VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (3,305)

  • CVE-2021-46941Feb 27, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Do core softreset when switch mode According to the programming guide, to switch mode for DRD controller, the driver needs to do the following. To switch from device to host: 1. Reset control

  • CVE-2021-46939Feb 27, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following back

  • CVE-2021-46938Feb 27, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails When loading a device-mapper table for a request-based mapped device, and the allocation/initialization of the blk_mq_tag_set for th

  • CVE-2020-36777Feb 27, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: Fix memory leak in dvb_media_device_free() dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn` before setting it to NULL, as documented in include/media/media-device.h: "The m

  • CVE-2021-46936Feb 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in tw_timer_handler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7

  • CVE-2021-46933Feb 27, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. ffs_data_clear is indirectly called from both ffs_fs_kill_sb and ffs_ep0_release, so it ends up being called twice when userland closes ep0 and then unmou

  • CVE-2021-46932Feb 27, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may hap

  • CVE-2021-46929Feb 27, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free issue in sctp_sock_dump(): BUG: KASAN: use-after-free in __lock_acquire+0x36d9

  • CVE-2021-46925Feb 27, 2024
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A crash occurs when smc_cdc_tx_handler() tries to access smc_sock but smc_release() has already freed it. [ 4570.695099] BUG: unable to handle page fault fo

  • CVE-2021-46924Feb 27, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in the error handling path and remove path, this cause memory leak as follows: unre

  • CVE-2021-46921Feb 27, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can acquire the lock without holding wait_lock. The writer side loops checking the va

  • CVE-2021-46915Feb 27, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: avoid possible divide error in nft_limit_init div_u64() divides u64 by u32. nft_limit_init() wants to divide u64 by u64, use the appropriate math function (div64_u64) divide error: 0000

  • CVE-2021-46909Feb 27, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probe

  • CVE-2023-52474Feb 26, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs whe

  • CVE-2021-46906Feb 26, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hid_submit_ctrl In hid_submit_ctrl(), the way of calculating the report length doesn't take into account that report->size can be zero. When running the syzkaller reproducer, a rep

  • CVE-2019-25162Feb 26, 2024
    affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde

  • CVE-2019-25160Feb 26, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both errors are embarassingly simple, and the

  • CVE-2022-48626Feb 25, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and

  • CVE-2021-46905Feb 25, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unco

  • CVE-2021-46904Feb 25, 2024
    affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1

    In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the n

Page 133 of 166