SUSE CVE-2022-49259

In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are deleted. Apparently this is usually benign; however, a WARN will be triggered if one of the child kobjec...

SUSE CVE-2022-49312

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix a potential memory leak in r871xudrvinit In r871xudrvinit, if r8712initdrvsw fails, then the memory allocated by r8712allocioqueue in r8712usbdvobjinit is not properly released as there is no action will be...

SUSE CVE-2022-49377

In the Linux kernel, the following vulnerability has been resolved: blk-mq: don't touch -tagset in blkmqgetsqhctx blkmqrunhwqueues could be run when there isn't queued request and after queue is cleaned up, at that time tagset is freed, because tagset lifetime is covered by driver, and often free...

SUSE CVE-2022-49412

In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide two queues are worth to merge and set bic-stablemergebfqq and the moment bfqsetupmerge is called. This...

SUSE CVE-2022-49492

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvmeallocadmintags In nvmeallocadmintags, the adminq can be set to an error typically -ENOMEM if the blkmqinitqueue call fails to set up the queue, which is checked immediately after th...

SUSE CVE-2022-49555

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggered by code calling deltim...

SUSE CVE-2022-49592

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is 4, left shift overflows due to 32 bits integer variable. Mask calculation is wrong for MTLRXQDMAMAP1. If CONFIGUBSAN is enabled, kernel dumps below warning...

SUSE CVE-2022-49646

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix queue selection for mesh/OCB interfaces When using iTXQ, the code assumes that there is only one vif queue for broadcast packets, using the BE queue. Allowing non-BE queue marking violates that assumption and...

SUSE CVE-2022-49649

In the Linux kernel, the following vulnerability has been resolved: xen/netback: avoid entering xenvifrxnextskb with an empty rx queue xenvifrxnextskb is expecting the rx queue not being empty, but in case the loop in xenvifrxaction is doing multiple iterations, the availability of another skb in...

SUSE CVE-2022-49701

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Allocate/free queue resource only during probe/remove Currently, the sub-queues and event pool resources are allocated/freed for every CRQ connection event such as reset and LPM. This exposes the driver to a couple...

CVE-2025-21770 iommu: Fix potential memory leak in iopf_queue_remove_device()

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopfqueueremovedevice The iopfqueueremovedevice helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstanding iopf's with an...

CVE-2024-54458 scsi: ufs: bsg: Set bsg_queue to NULL after removal

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsgqueue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsgqueue to NULL after removing it to prevent potential use-after-free UAF access...

DEBIAN-CVE-2025-21723

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...

UBUNTU-CVE-2025-21723

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...

CVE-2024-58019 nvkm/gsp: correctly advance the read pointer of GSP message queue

In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP messag...

CVE-2024-58019 nvkm/gsp: correctly advance the read pointer of GSP message queue

In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP messag...

CVE-2024-58019

In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP messag...

CVE-2024-58018 nvkm: correctly calculate the available space of the GSP cmdq buffer

In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535gspcmdqpush waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one available page in the cmdq, it...

CVE-2024-58018

In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535gspcmdqpush waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one available page in the cmdq, it...

CVE-2025-21723 scsi: mpi3mr: Fix possible crash when setting up bsg fails

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...