rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,559)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49880 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in 'ext4_da_release_space' Syzkaller report issue as follows: EXT4-fs (loop0): Free/Dirty block details EXT4-fs (loop0): free_blocks=0 EXT4-fs (loop0): dirty_blocks=0 EXT4-fs (loop0): Block re | ||
| CVE-2022-49879 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG_ON() when directory entry has invalid rec_len The rec_len field in the directory entry has to be a multiple of 4. A corrupted filesystem image can be used to hit a BUG() in ext4_rec_len_to_disk() | ||
| CVE-2022-49874 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: fix possible memory leak in mousevsc_probe() If hid_add_device() returns error, it should call hid_destroy_device() to free hid_dev which is allocated in hid_allocate_device(). | ||
| CVE-2022-49871 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks of napi_get_frags kmemleak reports after running test_progs: unreferenced object 0xffff8881b1672dc0 (size 232): comm "test_progs", pid 394388, jiffies 4354712116 (age 841.975s) h | ||
| CVE-2022-49870 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAP_TO_MASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: s | ||
| CVE-2022-49869 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() During the error recovery sequence, the rtnl_lock is not held for the entire duration and some datastructures may be freed during the sequence. Check for the | ||
| CVE-2022-49868 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table With mt7621 soc_dev_attr fixed to register the soc as a device, kernel will experience an oops in soc_device_match_attr This quirk test was introduced in t | ||
| CVE-2022-49865 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network When copying a `struct ifaddrlblmsg` to the network, __ifal_reserved remained uninitialized, resulting in a 1-byte infoleak: BUG: KMS | ||
| CVE-2022-49864 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() ./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p is NULL but dereferenced. | ||
| CVE-2022-49863 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rx_register() It causes NULL pointer dereference when testing as following: (a) use syscall(__NR_socket, 0x10ul, 3ul, 0) to create netlink socket. (b) use syscal | ||
| CVE-2022-49861 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() A clk_prepare_enable() call in the probe is not balanced by a corresponding clk_disable_unprepare() in the remove function. Add the missing call. | ||
| CVE-2022-49860 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If device_register() fails, it should call put_device() to give up reference, the name allocated in dev_set_name() can be freed in callback | ||
| CVE-2022-49858 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitte | ||
| CVE-2022-49853 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fix memory leaks of macvlan_common_newlink kmemleak reports memory leaks in macvlan_common_newlink, as follows: ip link add link eth0 name .. type macvlan mode source macaddr add km | ||
| CVE-2022-49850 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix deadlock in nilfs_count_free_blocks() A semaphore deadlock can occur if nilfs_get_block() detects metadata corruption while locating data blocks and a superblock writeback occurs at the same time: | ||
| CVE-2022-49846 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() Syzbot reported a slab-out-of-bounds Write bug: loop0: detected capacity change from 0 to 2048 ====================================================== | ||
| CVE-2022-49845 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_send_one(): fix missing CAN header initialization The read access to struct canxl_frame::len inside of a j1939 created skbuff revealed a missing initialization of reserved and later filled ele | ||
| CVE-2022-49842 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix use-after-free in snd_soc_exit() KASAN reports a use-after-free: BUG: KASAN: use-after-free in device_del+0xb5b/0xc60 Read of size 8 at addr ffff888008655050 by task rmmod/387 CPU: 2 PID: 387 C | ||
| CVE-2022-49841 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: serial: imx: Add missing .thaw_noirq hook The following warning is seen with non-console UART instance when system hibernates. [ 37.371969] ------------[ cut here ]------------ [ 37.376599] uart3_root_clk | ||
| CVE-2022-49839 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_transport_sas: Fix error handling in sas_phy_add() If transport_add_device() fails in sas_phy_add(), the kernel will crash trying to delete the device in transport_remove_device() called from sas_rem |
- CVE-2022-49880May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in 'ext4_da_release_space' Syzkaller report issue as follows: EXT4-fs (loop0): Free/Dirty block details EXT4-fs (loop0): free_blocks=0 EXT4-fs (loop0): dirty_blocks=0 EXT4-fs (loop0): Block re
- CVE-2022-49879May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG_ON() when directory entry has invalid rec_len The rec_len field in the directory entry has to be a multiple of 4. A corrupted filesystem image can be used to hit a BUG() in ext4_rec_len_to_disk()
- CVE-2022-49874May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: fix possible memory leak in mousevsc_probe() If hid_add_device() returns error, it should call hid_destroy_device() to free hid_dev which is allocated in hid_allocate_device().
- CVE-2022-49871May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks of napi_get_frags kmemleak reports after running test_progs: unreferenced object 0xffff8881b1672dc0 (size 232): comm "test_progs", pid 394388, jiffies 4354712116 (age 841.975s) h
- CVE-2022-49870May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAP_TO_MASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: s
- CVE-2022-49869May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() During the error recovery sequence, the rtnl_lock is not held for the entire duration and some datastructures may be freed during the sequence. Check for the
- CVE-2022-49868May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table With mt7621 soc_dev_attr fixed to register the soc as a device, kernel will experience an oops in soc_device_match_attr This quirk test was introduced in t
- CVE-2022-49865May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network When copying a `struct ifaddrlblmsg` to the network, __ifal_reserved remained uninitialized, resulting in a 1-byte infoleak: BUG: KMS
- CVE-2022-49864May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() ./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p is NULL but dereferenced.
- CVE-2022-49863May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: can: af_can: fix NULL pointer dereference in can_rx_register() It causes NULL pointer dereference when testing as following: (a) use syscall(__NR_socket, 0x10ul, 3ul, 0) to create netlink socket. (b) use syscal
- CVE-2022-49861May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() A clk_prepare_enable() call in the probe is not balanced by a corresponding clk_disable_unprepare() in the remove function. Add the missing call.
- CVE-2022-49860May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If device_register() fails, it should call put_device() to give up reference, the name allocated in dev_set_name() can be freed in callback
- CVE-2022-49858May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitte
- CVE-2022-49853May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fix memory leaks of macvlan_common_newlink kmemleak reports memory leaks in macvlan_common_newlink, as follows: ip link add link eth0 name .. type macvlan mode source macaddr add km
- CVE-2022-49850May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix deadlock in nilfs_count_free_blocks() A semaphore deadlock can occur if nilfs_get_block() detects metadata corruption while locating data blocks and a superblock writeback occurs at the same time:
- CVE-2022-49846May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() Syzbot reported a slab-out-of-bounds Write bug: loop0: detected capacity change from 0 to 2048 ======================================================
- CVE-2022-49845May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_send_one(): fix missing CAN header initialization The read access to struct canxl_frame::len inside of a j1939 created skbuff revealed a missing initialization of reserved and later filled ele
- CVE-2022-49842May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix use-after-free in snd_soc_exit() KASAN reports a use-after-free: BUG: KASAN: use-after-free in device_del+0xb5b/0xc60 Read of size 8 at addr ffff888008655050 by task rmmod/387 CPU: 2 PID: 387 C
- CVE-2022-49841May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: serial: imx: Add missing .thaw_noirq hook The following warning is seen with non-console UART instance when system hibernates. [ 37.371969] ------------[ cut here ]------------ [ 37.376599] uart3_root_clk
- CVE-2022-49839May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_transport_sas: Fix error handling in sas_phy_add() If transport_add_device() fails in sas_phy_add(), the kernel will crash trying to delete the device in transport_remove_device() called from sas_rem
Page 69 of 228