VYPR

rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Server 12 SP5

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Vulnerabilities (1,481)

  • CVE-2023-52528MedMar 2, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg syzbot reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in sms

  • CVE-2023-52527MedMar 2, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() Including the transhdrlen in length is a problem when the packet is partially filled (e.g. something like send(MSG_MORE) happened previously) wh

  • CVE-2023-52524HigMar 2, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered.

  • CVE-2023-52515HigMar 2, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler callback, it performs one of the following actions: * Call scsi_queue_insert(). * Call s

  • CVE-2023-52509HigMar 2, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: ravb: Fix use-after-free issue in ravb_tx_timeout_work() The ravb_stop() should call cancel_work_sync(). Otherwise, ravb_tx_timeout_work() is possible to use the freed priv after ravb_remove() was called like b

  • CVE-2023-52507HigMar 2, 2024
    affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1

    In the Linux kernel, the following vulnerability has been resolved: nfc: nci: assert requested protocol is valid The protocol is used in a bit mask to determine if the protocol is supported. Assert the provided protocol is less than the maximum defined so it doesn't potentially

  • CVE-2023-52502MedMar 2, 2024
    affected < 4.12.14-16.173.1fixed 4.12.14-16.173.1

    In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock s

  • CVE-2022-48627MedMar 2, 2024
    affected < 4.12.14-16.173.1fixed 4.12.14-16.173.1

    In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to m

  • CVE-2021-47078MedMar 1, 2024
    affected < 4.12.14-16.173.1fixed 4.12.14-16.173.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Clear all QP fields if creation failed rxe_qp_do_cleanup() relies on valid pointer values in QP for the properly created ones, but in case rxe_qp_from_init() failed it was filled with garbage and caus

  • CVE-2021-47077MedMar 1, 2024
    affected < 4.12.14-16.173.1fixed 4.12.14-16.173.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add pointer checks in qedf_update_link_speed() The following trace was observed: [ 14.042059] Call Trace: [ 14.042061] [ 14.042068] qedf_link_update+0x144/0x1f0 [qedf] [ 14.0421

  • CVE-2021-47076MedMar 1, 2024
    affected < 4.12.14-16.173.1fixed 4.12.14-16.173.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused the following kernel panic if someone sent an atomic operation with an explicitl

  • CVE-2021-47074MedMar 1, 2024
    affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-loop: fix memory leak in nvme_loop_create_ctrl() When creating loop ctrl in nvme_loop_create_ctrl(), if nvme_init_ctrl() fails, the loop ctrl should be freed before jumping to the "out" label.

  • CVE-2021-47073MedMar 1, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems where the Dell WMI interface is supported. While exit_dell_smbios_wmi() u

  • CVE-2021-47071MedMar 1, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix a memory leak in error handling paths If 'vmbus_establish_gpadl()' fails, the (recv|send)_gpadl will not be updated and 'hv_uio_cleanup()' in the error handling path will not be able to free

  • CVE-2021-47070MedMar 1, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix another memory leak in error handling paths Memory allocated by 'vmbus_alloc_ring()' at the beginning of the probe function is never freed in the error handling path. Add the missing 'vmbus

  • CVE-2021-47068HigFeb 29, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d ("nfc: fix refcount leak in llcp_sock_connect()") and c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()") fixed a refcount leak bug in bi

  • CVE-2021-47063HigFeb 29, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: drm: bridge/panel: Cleanup connector on bridge detach If we don't call drm_connector_cleanup() manually in panel_bridge_detach(), the connector will be cleaned up with the other DRM objects in the call to drm_m

  • CVE-2021-47061HigFeb 29, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU If allocating a new instance of an I/O bus fails when unregistering a device, wait to destroy the device until after all readers are guar

  • CVE-2021-47060MedFeb 29, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MMIO zones if kvm_io_bus_unregister_dev() fails to allocate memory for the new instance of the bus. If it can't in

  • CVE-2021-47056MedFeb 29, 2024
    affected < 4.12.14-16.182.1fixed 4.12.14-16.182.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init ADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2pf_shutdown() before calling adf_iov_putmsg()->mutex_lock(vf2pf_lock), however the

Page 40 of 75