rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (1,794)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-50408 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() > ret = brcmf_proto_tx_queue_data(drvr, ifp->ifidx, skb); may be schedule, and then complete before the line > ndev->stats.tx_bytes += skb-> | ||
| CVE-2022-50406 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buf | ||
| CVE-2022-50405 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/tunnel: wait until all sk_user_data reader finish before releasing the sock There is a race condition in vxlan that when deleting a vxlan device during receiving packets, there is a possibility that the soc | ||
| CVE-2022-50402 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() Check the return value of md_bitmap_get_counter() in case it returns NULL pointer, which will result in a null pointer dereference. v2: u | ||
| CVE-2022-50401 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure On error situation `clp->cl_cb_conn.cb_xprt` should not be given a reference to the xprt otherwise both client cleanup and the error handling p | ||
| CVE-2023-53400 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names get_line_out_pfx() may trigger an Oops by overflowing the static array with more than 8 channels. This was reported for MacBookPro 12,1 with Cirrus codec. As | ||
| CVE-2023-53397 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in is_executable_section() The > comparison should be >= to prevent an out of bounds array access. | ||
| CVE-2023-53395 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruct | ||
| CVE-2023-53393 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device Currently, when mlx5_ib_get_hw_stats() is used for device (port_num = 0), there is a special handling in order to use the correct counters, but, port_num | ||
| CVE-2023-53384 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiex_handle_uap_rx_forward()', always check the value returned by 'skb_copy()' to avoid potential NULL pointer dereference in 'mwifiex_uap_queue | ||
| CVE-2023-53380 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request There are two check of 'mreplace' in raid10_sync_request(). In the first check, 'need_replace' will be set and 'mreplace' will be used later if n | ||
| CVE-2023-53373 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller | ||
| CVE-2023-53369 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCB_ATTR_BCN The dcbnl_bcn_setcfg uses erroneous policy to parse tb[DCB_ATTR_BCN], which is introduced in commit 859ee3c43812 ("DCB: Add support for DCB BCN"). Please se | ||
| CVE-2022-50396 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_set_parms Syzkaller reports a memory leak as follows: ==================================== BUG: memory leak unreferenced object 0xffff88810c287f00 (size 256): comm "syz- | ||
| CVE-2022-50395 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: integrity: Fix memory leakage in keyring allocation error path Key restriction is allocated in integrity_init_keyring(). However, if keyring allocation failed, it is not freed, causing memory leaks. | ||
| CVE-2022-50394 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: Fix an out-of-bounds bug in ismt_access() When the driver does not check the data from the user, the variable 'data->block[0]' may be very large to cause an out-of-bounds bug. The following log can | ||
| CVE-2022-50389 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak In crb_acpi_add(), we get the TPM2 table to retrieve information like start method, and then assign them to the priv data, so the TPM2 table is n | ||
| CVE-2022-50386 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct | ||
| CVE-2022-50385 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfs_d_automount() When mounting from a NFSv4 referral, path->dentry can end up being a negative dentry, so derive the struct nfs_server from the dentry itself instead. | ||
| CVE-2022-50381 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempool_free There's a crash in mempool_free when running the lvm test shell/lvchange-rebuild-raid.sh. The reason for the crash is this: * super_written calls atomic_dec_and_test(&mddev->pen |
- CVE-2022-50408Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() > ret = brcmf_proto_tx_queue_data(drvr, ifp->ifidx, skb); may be schedule, and then complete before the line > ndev->stats.tx_bytes += skb->
- CVE-2022-50406Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buf
- CVE-2022-50405Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: net/tunnel: wait until all sk_user_data reader finish before releasing the sock There is a race condition in vxlan that when deleting a vxlan device during receiving packets, there is a possibility that the soc
- CVE-2022-50402Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() Check the return value of md_bitmap_get_counter() in case it returns NULL pointer, which will result in a null pointer dereference. v2: u
- CVE-2022-50401Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure On error situation `clp->cl_cb_conn.cb_xprt` should not be given a reference to the xprt otherwise both client cleanup and the error handling p
- CVE-2023-53400Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names get_line_out_pfx() may trigger an Oops by overflowing the static array with more than 8 channels. This was reported for MacBookPro 12,1 with Cirrus codec. As
- CVE-2023-53397Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in is_executable_section() The > comparison should be >= to prevent an out of bounds array access.
- CVE-2023-53395Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruct
- CVE-2023-53393Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device Currently, when mlx5_ib_get_hw_stats() is used for device (port_num = 0), there is a special handling in order to use the correct counters, but, port_num
- CVE-2023-53384Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiex_handle_uap_rx_forward()', always check the value returned by 'skb_copy()' to avoid potential NULL pointer dereference in 'mwifiex_uap_queue
- CVE-2023-53380Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request There are two check of 'mreplace' in raid10_sync_request(). In the first check, 'need_replace' will be set and 'mreplace' will be used later if n
- CVE-2023-53373Sep 18, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller
- CVE-2023-53369Sep 18, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCB_ATTR_BCN The dcbnl_bcn_setcfg uses erroneous policy to parse tb[DCB_ATTR_BCN], which is introduced in commit 859ee3c43812 ("DCB: Add support for DCB BCN"). Please se
- CVE-2022-50396Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_set_parms Syzkaller reports a memory leak as follows: ==================================== BUG: memory leak unreferenced object 0xffff88810c287f00 (size 256): comm "syz-
- CVE-2022-50395Sep 18, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: integrity: Fix memory leakage in keyring allocation error path Key restriction is allocated in integrity_init_keyring(). However, if keyring allocation failed, it is not freed, causing memory leaks.
- CVE-2022-50394Sep 18, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: Fix an out-of-bounds bug in ismt_access() When the driver does not check the data from the user, the variable 'data->block[0]' may be very large to cause an out-of-bounds bug. The following log can
- CVE-2022-50389Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak In crb_acpi_add(), we get the TPM2 table to retrieve information like start method, and then assign them to the priv data, so the TPM2 table is n
- CVE-2022-50386Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct
- CVE-2022-50385Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfs_d_automount() When mounting from a NFSv4 referral, path->dentry can end up being a negative dentry, so derive the struct nfs_server from the dentry itself instead.
- CVE-2022-50381Sep 18, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempool_free There's a crash in mempool_free when running the lvm test shell/lvchange-rebuild-raid.sh. The reason for the crash is this: * super_written calls atomic_dec_and_test(&mddev->pen
Page 24 of 90