rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Vulnerabilities (1,878)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-50104	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_get_max_prio of_find_node_by_path() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refc
CVE-2022-50103	—	< 4.12.14-122.269.1	4.12.14-122.269.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed With cgroup v2, the cpuset's cpus_allowed mask can be empty indicating that the cpuset will just use the effective CPUs of its parent. So cpu
CVE-2022-50102	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug i
CVE-2022-50101	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vt8623fb: Check the size of screen before memset_io() In the function vt8623fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the v
CVE-2022-50099	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memset_io() In the function arkfb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value o
CVE-2022-50098	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts Ensure SRB is returned during I/O timeout error escalation. If that is not possible fail the escalation path. Following crash stack was seen
CVE-2022-50097	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memset_io() In the function s3fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of
CVE-2022-50094	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions trace_spmi_write_begin() and trace_spmi_read_end() both call memcpy() with a length of "len + 1". This leads to one extra byte being read be
CVE-2022-50093	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) KASAN reports: [ 4.668325][ T0] BUG: KASAN: wild-memory-access in dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/a
CVE-2022-50092	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dm_pool_register_metadata_threshold+0x40/0x80 Read of size
CVE-2022-50091	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: locking/csd_lock: Change csdlock_debug from early_param to __setup The csdlock_debug kernel-boot parameter is parsed by the early_param() function csdlock_debug(). If set, csdlock_debug() invokes static_branch
CVE-2022-50087	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it
CVE-2022-50085	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert-raid.sh. The reason for the warning is that mddev->raid_disks is greater than rs
CVE-2022-50084	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and running this testsuite: https://gitlab.com/cki-project/kernel-tests/-/tree/main/sto
CVE-2022-50080	—	< 4.12.14-122.272.1	4.12.14-122.272.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in register_shm_helper() With special lengths supplied by user space, register_shm_helper() has an integer overflow when calculating the number of pages covered by a supplied user space
CVE-2022-50067	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_t
CVE-2022-50066	—	< 4.12.14-122.272.1	4.12.14-122.272.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range
CVE-2022-50065	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is new
CVE-2022-50055	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration
CVE-2022-50045	—	< 4.12.14-122.266.1	4.12.14-122.266.1	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: powerpc/pci: Fix get_phb_number() locking The recent change to get_phb_number() causes a DEBUG_ATOMIC_SLEEP warning on some systems: BUG: sleeping function called from invalid context at kernel/locking/mutex

CVE-2022-50104Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_get_max_prio of_find_node_by_path() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refc
CVE-2022-50103Jun 18, 2025
affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed With cgroup v2, the cpuset's cpus_allowed mask can be empty indicating that the cpuset will just use the effective CPUs of its parent. So cpu
CVE-2022-50102Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug i
CVE-2022-50101Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vt8623fb: Check the size of screen before memset_io() In the function vt8623fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the v
CVE-2022-50099Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memset_io() In the function arkfb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value o
CVE-2022-50098Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts Ensure SRB is returned during I/O timeout error escalation. If that is not possible fail the escalation path. Following crash stack was seen
CVE-2022-50097Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memset_io() In the function s3fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of
CVE-2022-50094Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions trace_spmi_write_begin() and trace_spmi_read_end() both call memcpy() with a length of "len + 1". This leads to one extra byte being read be
CVE-2022-50093Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) KASAN reports: [ 4.668325][ T0] BUG: KASAN: wild-memory-access in dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/a
CVE-2022-50092Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dm_sm_register_threshold_callback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dm_pool_register_metadata_threshold+0x40/0x80 Read of size
CVE-2022-50091Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: locking/csd_lock: Change csdlock_debug from early_param to __setup The csdlock_debug kernel-boot parameter is parsed by the early_param() function csdlock_debug(). If set, csdlock_debug() invokes static_branch
CVE-2022-50087Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it
CVE-2022-50085Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_resume There is a KASAN warning in raid_resume when running the lvm test lvconvert-raid.sh. The reason for the warning is that mddev->raid_disks is greater than rs
CVE-2022-50084Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix address sanitizer warning in raid_status There is this warning when using a kernel with the address sanitizer and running this testsuite: https://gitlab.com/cki-project/kernel-tests/-/tree/main/sto
CVE-2022-50080Jun 18, 2025
affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1
In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in register_shm_helper() With special lengths supplied by user space, register_shm_helper() has an integer overflow when calculating the number of pages covered by a supplied user space
CVE-2022-50067Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_t
CVE-2022-50066Jun 18, 2025
affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range
CVE-2022-50065Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix memory leak inside XPD_TX with mergeable When we call xdp_convert_buff_to_frame() to get xdpf, if it returns NULL, we should check if xdp_page was allocated by xdp_linearize_page(). If it is new
CVE-2022-50055Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration
CVE-2022-50045Jun 18, 2025
affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pci: Fix get_phb_number() locking The recent change to get_phb_number() causes a DEBUG_ATOMIC_SLEEP warning on some systems: BUG: sleeping function called from invalid context at kernel/locking/mutex

Page 43 of 94