suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5

Vulnerabilities (4,559)

• CVE-2022-49958Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: fix netdevice reference leaks in attach_default_qdiscs() In attach_default_qdiscs(), if a dev has multiple queues and queue 0 fails to attach qdisc because there is no memory in attach_one_default_qd

• CVE-2022-49957Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: kcm: fix strp_init() order and cleanup strp_init() is called just a few lines above this csk->sk_user_data check, it also initializes strp->work etc., therefore, it is unnecessary to call strp_done() to cancel

• CVE-2022-49956Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs _Read/Write_MACREG callbacks are NULL so the read/write_macreg_hdl() functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delet

• CVE-2022-49954Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag syzbot is reporting hung task at __input_unregister_device() [1], for iforce_close() waiting at wait_event_interruptible() with dev->mutex held is

• CVE-2022-49952Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on probe Add the missing sanity check on the probed-session count to avoid corrupting memory beyond the fixed-size slab-allocated session array when there are more than FAST

• CVE-2022-49951Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix use-after-free during unregister In the following code within firmware_upload_unregister(), the call to device_unregister() could result in the dev_release function freeing the fw_upload_pr

• CVE-2022-49950Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on open The probe session-duplication overflow check incremented the session count also when there were no more available sessions so that memory beyond the fixed-size slab-

• CVE-2022-49949Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix memory leak in firmware upload In the case of firmware-upload, an instance of struct fw_upload is allocated in firmware_upload_register(). This data needs to be freed in fw_dev_release(). C

• CVE-2022-49948Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: vt: Clear selection before changing the font When changing the console font with ioctl(KDFONTOP) the new font size can be bigger than the previous font. A previous selection may thus now be outside of the new s

• CVE-2022-49946Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypi_discover_clocks() relies on the assumption that the id of the last clock element is zero. Because this data comes from the Videocore fir

• CVE-2022-49945Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: hwmon: (gpio-fan) Fix array out of bounds access The driver does not check if the cooling state passed to gpio_fan_set_cur_state() exceeds the maximum cooling state as stored in fan_data->num_speeds. Since the

• CVE-2022-49944Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: Revert "usb: typec: ucsi: add a common function ucsi_unregister_connectors()" The recent commit 87d0e2f41b8c ("usb: typec: ucsi: add a common function ucsi_unregister_connectors()") introduced a regression that

• CVE-2022-49943Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix obscure lockdep violation for udc_mutex A recent commit expanding the scope of the udc_lock mutex in the gadget core managed to cause an obscure and slightly bizarre lockdep violation. In abbr

• CVE-2022-49942Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected When we are not connected to a channel, sending channel "switch" announcement doesn't make any sense. The BSS list is empty in that case

• CVE-2022-49940Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() A null pointer dereference can happen when attempting to access the "gsm->receive()" function in gsmld_receive_buf(). Currently, the code assum

• CVE-2022-49938Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the request is sent, the checks would return -EIO when they should be rather setting rc

• CVE-2022-49937Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usb_control_msg_*() routines Automatic kernel fuzzing led to a WARN about invalid pipe direction in the mceusb driver: ------------[ cut here ]------------ usb 6-1: BOGUS control dir, pi

• CVE-2022-49936Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking det

• CVE-2022-49935Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later Previously when we added a fence to a dma_resv object we always assumed the the newer than all the existing fences. With Jason's work to add an UAPI to

• CVE-2022-49934Jun 18, 2025
  affected < 5.14.21-150500.13.100.1fixed 5.14.21-150500.13.100.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211_scan_rx() ieee80211_scan_rx() tries to access scan_req->flags after a null check, but a UAF is observed when the scan is completed and __ieee80211_scan_completed() executes,