VYPR

rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Server 12 SP5

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Vulnerabilities (1,481)

  • CVE-2024-35863HigMay 19, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35862HigMay 19, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2024-35849HigMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/

  • CVE-2023-52698MedMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlbl_calipso_add_pass() If IPv6 support is disabled at boot (ipv6.disable=1), the calipso_init() -> netlbl_calipso_ops_register() function isn't called, and the netlbl_calipso_ops_

  • CVE-2023-52696HigMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_powercap_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

  • CVE-2023-52693MedMay 17, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: ACPI: video: check for error while searching for backlight device parent If acpi_get_parent() called in acpi_video_dev_register_backlight() fails, for example, because acpi_ut_acquire_mutex() fails inside acpi_

  • CVE-2023-52691HigMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails, amdgpu_free_extended_power_table is called to free some fields of adev. Howev

  • CVE-2023-52686MedMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

  • CVE-2023-52683MedMay 17, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32

  • CVE-2023-52675MedMay 17, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

  • CVE-2024-35837MedMay 17, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue

  • CVE-2024-35835MedMay 17, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups When `in` allocated by kvzalloc fails, arfs_create_groups will free ft->g and return an error. However, arfs_create_table, the only caller of arfs_create_group

  • CVE-2024-35830MedMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: media: tc358743: register v4l2 async device only after successful setup Ensure the device has been setup correctly before registering the v4l2 async device, thus allowing userspace to access.

  • CVE-2024-35828MedMay 17, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be

  • CVE-2024-35822MedMay 17, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from mass storage function, WARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usb_ep_queue+0x7c/0x104 p

  • CVE-2024-35819MedMay 17, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgr_lock smp_call_function always runs its callback in hard IRQ context, even on PREEMPT_RT, where spinlocks can sleep. So we need to use a raw spinlock for cgr_lock to ens

  • CVE-2024-35811MedMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following

  • CVE-2024-35809MedMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtime_idle() callback and the .remove() callback in the rtsx_pcr PCI driver leads to a kernel crash due to an unhandled

  • CVE-2024-35807MedMay 17, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 blocks resize_inode is turned

  • CVE-2024-35806MedMay 17, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Always disable interrupts when taking cgr_lock smp_call_function_single disables IRQs when executing the callback. To prevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere. Thi

Page 28 of 75