

  • CVE-2022-50471Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized (PV) Xen domains: * User process sets up a gntdev mapping

  • CVE-2022-50470Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If xHC host is dying or

  • CVE-2025-39945Oct 4, 2025
    affected < 5.14.21-150400.24.184.1fixed 5.14.21-150400.24.184.1

    In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnic_delete_task The original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(), which does not guarantee that the delayed work item 'delete_task' has fully completed i

  • CVE-2023-53526MedOct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: jbd2: check 'jh->b_transaction' before removing it from checkpoint Following process will corrupt ext4 image: Step 1: jbd2_journal_commit_transaction __jbd2_journal_insert_checkpoint(jh, commit_transaction) /

  • CVE-2023-53525MedOct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Allow UD qp_type to join multicast only As for multicast: - The SIDR is the only mode that makes sense; - Besides PS_UDP, other port spaces like PS_IB is also allowed, as it is UD compatible. In thi

  • CVE-2023-53524HigOct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf An integer overflow occurs in the iwl_write_to_user_buf() function, which is called by the iwl_dbgfs_monitor_data_read() function. static bool

  • CVE-2023-53521HigOct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() A fix for: BUG: KASAN: slab-out-of-bounds in ses_intf_remove+0x23f/0x270 [ses] Read of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013 When edev->com

  • CVE-2023-53519MedOct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: add lock to protect parameter num_rdy Getting below error when using KCSAN to check the driver. Adding lock to protect parameter num_rdy when getting the value with function: v4l2_m2m_num_s

  • CVE-2023-53515HigOct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vm_dev vm_dev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vm_dev struct with devr

  • CVE-2023-53513MedOct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbd_ioctl arg without verification. The UBSAN warning calltrace like below: UBSAN: Undefined behaviour in fs/buffer.c:1709:35

  • CVE-2023-53530Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC{0}: controller connect complete localhost kernel: BUG: using

  • CVE-2023-53518Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.

  • CVE-2023-53512Oct 1, 2025
    affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix a memory leak Add a forgotten kfree().

Page 9 of 28