rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (1,794)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-21806	Med	5.5	< 4.12.14-122.258.1	4.12.14-122.258.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget
CVE-2025-21821		—	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm
CVE-2025-21802		—	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it rem
CVE-2025-21796	Hig	7.8	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the
CVE-2025-21787	Med	5.5	< 4.12.14-122.261.1	4.12.14-122.261.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: team: better TEAM_OPTION_TYPE_STRING validation syzbot reported following splat [1] Make sure user-provided data contains one nul byte. [1] BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inli
CVE-2025-21776	Med	5.5	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer: Oops: gen
CVE-2025-21772	Hig	7.8	< 4.12.14-122.258.1	4.12.14-122.258.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
CVE-2025-21766	Med	5.5	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.
CVE-2025-21765	Med	5.5	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.
CVE-2025-21764	Hig	7.8	< 4.12.14-122.258.1	4.12.14-122.258.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
CVE-2025-21763	Hig	7.8	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21762	Hig	7.8	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21760	Hig	7.8	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.
CVE-2025-21758	Med	5.5	< 4.12.14-122.258.1	4.12.14-122.258.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocation
CVE-2025-21753	Hig	7.8	< 4.12.14-122.250.1	4.12.14-122.250.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a
CVE-2025-21744	Med	5.5	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() On removal of the device or unloading of the kernel module a potential NULL pointer dereference occurs. The following sequence deletes the int
CVE-2025-21735	Hig	7.8	< 4.12.14-122.258.1	4.12.14-122.258.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in nci_hci_create_pipe() The "pipe" variable is a u8 which comes from the network. If it's more than 127, then it results in memory corruption in the caller, nci_hci_connect_gate(
CVE-2024-58020	Med	5.5	< 4.12.14-122.293.1	4.12.14-122.293.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configure
CVE-2024-58017	Med	5.5	< 4.12.14-122.258.1	4.12.14-122.258.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before perfor
CVE-2024-58014	Hig	7.1	< 4.12.14-122.255.1	4.12.14-122.255.1	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN() instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.

CVE-2025-21806MedFeb 27, 2025
affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1
In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget
CVE-2025-21821Feb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm
CVE-2025-21802Feb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it rem
CVE-2025-21796HigFeb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the
CVE-2025-21787MedFeb 27, 2025
affected < 4.12.14-122.261.1fixed 4.12.14-122.261.1
In the Linux kernel, the following vulnerability has been resolved: team: better TEAM_OPTION_TYPE_STRING validation syzbot reported following splat [1] Make sure user-provided data contains one nul byte. [1] BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inli
CVE-2025-21776MedFeb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer: Oops: gen
CVE-2025-21772HigFeb 27, 2025
affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1
In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede
CVE-2025-21766MedFeb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.
CVE-2025-21765MedFeb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.
CVE-2025-21764HigFeb 27, 2025
affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
CVE-2025-21763HigFeb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21762HigFeb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.
CVE-2025-21760HigFeb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.
CVE-2025-21758MedFeb 27, 2025
affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocation
CVE-2025-21753HigFeb 27, 2025
affected < 4.12.14-122.250.1fixed 4.12.14-122.250.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a
CVE-2025-21744MedFeb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() On removal of the device or unloading of the kernel module a potential NULL pointer dereference occurs. The following sequence deletes the int
CVE-2025-21735HigFeb 27, 2025
affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in nci_hci_create_pipe() The "pipe" variable is a u8 which comes from the network. If it's more than 127, then it results in memory corruption in the caller, nci_hci_connect_gate(
CVE-2024-58020MedFeb 27, 2025
affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configure
CVE-2024-58017MedFeb 27, 2025
affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1
In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before perfor
CVE-2024-58014HigFeb 27, 2025
affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN() instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.

Page 54 of 90