rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Server 12 SP5
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Vulnerabilities (1,481)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26636 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header [1] Lik | |
| CVE-2024-26635 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the b | |
| CVE-2024-26633 | Med | 5.5 | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() syzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken. Reading frag_off can only be done if we pulled enough bytes to skb->hea | |
| CVE-2023-52619 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become an odd number. The address of the zone will becom | |
| CVE-2023-52615 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng There is a dead-lock in the hwrng device read path. This triggers when the user reads from /dev/hwrng into memory also mmap-ed from /dev/hwrng. The resu | |
| CVE-2023-52614 | Hig | 7.8 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer overflow in trans_stat_show(). Convert simple snprintf to the more secure scnprintf with size of PAGE_SIZE. Add condition checking if we are exc | |
| CVE-2023-52612 | Hig | 7.8 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Mar 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req->dst buffer overflow The req->dst buffer size should be checked before copying from the scomp_scratch->dst to avoid req->dst buffer overflow problem. | |
| CVE-2021-47131 | Hig | 7.8 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix use-after-free after the TLS device goes down and up When a netdev with active TLS offload goes down, tls_device_down is called to stop the offload and tear down the TLS context. However, the socke | |
| CVE-2021-47119 | Med | 5.5 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_fill_super Buffer head references must be released before calling kill_bdev(); otherwise the buffer head (and its page referenced by b_data) will not be freed by kill_bdev, and sub | |
| CVE-2021-47118 | Hig | 7.8 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing `cad_pid` During boot, kernel_init_freeable() initializes `cad_pid` to the init task's struct pid. Later on, we may change `cad_pid` via a sysctl, and when this happens | |
| CVE-2021-47117 | Med | 5.5 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault: [130747.323114] kernel BUG at fs/ext4/extents_status.c:762! [130747.323117 | |
| CVE-2021-47114 | Med | 5.5 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with | |
| CVE-2021-47113 | Med | 5.5 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: abort in rename_exchange if we fail to insert the second ref Error injection stress uncovered a problem where we'd leave a dangling inode ref if we failed during a rename_exchange. This happens because | |
| CVE-2021-47112 | Med | 5.5 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features (Async PF, PV EOI, steal time) work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all | |
| CVE-2021-47110 | Hig | 7.1 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machine_shutdown() hook and this only happens for boot CPU. We need to disable it for all CPUs to guard against memory corrup | |
| CVE-2023-28746 | Med | 6.5 | < 4.12.14-16.173.1 | 4.12.14-16.173.1 | Mar 14, 2024 | Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2024-26615 | Med | 5.5 | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | Mar 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1 | |
| CVE-2024-26614 | Med | 5.5 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: | |
| CVE-2023-52488 | Med | 5.5 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent ($00), followed by all the FIFO d | |
| CVE-2023-52486 | Med | 5.5 | < 4.12.14-16.182.1 | 4.12.14-16.182.1 | Mar 11, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from |
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header [1] Lik
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the b
- affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() syzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken. Reading frag_off can only be done if we pulled enough bytes to skb->hea
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become an odd number. The address of the zone will becom
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng There is a dead-lock in the hwrng device read path. This triggers when the user reads from /dev/hwrng into memory also mmap-ed from /dev/hwrng. The resu
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer overflow in trans_stat_show(). Convert simple snprintf to the more secure scnprintf with size of PAGE_SIZE. Add condition checking if we are exc
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req->dst buffer overflow The req->dst buffer size should be checked before copying from the scomp_scratch->dst to avoid req->dst buffer overflow problem.
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix use-after-free after the TLS device goes down and up When a netdev with active TLS offload goes down, tls_device_down is called to stop the offload and tear down the TLS context. However, the socke
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_fill_super Buffer head references must be released before calling kill_bdev(); otherwise the buffer head (and its page referenced by b_data) will not be freed by kill_bdev, and sub
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing `cad_pid` During boot, kernel_init_freeable() initializes `cad_pid` to the init task's struct pid. Later on, we may change `cad_pid` via a sysctl, and when this happens
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault: [130747.323114] kernel BUG at fs/ext4/extents_status.c:762! [130747.323117
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: abort in rename_exchange if we fail to insert the second ref Error injection stress uncovered a problem where we'd leave a dangling inode ref if we failed during a rename_exchange. This happens because
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features (Async PF, PV EOI, steal time) work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machine_shutdown() hook and this only happens for boot CPU. We need to disable it for all CPUs to guard against memory corrup
- affected < 4.12.14-16.173.1fixed 4.12.14-16.173.1
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU:
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent ($00), followed by all the FIFO d
- affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1
In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from
Page 38 of 75