suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.4

Vulnerabilities (2,793)

• CVE-2022-49960Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix null pointer dereference Asus chromebook CX550 crashes during boot on v5.17-rc1 kernel. The root cause is null pointer defeference of bi_next in tgl_get_bw_info() in drivers/gpu/drm/i915/display/i

• CVE-2022-49958Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: fix netdevice reference leaks in attach_default_qdiscs() In attach_default_qdiscs(), if a dev has multiple queues and queue 0 fails to attach qdisc because there is no memory in attach_one_default_qd

• CVE-2022-49957Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: kcm: fix strp_init() order and cleanup strp_init() is called just a few lines above this csk->sk_user_data check, it also initializes strp->work etc., therefore, it is unnecessary to call strp_done() to cancel

• CVE-2022-49956Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs _Read/Write_MACREG callbacks are NULL so the read/write_macreg_hdl() functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delet

• CVE-2022-49954Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag syzbot is reporting hung task at __input_unregister_device() [1], for iforce_close() waiting at wait_event_interruptible() with dev->mutex held is

• CVE-2022-49952Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on probe Add the missing sanity check on the probed-session count to avoid corrupting memory beyond the fixed-size slab-allocated session array when there are more than FAST

• CVE-2022-49950Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on open The probe session-duplication overflow check incremented the session count also when there were no more available sessions so that memory beyond the fixed-size slab-

• CVE-2022-49948Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: vt: Clear selection before changing the font When changing the console font with ioctl(KDFONTOP) the new font size can be bigger than the previous font. A previous selection may thus now be outside of the new s

• CVE-2022-49946Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypi_discover_clocks() relies on the assumption that the id of the last clock element is zero. Because this data comes from the Videocore fir

• CVE-2022-49945Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: hwmon: (gpio-fan) Fix array out of bounds access The driver does not check if the cooling state passed to gpio_fan_set_cur_state() exceeds the maximum cooling state as stored in fan_data->num_speeds. Since the

• CVE-2022-49943Jun 18, 2025
  affected < 5.14.21-150400.15.145.1fixed 5.14.21-150400.15.145.1

  In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix obscure lockdep violation for udc_mutex A recent commit expanding the scope of the udc_lock mutex in the gadget core managed to cause an obscure and slightly bizarre lockdep violation. In abbr

• CVE-2022-49942Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected When we are not connected to a channel, sending channel "switch" announcement doesn't make any sense. The BSS list is empty in that case

• CVE-2022-49940Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() A null pointer dereference can happen when attempting to access the "gsm->receive()" function in gsmld_receive_buf(). Currently, the code assum

• CVE-2022-49938Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the request is sent, the checks would return -EIO when they should be rather setting rc

• CVE-2022-49937Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usb_control_msg_*() routines Automatic kernel fuzzing led to a WARN about invalid pipe direction in the mceusb driver: ------------[ cut here ]------------ usb 6-1: BOGUS control dir, pi

• CVE-2022-49936Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking det

• CVE-2022-49934Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211_scan_rx() ieee80211_scan_rx() tries to access scan_req->flags after a null check, but a UAF is observed when the scan is completed and __ieee80211_scan_completed() executes,

• CVE-2025-38079HigJun 18, 2025
  affected < 5.14.21-150400.15.127.1fixed 5.14.21-150400.15.127.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea

• CVE-2025-38068Jun 18, 2025
  affected < 5.14.21-150400.15.142.1fixed 5.14.21-150400.15.142.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space

• CVE-2025-38014Jun 18, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper The idxd_cleanup() helper cleans up perfmon, interrupts, internals and so on. Refactor remove call with the idxd_cleanup() helper to avoid code d