VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (3,305)

  • CVE-2024-47660MedOct 9, 2024
    affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1

    In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily In some setups directories can have many (usually negative) dentries. Hence __fsnotify_update_child_dentry_flags() function can take a significant amount of time. Sin

  • CVE-2024-47666Oct 9, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and re

  • CVE-2024-46865HigSep 27, 2024
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: fou: fix initialization of grc The grc must be initialize first. There can be a condition where if fou is NULL, goto out will be executed and grc would be used uninitialized.

  • CVE-2024-46859HigSep 27, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses The panasonic laptop code in various places uses the SINF array with index values of 0 - SINF_CUR_BRIGHT(0x0d) without checking that the SIN

  • CVE-2024-46854HigSep 27, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: net: dpaa: Pad packets to ETH_ZLEN When sending packets under 60 bytes, up to three bytes of the buffer following the data may be leaked. Avoid this by extending all packets to ETH_ZLEN, ensuring nothing is lea

  • CVE-2024-46853HigSep 27, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the data that is not 4 byte aligned to TX FIFO. To reproduce the issue, write 3 bytes

  • CVE-2024-46813HigSep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_index before accessing dc->links[] [WHY & HOW] dc->links[] has max size of MAX_LINKS and NULL is return when trying to access with out-of-bound index. This fixes 3 OVERRUN and 1 RES

  • CVE-2024-46848Sep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Limit the period on Haswell Running the ltp test cve-2015-3290 concurrently reports the following warnings. perfevents: irq loop stuck! WARNING: CPU: 31 PID: 32438 at arch/x86/events/intel/co

  • CVE-2024-46841Sep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() We handle errors here properly, ENOMEM isn't fatal, return the error.

  • CVE-2024-46840Sep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: clean up our handling of refs == 0 in snapshot delete In reada we BUG_ON(refs == 0), which could be unkind since we aren't holding a lock on the extent leaf and thus could get a transient incorrect answe

  • CVE-2024-46834Sep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: ethtool: fail closed if we can't get max channel used in indirection tables Commit 0d1b7d6c9274 ("bnxt: fix crashes when reducing ring count with active RSS contexts") proves that allowing indirection table to

  • CVE-2024-46826Sep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequ

  • CVE-2024-46822Sep 27, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted th

  • CVE-2024-46818Sep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported

  • CVE-2024-46816Sep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count could up to AMDGPU_DM_MAX_D

  • CVE-2024-46809Sep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check BIOS images before it is used BIOS images may fail to load and null checks are added before they are used. This fixes 6 NULL_RETURNS issues reported by Coverity.

  • CVE-2024-46802Sep 27, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dc_validate_stream [Why] prevent invalid memory access [How] check if dc and stream are NULL

  • CVE-2022-48945Sep 23, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not

  • CVE-2024-46783MedSep 18, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in psock->cork, the last message triggers the flushing will result in sending a sk_msg larger than the current message size. In this case, in

  • CVE-2024-46770MedSep 18, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL point

Page 87 of 166