rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
Vulnerabilities (1,794)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53715 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in bin | ||
| CVE-2023-53707 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause unini | ||
| CVE-2023-53705 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Veri | ||
| CVE-2023-53696 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 (size 12288): comm "modprobe", pid 19117, jiffies 4299751452 (age | ||
| CVE-2023-53695 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the f | ||
| CVE-2022-50581 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in __hfs_brec_find Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_strcmp+0x117/0x190 fs/hfs/string.c: | ||
| CVE-2022-50580 | — | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that 'bps_limit * jiffy_elapsed_rnd' might overflow. Fix the problem by calling mul_u | ||
| CVE-2022-50578 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in __class_register() If class_add_groups() returns error, the 'cp->subsys' need be unregister, and the 'cp' need be freed. We can not call kset_unregister() here, because the ' | ||
| CVE-2022-50571 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: call __btrfs_remove_free_space_cache_locked on cache load failure Now that lockdep is staying enabled through our entire CI runs I started seeing the following stack in generic/475 ------------[ cut her | ||
| CVE-2022-50569 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcomp_scratches with NULL when freed Currently if ipcomp_alloc_scratches() fails to allocate memory ipcomp_scratches holds obsolete address. So when we try to free the percpu scratches using ipcom | ||
| CVE-2022-50564 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: s390/netiucv: Fix return type of netiucv_tx() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur | ||
| CVE-2022-50563 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in run_timer_softirq() When dm_resume() and dm_destroy() are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in __run_timers+0x173/0x710 Write of size 8 at addr ffff8 | ||
| CVE-2025-40006 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Oct 20, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. remove_inode_single_folio will unmap the folio if the folio is still mapped. However, it's called without folio | ||
| CVE-2025-40001 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue During the detaching of Marvell's SAS/SATA controller, the original code calls cancel_delayed_work() in mvs_free() to cancel the delayed work item mwq->wor | ||
| CVE-2025-39998 | — | < 4.12.14-122.296.1 | 4.12.14-122.296.1 | Oct 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: target: target_core_configfs: Add length check to avoid buffer overflow A buffer overflow arises from the usage of snprintf to write into the buffer "buf" in target_lu_gp_members_show function located in | ||
| CVE-2025-39997 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free The previous commit 0718a78f6a9f ("ALSA: usb-audio: Kill timer properly at removal") patched a UAF issue caused by the error timer. However, becau | ||
| CVE-2025-39973 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introdu | ||
| CVE-2025-39972 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40e_validate_queue_map Ensure idx is within range of active/initialized TCs when iterating over vf->ch[idx] in i40e_validate_queue_map(). | ||
| CVE-2025-39971 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg Ensure idx is within range of active/initialized TCs when iterating over vf->ch[idx] in i40e_vc_config_queues_msg(). | ||
| CVE-2025-39970 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for action_meta Fix condition to check 'greater or equal' to prevent OOB dereference. |
- CVE-2023-53715Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware (e.g. BCM4387). It seems there was a simple way of passing it in bin
- CVE-2023-53707Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause unini
- CVE-2023-53705Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Veri
- CVE-2023-53696Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 (size 12288): comm "modprobe", pid 19117, jiffies 4299751452 (age
- CVE-2023-53695Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the f
- CVE-2022-50581Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: hfs: fix OOB Read in __hfs_brec_find Syzbot reported a OOB read bug: ================================================================== BUG: KASAN: slab-out-of-bounds in hfs_strcmp+0x117/0x190 fs/hfs/string.c:
- CVE-2022-50580Oct 22, 2025affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that 'bps_limit * jiffy_elapsed_rnd' might overflow. Fix the problem by calling mul_u
- CVE-2022-50578Oct 22, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in __class_register() If class_add_groups() returns error, the 'cp->subsys' need be unregister, and the 'cp' need be freed. We can not call kset_unregister() here, because the '
- CVE-2022-50571Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: call __btrfs_remove_free_space_cache_locked on cache load failure Now that lockdep is staying enabled through our entire CI runs I started seeing the following stack in generic/475 ------------[ cut her
- CVE-2022-50569Oct 22, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcomp_scratches with NULL when freed Currently if ipcomp_alloc_scratches() fails to allocate memory ipcomp_scratches holds obsolete address. So when we try to free the percpu scratches using ipcom
- CVE-2022-50564Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: s390/netiucv: Fix return type of netiucv_tx() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sur
- CVE-2022-50563Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in run_timer_softirq() When dm_resume() and dm_destroy() are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in __run_timers+0x173/0x710 Write of size 8 at addr ffff8
- CVE-2025-40006Oct 20, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. remove_inode_single_folio will unmap the folio if the folio is still mapped. However, it's called without folio
- CVE-2025-40001Oct 18, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue During the detaching of Marvell's SAS/SATA controller, the original code calls cancel_delayed_work() in mvs_free() to cancel the delayed work item mwq->wor
- CVE-2025-39998Oct 15, 2025affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: target_core_configfs: Add length check to avoid buffer overflow A buffer overflow arises from the usage of snprintf to write into the buffer "buf" in target_lu_gp_members_show function located in
- CVE-2025-39997Oct 15, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free The previous commit 0718a78f6a9f ("ALSA: usb-audio: Kill timer properly at removal") patched a UAF issue caused by the error timer. However, becau
- CVE-2025-39973Oct 15, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ring_len param The `ring_len` parameter provided by the virtual function (VF) is assigned directly to the hardware memory context (HMC) without any validation. To address this, introdu
- CVE-2025-39972Oct 15, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40e_validate_queue_map Ensure idx is within range of active/initialized TCs when iterating over vf->ch[idx] in i40e_validate_queue_map().
- CVE-2025-39971Oct 15, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg Ensure idx is within range of active/initialized TCs when iterating over vf->ch[idx] in i40e_vc_config_queues_msg().
- CVE-2025-39970Oct 15, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for action_meta Fix condition to check 'greater or equal' to prevent OOB dereference.
Page 17 of 90