VYPR

rpm package

suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.1

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Vulnerabilities (1,237)

  • CVE-2022-49839May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_transport_sas: Fix error handling in sas_phy_add() If transport_add_device() fails in sas_phy_add(), the kernel will crash trying to delete the device in transport_remove_device() called from sas_rem

  • CVE-2022-49836May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: siox: fix possible memory leak in siox_device_add() If device_register() returns error in siox_device_add(), the name allocated by dev_set_name() need be freed. As comment of device_register() says, it should u

  • CVE-2022-49835May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix potential memleak in 'add_widget_node' As 'kobject_add' may allocated memory for 'kobject->name' when return error. And in this function, if call 'kobject_add' failed didn't free kobject. So call

  • CVE-2022-49832May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map Here is the BUG report by KASAN about null pointer dereference: BUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50 Read of size 1 at addr 00

  • CVE-2022-49830May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: drm/drv: Fix potential memory leak in drm_dev_init() drm_dev_init() will add drm_dev_init_release() as a callback. When drmm_add_action() failed, the release function won't be added. As the result, the ref cnt

  • CVE-2022-49827May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() drm_vblank_init() call drmm_add_action_or_reset() with drm_vblank_init_release() as action. If __drmm_add_action() failed, will directly call drm

  • CVE-2022-49826May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix double ata_host_put() in ata_tport_add() In the error path in ata_tport_add(), when calling put_device(), ata_tport_release() is called, it will put the refcount of 'ap->host'. And t

  • CVE-2022-49825May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tport_add() In ata_tport_add(), the return value of transport_add_device() is not checked. As a result, it causes null-ptr-deref while removing the module, becau

  • CVE-2022-49824May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tlink_add() In ata_tlink_add(), the return value of transport_add_device() is not checked. As a result, it causes null-ptr-deref while removing the module, becau

  • CVE-2022-49823May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tdev_add() In ata_tdev_add(), the return value of transport_add_device() is not checked. As a result, it causes null-ptr-deref while removing the module, because

  • CVE-2022-49821May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_dsp_element_register() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, use put_dev

  • CVE-2022-49818May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: mISDN: fix misuse of put_device() in mISDN_register_device() We should not release reference by put_device() before calling device_initialize().

  • CVE-2022-49809May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix skb leak in x25_lapb_receive_frame() x25_lapb_receive_frame() using skb_copy() to get a private copy of skb, the new skb should be freed in the undersized/fragmented skb error handling path. Otherw

  • CVE-2022-49802May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix null pointer dereference in ftrace_add_mod() The @ftrace_mod is allocated by kzalloc(), so both the members {prev,next} of @ftrace_mode->list are NULL, it's not a valid state to call list_del(). If

  • CVE-2022-49799May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in register_synth_event() In register_synth_event(), if set_synth_event_print_fmt() failed, then both trace_remove_event_call() and unregister_trace_event() will be called, which

  • CVE-2022-49794May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() If iio_trigger_register() returns error, it should call iio_trigger_free() to give up the reference that hold in iio_trigger_alloc(),

  • CVE-2022-49793May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() dev_set_name() allocates memory for name, it need be freed when device_add() fails, call put_device() to give up the reference that hold in

  • CVE-2022-49790May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: Input: iforce - invert valid length check when fetching device IDs syzbot is reporting uninitialized value at iforce_init_device() [1], for commit 6ac0aec6b0a6 ("Input: iforce - allow callers supply data buffer

  • CVE-2022-49789May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcp_fsf_req_send()' to cache the FSF request ID when sending a new FSF request. This is used in case

  • CVE-2022-49788May 1, 2025
    affected < 5.3.18-150300.211.1fixed 5.3.18-150300.211.1

    In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() `struct vmci_event_qp` allocated by qp_notify_peer() contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN

Page 12 of 62