rpm package
suse/kernel-rt&distro=SUSE Linux Enterprise Real Time 12 SP5
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5
Vulnerabilities (1,429)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-43890 | Med | 5.5 | < 4.12.14-10.203.1 | 4.12.14-10.203.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in get_free_elt() is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracing_map even though the maximum n | |
| CVE-2024-43914 | — | < 4.12.14-10.203.1 | 4.12.14-10.203.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUG_ON() can b | ||
| CVE-2024-43912 | — | < 4.12.14-10.203.1 | 4.12.14-10.203.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/... MHz channel width progression, and switching around in S1G or narrow channels is | ||
| CVE-2024-43907 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference | ||
| CVE-2024-43905 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr Check return value and conduct null pointer handling to avoid null pointer dereference. | ||
| CVE-2024-43904 | — | < 4.12.14-10.203.1 | 4.12.14-10.203.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. These var | ||
| CVE-2024-43902 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity. | ||
| CVE-2024-43900 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller reported use-after-free in load_firmware_cb() [1]. The reason is because the module allocated a struct tuner in tuner_probe(), and then the mo | ||
| CVE-2024-43892 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: memcontrol: fix cgroup creation failure after many small jobs") decoupled the memcg IDs from the CSS ID space to fix the cgroup creat | ||
| CVE-2024-43884 | — | < 4.12.14-10.203.1 | 4.12.14-10.203.1 | Aug 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL pointer dereference causing a crash. Fixed by adding error handling in the func | ||
| CVE-2024-43883 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver carries stale pointers to references that can still be used. Make sure that does not happen. This strictly speak | ||
| CVE-2022-48938 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overf | ||
| CVE-2022-48931 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: configfs: fix a race in configfs_{,un}register_subsystem() When configfs_register_subsystem() or configfs_unregister_subsystem() is executing link_group() or unlink_group(), it is possible that two processes ad | ||
| CVE-2022-48930 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/ib_srp: Fix a deadlock Remove the flush_workqueue(system_long_wq) call since flushing system_long_wq is deadlock-prone and since that call is redundant with a preceding cancel_work_sync() | ||
| CVE-2022-48943 | — | < 4.12.14-10.203.1 | 4.12.14-10.203.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault logic, when a page is ready, KVM relies on kvm_arch_can_dequeue_async_page_present() to determine whether to deliver a READY event to | ||
| CVE-2022-48925 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.src_addr outside state checks If the state is not idle then resolve_prepare_src() should immediately fail and no change to global state should happen. However, it unconditiona | ||
| CVE-2022-48920 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from __writeback_inodes_sb_nr(): | ||
| CVE-2022-48919 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call deactivate_locked_super() which eventually will call delayed_free() which will free | ||
| CVE-2022-48911 | — | < 4.12.14-10.203.1 | 4.12.14-10.203.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet | ||
| CVE-2022-48910 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | Aug 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ensure we call ipv6_mc_down() at most once There are two reasons for addrconf_notify() to be called with NETDEV_DOWN: either the network device is actually going down, or IPv6 was disabled on the int |
- affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix overflow in get_free_elt() "tracing_map->next_elt" in get_free_elt() is at risk of overflowing. Once it overflows, new elements can still be inserted into the tracing_map even though the maximum n
- CVE-2024-43914Aug 26, 2024affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUG_ON() can b
- CVE-2024-43912Aug 26, 2024affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/... MHz channel width progression, and switching around in S1G or narrow channels is
- CVE-2024-43907Aug 26, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference
- CVE-2024-43905Aug 26, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr Check return value and conduct null pointer handling to avoid null pointer dereference.
- CVE-2024-43904Aug 26, 2024affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. These var
- CVE-2024-43902Aug 26, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity.
- CVE-2024-43900Aug 26, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller reported use-after-free in load_firmware_cb() [1]. The reason is because the module allocated a struct tuner in tuner_probe(), and then the mo
- CVE-2024-43892Aug 26, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr Commit 73f576c04b94 ("mm: memcontrol: fix cgroup creation failure after many small jobs") decoupled the memcg IDs from the CSS ID space to fix the cgroup creat
- CVE-2024-43884Aug 26, 2024affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL pointer dereference causing a crash. Fixed by adding error handling in the func
- CVE-2024-43883Aug 23, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver carries stale pointers to references that can still be used. Make sure that does not happen. This strictly speak
- CVE-2022-48938Aug 22, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overf
- CVE-2022-48931Aug 22, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: configfs: fix a race in configfs_{,un}register_subsystem() When configfs_register_subsystem() or configfs_unregister_subsystem() is executing link_group() or unlink_group(), it is possible that two processes ad
- CVE-2022-48930Aug 22, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/ib_srp: Fix a deadlock Remove the flush_workqueue(system_long_wq) call since flushing system_long_wq is deadlock-prone and since that call is redundant with a preceding cancel_work_sync()
- CVE-2022-48943Aug 22, 2024affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault logic, when a page is ready, KVM relies on kvm_arch_can_dequeue_async_page_present() to determine whether to deliver a READY event to
- CVE-2022-48925Aug 22, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.src_addr outside state checks If the state is not idle then resolve_prepare_src() should immediately fail and no change to global state should happen. However, it unconditiona
- CVE-2022-48920Aug 22, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from __writeback_inodes_sb_nr():
- CVE-2022-48919Aug 22, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call deactivate_locked_super() which eventually will call delayed_free() which will free
- CVE-2022-48911Aug 22, 2024affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet
- CVE-2022-48910Aug 22, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ensure we call ipv6_mc_down() at most once There are two reasons for addrconf_notify() to be called with NETDEV_DOWN: either the network device is actually going down, or IPv6 was disabled on the int
Page 4 of 72