rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (1,794)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-54051 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: do not allow gso_size to be set to GSO_BY_FRAGS One missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again [1] Do not allow gso_size to be set to GSO_BY_FRAGS (0xffff), because thi | ||
| CVE-2023-54048 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Driver should not be scheduling any more completion handlers for this QP, after the QP | ||
| CVE-2023-54047 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: dw_hdmi: cleanup drm encoder during unbind This fixes a use-after-free crash during rmmod. The DRM encoder is embedded inside the larger rockchip_hdmi, which is allocated with the component. The | ||
| CVE-2023-54045 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: audit: fix possible soft lockup in __audit_inode_child() Tracefs or debugfs maybe cause hundreds to thousands of PATH records, too many PATH records maybe cause soft lockup. For example: 1. CONFIG_KASAN=y && | ||
| CVE-2022-50782 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:202! invalid | ||
| CVE-2022-50780 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed When the ops_init() interface is invoked to initialize the net, but ops->init() fails, data is released. However, the ptr pointer in net->gen is | ||
| CVE-2022-50779 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() When insert and remove the orangefs module, then debug_help_string will be leaked: unreferenced object 0xffff8881652ba000 (size 4096): com | ||
| CVE-2022-50777 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore. | ||
| CVE-2022-50770 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_mount_volume() There is a memory leak reported by kmemleak: unreferenced object 0xffff88810cc65e60 (size 32): comm "mount.ocfs2", pid 23753, jiffies 4302528942 (age 34735. | ||
| CVE-2022-50761 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandler() fails, it should be freed, otherwise may lead to a memory l | ||
| CVE-2022-50760 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @fro | ||
| CVE-2022-50755 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse() in udf_rename() syzbot reported a warning like below [1]: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 __brelse+0x67/0xa0 ... Call Trace: <T | ||
| CVE-2022-50751 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: configfs: fix possible memory leak in configfs_create_dir() kmemleak reported memory leaks in configfs_create_dir(): unreferenced object 0xffff888009f6af00 (size 192): comm "modprobe", pid 3777, jiffies 4295 | ||
| CVE-2022-50749 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is descripted with following codes: > 317 static comp_t encode_comp_t(u64 value) > 318 { > 319 int exp, rnd; ...... | ||
| CVE-2022-50747 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfs_asc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds | ||
| CVE-2022-50744 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rx_monitor, a hard lockup similar to the call trace below may occur. The spin_ | ||
| CVE-2022-50740 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() Syzkaller reports a long-known leak of urbs in ath9k_hif_usb_dealloc_tx_urbs(). The cause of the leak is that usb_get_urb() is c | ||
| CVE-2022-50733 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitiali | ||
| CVE-2022-50730 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be raced by the unwritten extents converting kworker after writeback some new alloc | ||
| CVE-2022-50728 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Dec 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur |
- CVE-2023-54051Dec 24, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: net: do not allow gso_size to be set to GSO_BY_FRAGS One missing check in virtio_net_hdr_to_skb() allowed syzbot to crash kernels again [1] Do not allow gso_size to be set to GSO_BY_FRAGS (0xffff), because thi
- CVE-2023-54048Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Driver should not be scheduling any more completion handlers for this QP, after the QP
- CVE-2023-54047Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: dw_hdmi: cleanup drm encoder during unbind This fixes a use-after-free crash during rmmod. The DRM encoder is embedded inside the larger rockchip_hdmi, which is allocated with the component. The
- CVE-2023-54045Dec 24, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: audit: fix possible soft lockup in __audit_inode_child() Tracefs or debugfs maybe cause hundreds to thousands of PATH records, too many PATH records maybe cause soft lockup. For example: 1. CONFIG_KASAN=y &&
- CVE-2022-50782Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug_on in __es_tree_search caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extents_status.c:202! invalid
- CVE-2022-50780Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed When the ops_init() interface is invoked to initialize the net, but ops->init() fails, data is released. However, the ptr pointer in net->gen is
- CVE-2022-50779Dec 24, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() When insert and remove the orangefs module, then debug_help_string will be leaked: unreferenced object 0xffff8881652ba000 (size 4096): com
- CVE-2022-50777Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe of_phy_find_device() return device node with refcount incremented. Call put_device() to relese it when not needed anymore.
- CVE-2022-50770Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2_mount_volume() There is a memory leak reported by kmemleak: unreferenced object 0xffff88810cc65e60 (size 32): comm "mount.ocfs2", pid 23753, jiffies 4302528942 (age 34735.
- CVE-2022-50761Dec 24, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xen_init_lock_cpu() In xen_init_lock_cpu(), the @name has allocated new string by kasprintf(), if bind_ipi_to_irqhandler() fails, it should be freed, otherwise may lead to a memory l
- CVE-2022-50760Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @fro
- CVE-2022-50755Dec 24, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse() in udf_rename() syzbot reported a warning like below [1]: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 __brelse+0x67/0xa0 ... Call Trace: <T
- CVE-2022-50751Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: configfs: fix possible memory leak in configfs_create_dir() kmemleak reported memory leaks in configfs_create_dir(): unreferenced object 0xffff888009f6af00 (size 192): comm "modprobe", pid 3777, jiffies 4295
- CVE-2022-50749Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is descripted with following codes: > 317 static comp_t encode_comp_t(u64 value) > 318 { > 319 int exp, rnd; ......
- CVE-2022-50747Dec 24, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: hfs: Fix OOB Write in hfs_asc2mac Syzbot reported a OOB Write bug: loop0: detected capacity change from 0 to 64 ================================================================== BUG: KASAN: slab-out-of-bounds
- CVE-2022-50744Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rx_monitor, a hard lockup similar to the call trace below may occur. The spin_
- CVE-2022-50740Dec 24, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() Syzkaller reports a long-known leak of urbs in ath9k_hif_usb_dealloc_tx_urbs(). The cause of the leak is that usb_get_urb() is c
- CVE-2022-50733Dec 24, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitiali
- CVE-2022-50730Dec 24, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioread_nolock When evicting an inode with default dioread_nolock, it could be raced by the unwritten extents converting kworker after writeback some new alloc
- CVE-2022-50728Dec 24, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur
Page 8 of 90