VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Vulnerabilities (263)

  • CVE-2022-50067Jun 18, 2025
    affected < 3.0.101-108.186.1fixed 3.0.101-108.186.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() In btrfs_relocate_block_group(), the rc is allocated. Then btrfs_relocate_block_group() calls relocate_block_group() prepare_t

  • CVE-2022-49937Jun 18, 2025
    affected < 3.0.101-108.186.1fixed 3.0.101-108.186.1

    In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usb_control_msg_*() routines Automatic kernel fuzzing led to a WARN about invalid pipe direction in the mceusb driver: ------------[ cut here ]------------ usb 6-1: BOGUS control dir, pi

  • CVE-2025-38079HigJun 18, 2025
    affected < 3.0.101-108.189.1fixed 3.0.101-108.189.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea

  • CVE-2023-53117May 2, 2025
    affected < 3.0.101-108.189.1fixed 3.0.101-108.189.1

    In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369

  • CVE-2025-22004Apr 3, 2025
    affected < 3.0.101-108.183.1fixed 3.0.101-108.183.1

    In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.

  • CVE-2025-21971Apr 1, 2025
    affected < 3.0.101-108.189.1fixed 3.0.101-108.189.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe

  • CVE-2023-53032Mar 27, 2025
    affected < 3.0.101-108.186.1fixed 3.0.101-108.186.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. When first_ip is 0, last_ip is 0xFFFFFFFF, and netmask is 31, the value of an arithmetic expression 2 << (netmask - mask_bits - 1)

  • CVE-2023-53000Mar 27, 2025
    affected < 3.0.101-108.183.1fixed 3.0.101-108.183.1

    In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from __nla_validate_parse() or validate_nla() u16 type = nla_type(nla); if (type == 0 || type > maxtype)

  • CVE-2023-52974Mar 27, 2025
    affected < 3.0.101-108.183.1fixed 3.0.101-108.183.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress If during iscsi_sw_tcp_session_create() iscsi_tcp_r2tpool_alloc() fails, userspace could be accessing the host's ipaddress attr. If we th

  • CVE-2023-52973Mar 27, 2025
    affected < 3.0.101-108.183.1fixed 3.0.101-108.183.1

    In the Linux kernel, the following vulnerability has been resolved: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF After a call to console_unlock() in vcs_read() the vc_data struct can be freed by vc_deallocate(). Because of that, the struct vc_data p

  • CVE-2022-49733Mar 2, 2025
    affected < 3.0.101-108.180.1fixed 3.0.101-108.180.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC There is a small race window at snd_pcm_oss_sync() that is called from OSS PCM SNDCTL_DSP_SYNC ioctl; namely the function calls snd_pcm_oss_make_ready() at first, the

  • CVE-2025-21772HigFeb 27, 2025
    affected < 3.0.101-108.180.1fixed 3.0.101-108.180.1

    In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede

  • CVE-2024-57996MedFeb 27, 2025
    affected < 3.0.101-108.180.1fixed 3.0.101-108.180.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe

  • CVE-2025-21738Feb 27, 2025
    affected < 3.0.101-108.204.1fixed 3.0.101-108.204.1

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com

  • CVE-2025-21718Feb 27, 2025
    affected < 3.0.101-108.180.1fixed 3.0.101-108.180.1

    In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN

  • CVE-2022-49545Feb 26, 2025
    affected < 3.0.101-108.180.1fixed 3.0.101-108.180.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pending work, which would eventually access the rawmidi runtime object that is bei

  • CVE-2022-49291Feb 26, 2025
    affected < 3.0.101-108.180.1fixed 3.0.101-108.180.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent hw_params and hw_free calls Currently we have neither proper check nor protection against the concurrent calls of PCM hw_params and hw_free ioctls, which may result in a UA

  • CVE-2022-49288Feb 26, 2025
    affected < 3.0.101-108.180.1fixed 3.0.101-108.180.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. Th

  • CVE-2022-49272Feb 26, 2025
    affected < 3.0.101-108.180.1fixed 3.0.101-108.180.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock syzbot caught a potential deadlock between the PCM runtime->buffer_mutex and the mm->mmap_lock. It was brought by the recent fix to cover the

  • CVE-2021-47633Feb 26, 2025
    affected < 3.0.101-108.180.1fixed 3.0.101-108.180.1

    In the Linux kernel, the following vulnerability has been resolved: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 The bug was found during fuzzing. Stacktrace locates it in ath5k_eeprom_convert_pcal_info_5111. When none of the curve is selected in the loop, idx can go up t

Page 3 of 14