VYPR

rpm package

suse/kgraft-patch-SLE12-SP5_Update_67&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_67&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (245)

  • CVE-2022-49516Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ice: always check VF VSI pointer values The ice_get_vf_vsi function can return NULL in some cases, such as if handling messages during a reset where the VSI is being removed and recreated. Several places throu

  • CVE-2022-49513Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: Use kobject release() method to free dbs_data The struct dbs_data embeds a struct gov_attr_set and the struct gov_attr_set embeds a kobject. Since every kobject must have a release() method a

  • CVE-2022-49505Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: NFC: NULL out the dev->rfkill to prevent UAF Commit 3e3b5dfcd16a ("NFC: reorder the logic in nfc_{un,}register_device") assumes the device_is_registered() in function nfc_dev_up() will help to check when the rf

  • CVE-2022-49497Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG() from skb_checksum_help() I have a syzbot report that managed to get a crash in skb_checksum_help() If syzbot can trigger these BUG(), it makes sense to replace them with more friendly WAR

  • CVE-2022-49495Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. Patchwork: https://pat

  • CVE-2022-49492Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags In nvme_alloc_admin_tags, the admin_q can be set to an error (typically -ENOMEM) if the blk_mq_init_queue call fails to set up the queue, which

  • CVE-2022-49488Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected There is a possibility for mdp5_get_global_state to return -EDEADLK when acquiring the modeset lock, but currently global_state in

  • CVE-2022-49472Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driver_data Currently, if the .probe element is present in the phy_driver structure and the .driver_data is not, a NULL pointer dereference happens. Allow passing .prob

  • CVE-2022-49444Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: module: fix [e_shstrndx].sh_size=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if (info->secstrings[strhdr->sh_size - 1] != '\0') { BUG: unable to handle page fault for add

  • CVE-2022-49443Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep->rdllist ep_poll() first calls ep_events_available() with no lock held and checks if ep->rdllist is empty by list_empty_careful(), which reads rdllist->prev. Thus all accesses t

  • CVE-2022-49437Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_spapr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid ref

  • CVE-2022-49434Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() The sysfs sriov_numvfs_store() path acquires the device lock before the config space access lock: sriov_numvfs_store device_lock

  • CVE-2022-49433Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent use of lock before it is initialized If there is a failure during probe of hfi1 before the sdma_map_lock is initialized, the call to hfi1_free_devdata() will attempt to use a lock that has no

  • CVE-2022-49432Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/xics: fix refcount leak in icp_opal_init() The of_find_compatible_node() function returns a node pointer with refcount incremented, use of_node_put() on it when done.

  • CVE-2022-49429Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent panic when SDMA is disabled If the hfi1 module is loaded with HFI1_CAP_SDMA off, a call to hfi1_write_iter() will dereference a NULL pointer and panic. A typical stack frame is: sdma_selec

  • CVE-2022-49421Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node

  • CVE-2022-49416Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free in chanctx code In ieee80211_vif_use_reserved_context(), when we have an old context and the new context's replace_state is set to IEEE80211_CHANCTX_REPLACE_NONE, we free the

  • CVE-2022-49414Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4_write and ext4_convert_inline_data Hulk Robot reported a BUG_ON: ================================================================== EXT4-fs error (device loop3): ext4_mb_

  • CVE-2022-49413Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different cgroup (or in case of writeback just starts submitting bios associated with a different cgroup) bfq_merge_bio() can

  • CVE-2022-49409Feb 26, 2025
    affected < 1-8.5.1fixed 1-8.5.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search Hulk Robot reported a BUG_ON: ================================================================== kernel BUG at fs/ext4/extents_status.c:199! [...] RIP: 0010:ext4_es_end fs/e

Page 7 of 13