VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Vulnerabilities (3,305)

  • CVE-2024-46737Sep 18, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmet_tcp_alloc_cmds() the kernel crashes in nvmet_tcp_release_queue_work() because of a NULL pointer dereference.

  • CVE-2024-46731Sep 18, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mc_data[] when i = 0.

  • CVE-2024-46724Sep 18, 2024
    affected < 4.12.14-122.234.1fixed 4.12.14-122.234.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number Check the fb_channel_number range to avoid the array out-of-bounds read error

  • CVE-2024-46723Sep 18, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ucode out-of-bounds read warning Clear warning that read ucode[] may out-of-bounds.

  • CVE-2024-46722Sep 18, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mc_data out-of-bounds read warning Clear warning that read mc_data[i-1] may out-of-bounds.

  • CVE-2024-46721Sep 18, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: fix possible NULL pointer dereference profile->parent->dents[AAFS_PROF_DIR] could be NULL only if its parent is made from __create_missing_ancestors(..) and 'ent->old' is NULL in aa_replace_profiles(.

  • CVE-2024-46713Sep 13, 2024
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order comment th

  • CVE-2024-46707Sep 13, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 On a system with a GICv3, if a guest hasn't been configured with GICv3 and that the host is not capable of GICv2 emulation, a write to any of the

  • CVE-2024-46702Sep 13, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Mark XDomain as unplugged when router is removed I noticed that when we do discrete host router NVM upgrade and it gets hot-removed from the PCIe side as a result of NVM firmware authentication, if

  • CVE-2024-46679MedSep 13, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs reader can race with a device reset or removal, attempting to read device state when the device is not actually present. eg: [exception

  • CVE-2024-46686Sep 13, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() This happens when called from SMB2_read() while using rdma and reaching the rdma_readwrite_threshold.

  • CVE-2024-46685Sep 13, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of poi

  • CVE-2024-46677Sep 13, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfd_lookup() fails, gtp_encap_enable_socket() returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it

  • CVE-2024-46676Sep 13, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of im_protocols value is 1 and tm_protocols value is 0 this combination successfully passes the check 'if (!im_protocols && !tm_protocols)' in the nfc_start_p

  • CVE-2024-46675Sep 13, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access This commit addresses an issue where the USB core could access an invalid event buffer address during runtime suspend, potentially causing S

  • CVE-2024-46673Sep 13, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aac_probe_one() calls hardware-specific init functions through the aac_driver_ident::init pointer, all of which eventually call down to aac_init_adapter(). If aa

  • CVE-2024-45016MedSep 11, 2024
    affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1

    In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails There is a bug in netem_enqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUG_ON in __skb_to_sgvec") that can lead to a use-after-free.

  • CVE-2024-45021Sep 11, 2024
    affected < 4.12.14-122.261.1fixed 4.12.14-122.261.1

    In the Linux kernel, the following vulnerability has been resolved: memcg_write_event_control(): fix a user-triggerable oops we are *not* guaranteed that anything past the terminating NUL is mapped (let alone initialized with anything sane).

  • CVE-2023-52915Sep 6, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer In af9035_i2c_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be

  • CVE-2024-44987HigSep 4, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb() syzbot reported an UAF in ip6_send_skb() [1] After ip6_local_out() has returned, we no longer can safely dereference rt, unless we hold rcu_read_lock(). A similar issue has

Page 89 of 166