rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,559)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-49800 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() test_gen_synth_cmd() only free buf in fail path, hence buf will leak when there is no failure. Add kfree(buf) to prevent the memleak | ||
| CVE-2022-49799 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in register_synth_event() In register_synth_event(), if set_synth_event_print_fmt() failed, then both trace_remove_event_call() and unregister_trace_event() will be called, which | ||
| CVE-2022-49797 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() When trace_get_event_file() failed, gen_kretprobe_test will be assigned as the error code. If module kprobe_even | ||
| CVE-2022-49796 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() When test_gen_kprobe_cmd() failed after kprobe_event_gen_cmd_end(), it will goto delete, which will call kprobe_event | ||
| CVE-2022-49795 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: rethook: fix a potential memleak in rethook_alloc() In rethook_alloc(), the variable rh is not freed or passed out if handler is NULL, which could lead to a memleak, fix it. [Masami: Add "rethook:" tag to the | ||
| CVE-2022-49794 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() If iio_trigger_register() returns error, it should call iio_trigger_free() to give up the reference that hold in iio_trigger_alloc(), | ||
| CVE-2022-49793 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() dev_set_name() allocates memory for name, it need be freed when device_add() fails, call put_device() to give up the reference that hold in | ||
| CVE-2022-49792 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core. | ||
| CVE-2022-49790 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: Input: iforce - invert valid length check when fetching device IDs syzbot is reporting uninitialized value at iforce_init_device() [1], for commit 6ac0aec6b0a6 ("Input: iforce - allow callers supply data buffer | ||
| CVE-2022-49789 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcp_fsf_req_send()' to cache the FSF request ID when sending a new FSF request. This is used in case | ||
| CVE-2022-49788 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() `struct vmci_event_qp` allocated by qp_notify_peer() contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN | ||
| CVE-2022-49787 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for the returned pci_dev. We need to use pci_dev_put() to decrease the reference count | ||
| CVE-2022-49786 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: properly pin the parent in blkcg_css_online blkcg_css_online is supposed to pin the blkcg of the parent, but 397c9f46ee4d refactored things and along the way, changed it to pin the css instead. Thi | ||
| CVE-2022-49784 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd/uncore: Fix memory leak for events array When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed but not the events array within the context structure. This causes a memory leak a | ||
| CVE-2022-49783 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Drop fpregs lock before inheriting FPU permissions Mike Galbraith reported the following against an old fork of preempt-rt but the same issue also applies to the current preempt-rt tree. BUG: sleep | ||
| CVE-2022-49781 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Fix crash due to race between amd_pmu_enable_all, perf NMI and throttling amd_pmu_enable_all() does: if (!test_bit(idx, cpuc->active_mask)) continue; amd_pmu_enable_eve | ||
| CVE-2022-49779 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case In __unregister_kprobe_top(), if the currently unregistered probe has post_handler but other child probes of the aggrprobe do not have po | ||
| CVE-2022-49777 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_probe() or i8042_remove(), so that the device can be properly destroyed by | ||
| CVE-2022-49776 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at link creation. This patch avoids the current behavior (which could lead to crashes in ipv6 stack if the link is bro | ||
| CVE-2022-49775 | — | < 5.14.21-150500.13.97.1 | 5.14.21-150500.13.97.1 | May 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: tcp: cdg: allow tcp_cdg_release() to be called multiple times Apparently, mptcp is able to call tcp_disconnect() on an already disconnected flow. This is generally fine, unless current congestion control is CDG |
- CVE-2022-49800May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() test_gen_synth_cmd() only free buf in fail path, hence buf will leak when there is no failure. Add kfree(buf) to prevent the memleak
- CVE-2022-49799May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in register_synth_event() In register_synth_event(), if set_synth_event_print_fmt() failed, then both trace_remove_event_call() and unregister_trace_event() will be called, which
- CVE-2022-49797May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() When trace_get_event_file() failed, gen_kretprobe_test will be assigned as the error code. If module kprobe_even
- CVE-2022-49796May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() When test_gen_kprobe_cmd() failed after kprobe_event_gen_cmd_end(), it will goto delete, which will call kprobe_event
- CVE-2022-49795May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: rethook: fix a potential memleak in rethook_alloc() In rethook_alloc(), the variable rh is not freed or passed out if handler is NULL, which could lead to a memleak, fix it. [Masami: Add "rethook:" tag to the
- CVE-2022-49794May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() If iio_trigger_register() returns error, it should call iio_trigger_free() to give up the reference that hold in iio_trigger_alloc(),
- CVE-2022-49793May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() dev_set_name() allocates memory for name, it need be freed when device_add() fails, call put_device() to give up the reference that hold in
- CVE-2022-49792May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core.
- CVE-2022-49790May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: Input: iforce - invert valid length check when fetching device IDs syzbot is reporting uninitialized value at iforce_init_device() [1], for commit 6ac0aec6b0a6 ("Input: iforce - allow callers supply data buffer
- CVE-2022-49789May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fix double free of FSF request when qdio send fails We used to use the wrong type of integer in 'zfcp_fsf_req_send()' to cache the FSF request ID when sending a new FSF request. This is used in case
- CVE-2022-49788May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() `struct vmci_event_qp` allocated by qp_notify_peer() contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN
- CVE-2022-49787May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() pci_get_device() will increase the reference count for the returned pci_dev. We need to use pci_dev_put() to decrease the reference count
- CVE-2022-49786May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: properly pin the parent in blkcg_css_online blkcg_css_online is supposed to pin the blkcg of the parent, but 397c9f46ee4d refactored things and along the way, changed it to pin the css instead. Thi
- CVE-2022-49784May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd/uncore: Fix memory leak for events array When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed but not the events array within the context structure. This causes a memory leak a
- CVE-2022-49783May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Drop fpregs lock before inheriting FPU permissions Mike Galbraith reported the following against an old fork of preempt-rt but the same issue also applies to the current preempt-rt tree. BUG: sleep
- CVE-2022-49781May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Fix crash due to race between amd_pmu_enable_all, perf NMI and throttling amd_pmu_enable_all() does: if (!test_bit(idx, cpuc->active_mask)) continue; amd_pmu_enable_eve
- CVE-2022-49779May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case In __unregister_kprobe_top(), if the currently unregistered probe has post_handler but other child probes of the aggrprobe do not have po
- CVE-2022-49777May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer in i8042_probe() or i8042_remove(), so that the device can be properly destroyed by
- CVE-2022-49776May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at link creation. This patch avoids the current behavior (which could lead to crashes in ipv6 stack if the link is bro
- CVE-2022-49775May 1, 2025affected < 5.14.21-150500.13.97.1fixed 5.14.21-150500.13.97.1
In the Linux kernel, the following vulnerability has been resolved: tcp: cdg: allow tcp_cdg_release() to be called multiple times Apparently, mptcp is able to call tcp_disconnect() on an already disconnected flow. This is generally fine, unless current congestion control is CDG
Page 71 of 228