VYPR

rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Server 12 SP5

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Vulnerabilities (1,481)

  • CVE-2021-47258MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsi_host_alloc() After device is initialized via device_initialize(), or its name is set via dev_set_name(), the device has to be freed via put_device(). Otherwise device nam

  • CVE-2021-47257MedMay 21, 2024
    affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1

    In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type.

  • CVE-2021-47254HigMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in gfs2_glock_shrink_scan The GLF_LRU flag is checked under lru_lock in gfs2_glock_remove_from_lru() to remove the glock from the lru list in __gfs2_glock_put(). On the shrink scan pat

  • CVE-2021-47252MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid WARN_ON timing related checks The soft/batadv interface for a queued OGM can be changed during the time the OGM was queued for transmission and when the OGM is actually transmitted by the work

  • CVE-2021-47250MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlbl_cipsov4_add_std Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) h

  • CVE-2021-47249MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net: rds: fix memory leak in rds_recvmsg Syzbot reported memory leak in rds. The problem was in unputted refcount in case of error. int rds_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, int m

  • CVE-2021-47248MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close() and udp_abort() Kaustubh reported and diagnosed a panic in udp_lib_lookup(). The root cause is udp_abort() racing with close(). Both racing functions acquire the socket lock, but u

  • CVE-2021-47246MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix page reclaim for dead peer hairpin When adding a hairpin flow, a firmware-side send queue is created for the peer net device, which claims some host memory pages for its internal ring buffer. If

  • CVE-2021-47245HigMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: Fix out of bounds when parsing TCP options The TCP option parser in synproxy (synproxy_parse_options) could read one byte out of bounds. When the length is 1, the execution flow gets into t

  • CVE-2021-47239HigMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind") fails to clean up the work scheduled in smsc75xx_reset-> smsc75xx_set_multicast, whi

  • CVE-2021-47238MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in ip_mc_add1_src BUG: memory leak unreferenced object 0xffff888101bc4c00 (size 32): comm "syz-executor527", pid 360, jiffies 4294807421 (age 19.329s) hex dump (first 32 bytes):

  • CVE-2021-47237MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net: hamradio: fix memory leak in mkiss_close My local syzbot instance hit memory leak in mkiss_open()[1]. The problem was in missing free_netdev() in mkiss_close(). In mkiss_open() netdevice is allocated and

  • CVE-2021-47236MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it

  • CVE-2021-47235HigMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ec_bhf_remove static void ec_bhf_remove(struct pci_dev *dev) { ... struct ec_bhf_priv *priv = netdev_priv(net_dev); unregister_netdev(net_dev); free_netdev(net

  • CVE-2021-47231MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: fix memory leak in mcba_usb Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS Analyzer Tool. The problem was in unfreed usb_coherent. In mcba_usb_start() 20 coherent buffers

  • CVE-2021-47229MedMay 21, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIO_START register when previous transfer has not yet completed (which is indicated by value 1 in PIO

  • CVE-2024-36004MedMay 20, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in check_flush_dependency is being trigg

  • CVE-2024-35998MedMay 20, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: smb3: fix lock ordering potential deadlock in cifs_sync_mid_result Coverity spotted that the cifs_sync_mid_result function could deadlock "Thread deadlock (ORDER_REVERSAL) lock_order: Calling spin_lock acquire

  • CVE-2024-35997MedMay 20, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C core already has its own locking

  • CVE-2024-35995MedMay 20, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was unc

Page 25 of 75