rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Vulnerabilities (1,481)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47436 | — | < 4.12.14-16.188.1 | 4.12.14-16.188.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 ("usb: musb: musb_dsps: request_irq() after initializing musb") has inverted the calls to dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() | ||
| CVE-2021-47435 | — | < 4.12.14-16.188.1 | 4.12.14-16.188.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result i | ||
| CVE-2021-47434 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at [6:63] bits of the command ring control register (CRCR). All the control bits like command stop, abort a | ||
| CVE-2023-52875 | — | < 4.12.14-16.188.1 | 4.12.14-16.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. | ||
| CVE-2023-52867 | — | < 4.12.14-16.188.1 | 4.12.14-16.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after access. | ||
| CVE-2023-52865 | — | < 4.12.14-16.188.1 | 4.12.14-16.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. | ||
| CVE-2023-52864 | — | < 4.12.14-16.188.1 | 4.12.14-16.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 ("drivers: misc: pass miscdevice pointer via file private data"), the miscdevice stores a pointer to itself inside filp->private_data, whi | ||
| CVE-2023-52855 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In _dwc2_hcd_urb_enqueue(), "urb->hcpriv = NULL" is executed without holding the lock "hsotg->lock". In _dwc2_hcd_urb_dequeue(): | ||
| CVE-2023-52845 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING syzbot reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in | ||
| CVE-2023-52843 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llc_rcv on a tun device. Tun can insert packe | ||
| CVE-2023-52835 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound When perf-record with a large AUX area, e.g 4GB, it fails with: #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1 failed to mmap with | ||
| CVE-2023-52834 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: atl1c: Work around the DMA RX overflow issue This is based on alx driver commit 881d0327db37 ("net: alx: Work around the DMA RX overflow issue"). The alx and atl1c drivers had RX overflow error which was why a | ||
| CVE-2023-52832 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211_get_tx_power() We can get a UBSAN warning if ieee80211_get_tx_power() returns the INT_MIN value mac80211 internally uses for "unset power level". UBSAN: s | ||
| CVE-2023-52821 | — | < 4.12.14-16.188.1 | 4.12.14-16.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatile_panel_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_m | ||
| CVE-2023-52819 | — | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexible arrays. | ||
| CVE-2023-52818 | — | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays. | ||
| CVE-2023-52817 | — | < 4.12.14-16.194.1 | 4.12.14-16.194.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_r | ||
| CVE-2023-52811 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the cod | ||
| CVE-2023-52809 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() fc_lport_ptp_setup() did not check the return value of fc_rport_create() which can return NULL and would cause a NULL pointer derefere | ||
| CVE-2023-52808 | — | < 4.12.14-16.191.1 | 4.12.14-16.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfs_remove_recursive() is called, after which debug |
- CVE-2021-47436May 22, 2024affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1
In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 ("usb: musb: musb_dsps: request_irq() after initializing musb") has inverted the calls to dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev()
- CVE-2021-47435May 22, 2024affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result i
- CVE-2021-47434May 22, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at [6:63] bits of the command ring control register (CRCR). All the control bits like command stop, abort a
- CVE-2023-52875May 21, 2024affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.
- CVE-2023-52867May 21, 2024affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after access.
- CVE-2023-52865May 21, 2024affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.
- CVE-2023-52864May 21, 2024affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 ("drivers: misc: pass miscdevice pointer via file private data"), the miscdevice stores a pointer to itself inside filp->private_data, whi
- CVE-2023-52855May 21, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In _dwc2_hcd_urb_enqueue(), "urb->hcpriv = NULL" is executed without holding the lock "hsotg->lock". In _dwc2_hcd_urb_dequeue():
- CVE-2023-52845May 21, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING syzbot reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in
- CVE-2023-52843May 21, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llc_rcv on a tun device. Tun can insert packe
- CVE-2023-52835May 21, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound When perf-record with a large AUX area, e.g 4GB, it fails with: #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1 failed to mmap with
- CVE-2023-52834May 21, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: atl1c: Work around the DMA RX overflow issue This is based on alx driver commit 881d0327db37 ("net: alx: Work around the DMA RX overflow issue"). The alx and atl1c drivers had RX overflow error which was why a
- CVE-2023-52832May 21, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211_get_tx_power() We can get a UBSAN warning if ieee80211_get_tx_power() returns the INT_MIN value mac80211 internally uses for "unset power level". UBSAN: s
- CVE-2023-52821May 21, 2024affected < 4.12.14-16.188.1fixed 4.12.14-16.188.1
In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatile_panel_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_m
- CVE-2023-52819May 21, 2024affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexible arrays.
- CVE-2023-52818May 21, 2024affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays.
- CVE-2023-52817May 21, 2024affected < 4.12.14-16.194.1fixed 4.12.14-16.194.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_r
- CVE-2023-52811May 21, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the cod
- CVE-2023-52809May 21, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() fc_lport_ptp_setup() did not check the return value of fc_rport_create() which can return NULL and would cause a NULL pointer derefere
- CVE-2023-52808May 21, 2024affected < 4.12.14-16.191.1fixed 4.12.14-16.191.1
In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfs_remove_recursive() is called, after which debug
Page 19 of 75