VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (3,305)

  • CVE-2021-47061Feb 29, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU If allocating a new instance of an I/O bus fails when unregistering a device, wait to destroy the device until after all readers are guar

  • CVE-2021-47060Feb 29, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MMIO zones if kvm_io_bus_unregister_dev() fails to allocate memory for the new instance of the bus. If it can't in

  • CVE-2021-47056Feb 29, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init ADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2pf_shutdown() before calling adf_iov_putmsg()->mutex_lock(vf2pf_lock), however the

  • CVE-2021-47055Feb 29, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e

  • CVE-2021-47054Feb 29, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: bus: qcom: Put child node before return Put child node before return to fix potential reference count leak. Generally, the reference count of child is incremented and decremented automatically in the macro for_

  • CVE-2024-26615Feb 29, 2024
    affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1

  • CVE-2024-26614Feb 29, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU:

  • CVE-2023-52488Feb 29, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent ($00), followed by all the FIFO d

  • CVE-2023-52486Feb 29, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from

  • CVE-2023-52482Feb 29, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stack overflow vulnerability which exists on Hygon processors too.

  • CVE-2023-52478Feb 29, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect hidpp_connect_event() has *four* time-of-check vs time-of-use (TOCTOU) races when it races with itself. hidpp_connect_event() primarily runs fro

  • CVE-2023-52477Feb 29, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev->bos without checking if it was allocated and init

  • CVE-2023-52476Feb 29, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted (NMI) for perf sampling, this call sequence can occur

  • CVE-2023-52475Feb 29, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete syzbot has found a use-after-free bug [1] in the powermate driver. This happens when the device is disconnected, which leads to a memory free f

  • CVE-2023-51779HigFeb 29, 2024
    affected < 4.12.14-122.189.1fixed 4.12.14-122.189.1

    bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.

  • CVE-2021-47049Feb 28, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Use after free in __vmbus_open() The "open_info" variable is added to the &vmbus_connection.chn_msg_list, but the error handling frees "open_info" without removing it from the list. This wi

  • CVE-2021-47045Feb 28, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb() It is possible to call lpfc_issue_els_plogi() passing a did for which no matching ndlp is found. A call is then made to lpfc_prep_els_iocb() with

  • CVE-2021-47034Feb 28, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radix__set_pte_at(

  • CVE-2021-47024Feb 28, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: free queued packets when closing socket As reported by syzbot [1], there is a memory leak while closing the socket. We partially solved this issue with commit ac03046ece2b ("vsock/virtio: free pac

  • CVE-2021-47015Feb 28, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are

Page 131 of 166