rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (1,794)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53150 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be dereferenced. Add a fix to validate rport before deref | ||
| CVE-2023-53149 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4_writepages() calls to avoid races with switching of journalled data flag or inode format. This lock can how | ||
| CVE-2023-53148 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between t | ||
| CVE-2023-53147 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn and x->preplay_esn should be allocated at xfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the xfrm_update_ae_params(... | ||
| CVE-2022-50258 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() This patch fixes a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument o | ||
| CVE-2022-50257 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the map_ops array would be invalid, whereas all of the entries in the kmap_ops arra | ||
| CVE-2022-50253 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb->len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb->len == 0 when we enter __dev_queue_xmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbu | ||
| CVE-2022-50252 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v | ||
| CVE-2022-50249 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease the refcount. | ||
| CVE-2022-50244 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() If device_register() fails in cxl_pci_afu|adapter(), the device is not added, device_unregister() can not be called in the error path, otherwise it | ||
| CVE-2022-50242 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() If vp alloc failed in qlcnic_sriov_init(), all previously allocated vp needs to be freed. | ||
| CVE-2022-50236 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix crash on isr after kexec() If the system is rebooted via isr(), the IRQ handler might be triggered before the domain is initialized. Resulting on an invalid memory access error. Fix: [ 0 | ||
| CVE-2022-50235 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument to prevent a buffer overflow attack. | ||
| CVE-2025-39800 | Med | 5.5 | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() If we find an unexpected generation for the extent buffer we are cloning at btrfs_copy_root(), we just WARN_ON() and don't error out and | |
| CVE-2025-40300 | Med | 5.5 | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already | |
| CVE-2025-39787 | Med | 5.5 | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate | |
| CVE-2025-39782 | Med | 5.5 | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2_log_do_checkpoint() Both jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list() periodically release j_list_lock after processing a batch of buffers to avoid long ho | |
| CVE-2025-39773 | Med | 5.5 | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in br_multicast_query_expired() When set multicast_query_interval to a large value, the local variable 'time' in br_multicast_send_query() may overflow. If the time is smaller than | |
| CVE-2025-39772 | Med | 5.5 | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmc_unload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. J | |
| CVE-2025-39764 | Med | 5.5 | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hin |
- CVE-2023-53150Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be dereferenced. Add a fix to validate rport before deref
- CVE-2023-53149Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4_writepages() calls to avoid races with switching of journalled data flag or inode format. This lock can how
- CVE-2023-53148Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between t
- CVE-2023-53147Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn and x->preplay_esn should be allocated at xfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the xfrm_update_ae_params(...
- CVE-2022-50258Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() This patch fixes a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument o
- CVE-2022-50257Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the map_ops array would be invalid, whereas all of the entries in the kmap_ops arra
- CVE-2022-50253Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb->len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb->len == 0 when we enter __dev_queue_xmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbu
- CVE-2022-50252Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v
- CVE-2022-50249Sep 15, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease the refcount.
- CVE-2022-50244Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() If device_register() fails in cxl_pci_afu|adapter(), the device is not added, device_unregister() can not be called in the error path, otherwise it
- CVE-2022-50242Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() If vp alloc failed in qlcnic_sriov_init(), all previously allocated vp needs to be freed.
- CVE-2022-50236Sep 15, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix crash on isr after kexec() If the system is rebooted via isr(), the IRQ handler might be triggered before the domain is initialized. Resulting on an invalid memory access error. Fix: [ 0
- CVE-2022-50235Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument to prevent a buffer overflow attack.
- affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() If we find an unexpected generation for the extent buffer we are cloning at btrfs_copy_root(), we just WARN_ON() and don't error out and
- affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already
- affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate
- affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2_log_do_checkpoint() Both jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list() periodically release j_list_lock after processing a batch of buffers to avoid long ho
- affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in br_multicast_query_expired() When set multicast_query_interval to a large value, the local variable 'time' in br_multicast_send_query() may overflow. If the time is smaller than
- affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmc_unload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. J
- affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hin
Page 30 of 90