VYPR

rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Server 12 SP5

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Vulnerabilities (1,481)

  • CVE-2024-35805MedMay 17, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. Fix this by adding "cond_resched" to the loop that frees the exceptions.

  • CVE-2023-52669HigMay 17, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual

  • CVE-2023-52664HigMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aq_ring_free could be called multiple times on same ring, if system is under stress and g

  • CVE-2024-35791HigMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() Do the cache flush of converted pages in svm_register_enc_region() before dropping kvm->lock to fix use-after-free issues where regi

  • CVE-2024-35789HigMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can c

  • CVE-2024-27436MedMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array.

  • CVE-2024-27419MedMay 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently.

  • CVE-2024-27410MedMay 17, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an

  • CVE-2024-27401HigMay 14, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the user_length provided. If the length of the head packet exceeds the user_length,

  • CVE-2024-27399MedMay 14, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be

  • CVE-2024-27398HigMay 14, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection

  • CVE-2024-27396HigMay 14, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU gr

  • CVE-2023-52655MedMay 14, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeof(u64) the value passed to skb_trim() as length will wrap around ending up as some very large value. T

  • CVE-2021-34981MedMay 7, 2024
    affected < 4.12.14-16.80.1fixed 4.12.14-16.80.1

    Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target s

  • CVE-2022-48704MedMay 3, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not b

  • CVE-2022-48695HigMay 3, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c

  • CVE-2022-48702HigMay 3, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_a

  • CVE-2022-48701HigMay 3, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-boun

  • CVE-2022-48697MedMay 3, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr 0000607

  • CVE-2022-48688MedMay 3, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately b

Page 29 of 75