VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_67&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_67&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (245)

  • CVE-2022-49610Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPEC_CTRL value is written, and the vmenter. Balanced returns (matched by a preceding call) a

  • CVE-2022-49607Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() Yang Jihing reported a race between perf_event_set_output() and perf_mmap_close(): CPU1 CPU2 perf_mmap_close(e2) if (ato

  • CVE-2022-49605Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: igc: Reinstate IGC_REMOVED logic and implement it properly The initially merged version of the igc driver code (via commit 146740f9abc4, "igc: Add support for PF") contained the following IGC_REMOVED checks in

  • CVE-2022-49589Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctl_igmp_qrv. While reading sysctl_igmp_qrv, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. This test can be packed into a helper, so such chang

  • CVE-2022-49584Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: unable to ha

  • CVE-2022-49581Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: be2net: Fix buffer overflow in be_get_module_eeprom be_cmd_read_port_transceiver_data assumes that it is given a buffer that is at least PAGE_DATA_LEN long, or twice that if the module supports SFF 8472. Howeve

  • CVE-2022-49578Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctl_ip_prot_sock. sysctl_ip_prot_sock is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/stor

  • CVE-2022-49566Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix memory leak in RSA When an RSA key represented in form 2 (as defined in PKCS #1 V2.1) is used, some components of the private key persist even after the TFM is released. Replace the explicit c

  • CVE-2022-49564Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatt

  • CVE-2022-49563Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scat

  • CVE-2022-49555Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Use del_timer_sync() before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggere

  • CVE-2022-49546Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 (size 4096): comm "kexec", pid 14950, jiffies 4295110793 (age 373.951s) hex dum

  • CVE-2022-49545Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending work, which would eventually access the rawmidi runtime object that is bei

  • CVE-2022-49544Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ipw2x00: Fix potential NULL dereference in libipw_xmit() crypt and crypt->ops could be null, so we need to checking null before dereference

  • CVE-2022-49538Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access input_dev under mutex It is possible when using ASoC that input_dev is unregistered while calling snd_jack_report, which causes NULL pointer dereference. In order to prevent this serialize ac

  • CVE-2022-49532Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes drm_cvt_mode may return NULL and we should check it. This bug is found by syzkaller: FAULT_INJECTION stacktrace: [ 168.567394] FAULT_INJE

  • CVE-2022-49530Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix double free in si_parse_power_table() In function si_parse_power_table(), array adev->pm.dpm.ps and its member is allocated. If the allocation of each member fails, the array itself is freed and

  • CVE-2022-49526Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: md/bitmap: don't set sb values if can't pass sanity check If bitmap area contains invalid data, kernel will crash then mdadm triggers "Segmentation fault". This is cluster-md speical bug. In non-clustered env,

  • CVE-2022-49524Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885_initdev() When the driver fails to call the dma_set_mask(), the driver will get the following splat: [ 55.853884] BUG: KASAN: use-after-free in __proces

  • CVE-2022-49519Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ath10k: skip ath10k_halt during suspend for driver state RESTARTING Double free crash is observed when FW recovery(caused by wmi timeout/crash) is followed by immediate suspend event. The FW recovery is trigger

Page 6 of 13