VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Vulnerabilities (1,794)

  • CVE-2024-56574Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: media: ts2020: fix null-ptr-deref in ts2020_probe() KASAN reported a null-ptr-deref issue when executing the following command: # echo ts2020 0x20 > /sys/bus/i2c/devices/i2c-0/new_device KASAN: null-ptr-

  • CVE-2024-56570Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function. This is important because such

  • CVE-2024-56569Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix regression with module command in stack_trace_filter When executing the following command: # echo "write*:mod:ext3" > /sys/kernel/tracing/stack_trace_filter The current mod command causes a nu

  • CVE-2024-56551Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000027] Read of size 8 at addr ffff8881b8605f88 by task amd_pci_unplug

  • CVE-2024-56548Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOP_SET_BLOCK_SIZE. While this may cause other issues like

  • CVE-2024-56539Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following wa

  • CVE-2024-56533Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but thi

  • CVE-2024-56532Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but th

  • CVE-2024-56531Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but thi

  • CVE-2024-53239Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as

  • CVE-2024-53227Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfad_im_module_exit() BUG: KASAN: slab-use-after-free in __lock_acquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dump_s

  • CVE-2024-53224Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles

  • CVE-2024-53217Dec 27, 2024
    affected < 4.12.14-122.250.1fixed 4.12.14-122.250.1

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is initialized to NULL. If __nfsd4_find_backchannel() finds no available backchannel session, setup_callback_client() will try to dereference @se

  • CVE-2024-53214Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e., capability with ID great

  • CVE-2024-53210Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() Passing MSG_PEEK flag to skb_recv_datagram() increments skb refcount (skb->users) and iucv_sock_recvmsg() does not decrement skb refcount at exit.

  • CVE-2024-53198Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() This patch fixes an issue in the function xenbus_dev_probe(). In the xenbus_dev_probe() function, within the if (err) branch at l

  • CVE-2024-53197KEVDec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating

  • CVE-2024-53194Dec 27, 2024
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c ("thunderbolt: Reset USB4 v2 host router") and commit 59a54c5

  • CVE-2024-53185Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2_GLOBAL_CAP_ENCRYPTION flag is set in the negotiate response, the client uses

  • CVE-2024-53179Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses->auth_key.response with SMB2.1 + sign mounts which occurs due to following race: task A tas

Page 72 of 90