VYPR

rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Server 12 SP5

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Vulnerabilities (1,481)

  • CVE-2023-52646MedApr 26, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: aio: fix mremap after fork null-deref Commit e4a0d3e720e7 ("aio: Make it possible to remap aio ring") introduced a null-deref if mremap is called on an old aio mapping after fork as mm->ioctx_table will be set

  • CVE-2024-26924MedApr 25, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: add_elem("00000000") timeout 100 ms ... ad

  • CVE-2024-26923MedApr 25, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM

  • CVE-2024-26922MedApr 23, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpu_vm_bo_(map/replace_map/clearing_mappings) in one common place.

  • CVE-2024-26921MedApr 18, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->sk as function argument. If the skb is a fragment and reassembly happens before such function call retu

  • CVE-2024-26920MedApr 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: tracing/trigger: Fix to return error if failed to alloc snapshot Fix register_snapshot_trigger() to return error code if it failed to allocate a snapshot instead of 0 (success). Unless that, it will register sn

  • CVE-2024-26915MedApr 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well.

  • CVE-2024-26907HigApr 17, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------[ cut here ]------------ memcpy: detected field-spanning write (size 56) of single field "eseg->inline_hdr.start" at /var/lib/dkms

  • CVE-2024-26903MedApr 17, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a no

  • CVE-2024-26901MedApr 17, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys_name_to_handle() and issued the following report [1]. [1] "BUG: KMSAN: kernel-i

  • CVE-2024-26900MedApr 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev->serial If kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 (size 49152): comm "m

  • CVE-2024-26898HigApr 17, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel.

  • CVE-2024-26894MedApr 17, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896

  • CVE-2024-26884HigApr 17, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. Ho

  • CVE-2024-26883HigApr 17, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0.

  • CVE-2024-26880MedApr 17, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend There is this reported crash when experimenting with the lvm2 testsuite. The list corruption is caused by the fact that the postsuspend and resume methods were not

  • CVE-2024-26878MedApr 17, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_off drop_dquot_ref remove_dquot_ref dquots = i_dquot(inode)

  • CVE-2024-26876MedApr 17, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of adv7511_probe(). If an IRQ already is pending during adv7511_probe (before adv7511_cec_init) then cec_received_msg_ts co

  • CVE-2024-26874MedApr 17, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip It's possible that mtk_crtc->event is NULL in mtk_drm_crtc_finish_page_flip(). pending_needs_vblank value is set by mtk_crtc->event, but

  • CVE-2024-26863MedApr 17, 2024
    affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1

    In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node() KMSAN reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in hsr_get_node+0xa2e/0

Page 32 of 75