rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Server 12 SP5
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Vulnerabilities (1,481)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-40978 | Hig | 7.1 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly on a __user pointer, which results into the crash. To fix this issue, use a smal | |
| CVE-2024-40967 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduce timeout when waiting on transmitter empty By waiting at most 1 second for USR2_TXDC to be set, we avoid a potential deadlock. In case of the timeout, there is not much we can do, so we s | |
| CVE-2024-40966 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: add the option to have a tty reject a new ldisc ... and use it to limit the virtual terminals to just N_TTY. They are kind of special, and in particular, the "con_write()" routine violates the "writes can | |
| CVE-2024-40959 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() ip6_dst_idev() can return NULL, xfrm6_get_saddr() must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonica | |
| CVE-2024-40953 | Med | 4.7 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() Use {READ,WRITE}_ONCE() to access kvm->last_boosted_vcpu to ensure the loads and stores are atomic. In the extremely unlikely scenario the compil | |
| CVE-2024-40943 | Med | 4.7 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit "ocfs2: return real error code in ocfs2_dio_wr_get_block", fstests/generic/300 become from always failed to sometimes failed: =================== | |
| CVE-2024-40942 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in ieee80211_if_mesh, to keep track of mpath we need to resolve. If the mpath gets de | |
| CVE-2024-40941 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't read past the mfuart notifcation In case the firmware sends a notification that claims it has more data than it has, we will read past that was allocated for the notification. Remove t | |
| CVE-2024-40937 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags | |
| CVE-2024-40932 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fix memory leak in .get_modes() The duplicated EDID is never freed. Fix it. | |
| CVE-2024-40929 | Hig | 7.1 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one even though n_ssids is 0. Accessing the pointer in this case will cuase an out-of | |
| CVE-2024-40923 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3_rq_create() fails to allocate memory for rq->data_ring.base, the subsequent call to vmxnet3_rq_destroy_all_rxdataring does not reset rq->data | |
| CVE-2024-40912 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() The ieee80211_sta_ps_deliver_wakeup() function takes sta->ps_lock to synchronizes with ieee80211_tx_h_unicast_ps_buf() which is called from soft | |
| CVE-2024-40904 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion callback in the cdc-wdm driver was taking too long, and the driver's immediate resu | |
| CVE-2024-40901 | Hig | 7.8 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a potential out-of-bounds access when using test_bit() on a single word. The test_bit() and set_bit() functions operate on long val | |
| CVE-2024-39509 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARN_ON() in implement() Syzkaller hit a warning [1] in a call to implement() when trying to write a value into a field of smaller size in an output report. Since implement() alre | |
| CVE-2024-39507 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver to handle this event, but at this time, the roce driver may uninit, then cause k | |
| CVE-2024-39506 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet In lio_vf_rep_copy_packet() pg_info->page is compared to a NULL value, but then it is unconditionally passed to skb_add_rx_frag() which lo | |
| CVE-2024-39499 | Hig | 7.1 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in event_deliver() Coverity spotted that event_msg is controlled by user-space, event_msg->event_data.event is passed to event_deliver() and used as an index | |
| CVE-2024-39494 | Hig | 7.8 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its paren |
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly on a __user pointer, which results into the crash. To fix this issue, use a smal
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduce timeout when waiting on transmitter empty By waiting at most 1 second for USR2_TXDC to be set, we avoid a potential deadlock. In case of the timeout, there is not much we can do, so we s
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: tty: add the option to have a tty reject a new ldisc ... and use it to limit the virtual terminals to just N_TTY. They are kind of special, and in particular, the "con_write()" routine violates the "writes can
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() ip6_dst_idev() can return NULL, xfrm6_get_saddr() must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonica
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() Use {READ,WRITE}_ONCE() to access kvm->last_boosted_vcpu to ensure the loads and stores are atomic. In the extremely unlikely scenario the compil
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit "ocfs2: return real error code in ocfs2_dio_wr_get_block", fstests/generic/300 become from always failed to sometimes failed: ===================
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in ieee80211_if_mesh, to keep track of mpath we need to resolve. If the mpath gets de
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't read past the mfuart notifcation In case the firmware sends a notification that claims it has more data than it has, we will read past that was allocated for the notification. Remove t
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fix memory leak in .get_modes() The duplicated EDID is never freed. Fix it.
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one even though n_ssids is 0. Accessing the pointer in this case will cuase an out-of
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3_rq_create() fails to allocate memory for rq->data_ring.base, the subsequent call to vmxnet3_rq_destroy_all_rxdataring does not reset rq->data
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() The ieee80211_sta_ps_deliver_wakeup() function takes sta->ps_lock to synchronizes with ieee80211_tx_h_unicast_ps_buf() which is called from soft
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion callback in the cdc-wdm driver was taking too long, and the driver's immediate resu
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a potential out-of-bounds access when using test_bit() on a single word. The test_bit() and set_bit() functions operate on long val
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARN_ON() in implement() Syzkaller hit a warning [1] in a call to implement() when trying to write a value into a field of smaller size in an output report. Since implement() alre
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver to handle this event, but at this time, the roce driver may uninit, then cause k
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet In lio_vf_rep_copy_packet() pg_info->page is compared to a NULL value, but then it is unconditionally passed to skb_add_rx_frag() which lo
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in event_deliver() Coverity spotted that event_msg is controlled by user-space, event_msg->event_data.event is passed to event_deliver() and used as an index
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its paren
Page 11 of 75