59854 matches found
SUSE CVE-2022-50854
In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fix memory leak in virtualncisend skb should be free in virtualncisend, otherwise kmemleak will report memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make ./ncidev BUG: memor...
SUSE CVE-2022-50855
In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpfprogattach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPFLSMCGROUP, we return too early if...
SUSE CVE-2022-50856
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifssesaddchannel Before return, should free the xid, otherwise, the xid will be leaked...
SUSE CVE-2022-50857
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rioregistermport If deviceregister returns error, the name allocated by devsetname need be freed. It should use putdevice to give up the reference in the error path, so that the name can be...
SUSE CVE-2022-50858
In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...
SUSE CVE-2022-50859
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...
SUSE CVE-2022-50860
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in allocns After changes in commit a1bd627b46d1 "apparmor: share profile name on replacement", the hname member of struct aapolicy is not valid slab object, but a subset of that, it can not be freed by...
SUSE CVE-2022-50861
In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...
SUSE CVE-2022-50862
In the Linux kernel, the following vulnerability has been resolved: bpf: prevent decltag from being referenced in funcproto Syzkaller was able to hit the following issue: ------------ cut here ------------ WARNING: CPU: 0 PID: 3609 at kernel/bpf/btf.c:1946 btftypeidsize+0x2d5/0x9d0...
SUSE CVE-2022-50863
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: free unused skb to prevent memory leak This avoid potential memory leak under power saving mode...
SUSE CVE-2022-50864
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds due to too large exponent of block size If field slogblocksize of superblock data is corrupted and too large, initnilfs and loadnilfs still can trigger a shift-out-of-bounds warning followed by a...
SUSE CVE-2022-50865
In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog The type of skrcvbuf and sksndbuf in struct sock is int, and in tcpaddbacklog, the variable limit is caculated by adding skrcvbuf, sksndbuf and 64 1024, it may exceed the ma...
SUSE CVE-2022-50866
In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter kasprintf would return NULL pointer when kmalloc fail to allocate. Need to check the return pointer before calling strcmp...
SUSE CVE-2022-50867
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs statekcalloc usage adrenoshowobject is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree. Which means the data passed to it...
SUSE CVE-2022-50868
In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count for...
SUSE CVE-2022-50869
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...
SUSE CVE-2022-50870
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtasosterm rtasosterm is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ...
SUSE CVE-2022-50871
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...
SUSE CVE-2022-50872
In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtimecounterinit The "sysclk" resource is malloced by clkget, it is not released when the function return...
SUSE CVE-2022-50873
In the Linux kernel, the following vulnerability has been resolved: vdpa/vpvdpa: fix kfree a wrong pointer in vpvdparemove In vpvdparemove, the code kfree&vpvdpamgtdev-mgtdev.idtable uses a reference of pointer as the argument of kfree, which is the wrong pointer and then may hit crash like this:...
SUSE CVE-2022-50874
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdmammap rdmausermmapentryget take reference, we should release it when not need anymore, add the missing rdmausermmapentryput in the error path to fix it...
SUSE CVE-2022-50875
In the Linux kernel, the following vulnerability has been resolved: of: overlay: fix null pointer dereferencing in finddupcsetnodeentry and finddupcsetprop When kmalloc fail to allocate memory in kasprintf, fn1 or fn2 will be NULL, and strcmp will cause null pointer dereference...
SUSE CVE-2022-50876
In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musbgadget.c rxstate overflow bug The usb function device call musbgadgetqueue adds the passed request to musbep::reqlist,If the request-length musbep-packetsz and isbuffermappedreq return false,the rxstate will co...
SUSE CVE-2022-50877
In the Linux kernel, the following vulnerability has been resolved: net: broadcom: bcm4908enet: update TX stats after actual transmission Queueing packets doesn't guarantee their transmission. Update TX stats after hardware confirms consuming submitted data. This also fixes a possible race and NU...
SUSE CVE-2022-50878
In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611connectorinit A NULL check for bridge-encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 if !bridge-encoder...
SUSE CVE-2022-50879
In the Linux kernel, the following vulnerability has been resolved: objtool: Fix SEGFAULT findinsn will return NULL in case of failure. Check insn in order to avoid a kernel Oops for NULL pointer dereference...
SUSE CVE-2022-50880
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdevid and address, it has only one...
SUSE CVE-2022-50881
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free in ath9k that occurs in ath9khifusbdisconnect when ath9kdestroywmi is trying to access 'drvpriv' that has already been freed by...
SUSE CVE-2022-50882
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix memory leak in uvcgpioparse Previously the unit buffer was allocated before checking the IRQ for privacy GPIO. In case of error, the unit buffer was leaked. Allocate the unit buffer after the IRQ to avoid it...
SUSE CVE-2022-50883
In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent decltag from being referenced in funcproto arg Syzkaller managed to hit another decltag issue: btffuncprotocheck kernel/bpf/btf.c:4506 inline btfcheckalltypes kernel/bpf/btf.c:4734 inline btfparsetypesec+0x1175/0x198...
SUSE CVE-2022-50884
In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver fields that are required by drivers since drmcopyfield attempts to copy them to user-space via DRMIOCTLVERSION. But it can be possible th...
SUSE CVE-2022-50885
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...
SUSE CVE-2022-50886
In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...
SUSE CVE-2022-50887
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix unbalanced of node refcount in regulatordevlookup I got the the following report: OF: ERROR: memory leak, expected refcount 1 instead of 2, ofnodeget/ofnodeput unbalanced - destroy cset entry: attach overlay...
SUSE CVE-2022-50888
In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5wcssinitmmio q6v5wcssinitmmio will call platformgetresourcebyname that may fail and return NULL. devmioremap will use res-start as input, which may causes null-ptr-deref...
SUSE CVE-2022-50889
In the Linux kernel, the following vulnerability has been resolved: dm integrity: Fix UAF in dmintegritydtr Dmintegrity also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in dmintegritydtr...
SUSE CVE-2023-54162
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2lock argv needs to be free when setupasyncwork fails or when the current process is woken up...
SUSE CVE-2023-54164
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
SUSE CVE-2023-54165
In the Linux kernel, the following vulnerability has been resolved: zsmalloc: move LRU update from zsmapobject to zsmalloc Under memory pressure, we sometimes observe the following crash: 5694.832838 ------------ cut here ------------ 5694.842093 listdel corruption, ffff888014b6a448-next is...
SUSE CVE-2023-54166
In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndotxtimeout callback The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening during the test. This...
SUSE CVE-2023-54167
In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zero e.g. on Amiga: initrd: 0ef0602c - 0f800000 Zone ranges: DMA mem...
SUSE CVE-2023-54168
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Prevent shift wrapping in setusersqsize The ucmd-logsqbbcount variable is controlled by the user so this shift can wrap. Fix it by using checkshloverflow in the same way that it was done in commit 515f60004ed9 "RDMA/hn...
SUSE CVE-2023-54169
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5eptpopen When kvzallocnode or kvzalloc failed in mlx5eptpopen, the memory pointed by "c" or "cparams" is not freed, which can lead to a memory leak. Fix by freeing the array in the error path...
SUSE CVE-2023-54170
In the Linux kernel, the following vulnerability has been resolved: keys: Fix linking a duplicate key to a keyring's assocarray When making a DNS query inside the kernel using dnsquery, the request code can in rare cases end up creating a duplicate index key in the assocarray of the destination...
SUSE CVE-2023-54171
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak of iter-temp when reading tracepipe kmemleak reports: unreferenced object 0xffff88814d14e200 size 256: comm "cat", pid 336, jiffies 4294871818 age 779.490s hex dump first 32 bytes: 04 00 01 03 00 00 00 00...
SUSE CVE-2023-54172
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
SUSE CVE-2023-54173
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpfeventoutput We received report 1 of kernel crash, which is caused by using nesting protection without disabled preemption. The bpfeventoutput can be called by programs executed by bpfprogrunarraycg...
SUSE CVE-2023-54174
In the Linux kernel, the following vulnerability has been resolved: vfio: Fix NULL pointer dereference caused by uninitialized group-iommufd group-iommufd is not initialized for the iommufdctxput 20018.331541 BUG: kernel NULL pointer dereference, address: 0000000000000000 20018.377508 RIP:...
SUSE CVE-2023-54175
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiicxfer: Fix runtime PM leak on error path The xiicxfer function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is currently one error path wher...
SUSE CVE-2023-54176
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...