rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (1,794)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-40081 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Cast nr_pages to unsigned long to avoid overflow when handling large AUX buffer sizes (>= 2 GiB). | ||
| CVE-2025-40078 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Explicitly check accesses to bpf_sock_addr Syzkaller found a kernel warning on the following sock_addr program: 0: r0 = 0 1: r2 = *(u32 *)(r1 +60) 2: exit which triggers: verifier bug: e | ||
| CVE-2025-40075 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: use dst_dev_net_rcu() Replace three dst_dev() with a lockdep enabled helper. | ||
| CVE-2025-40070 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: pps: fix warning in pps_register_cdev when register device fail Similar to previous commit 2a934fdb01db ("media: v4l2-dev: fix error handling in __video_register_device()"), the release hook should be set befor | ||
| CVE-2025-40064 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in __pnet_find_base_ndev(). syzbot reported use-after-free of net_device in __pnet_find_base_ndev(), which was called during connect(). [0] smc_pnet_find_ism_resource() fetches sk_dst_g | ||
| CVE-2025-40055 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in user_cluster_connect() user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a | ||
| CVE-2025-40053 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copy_thresh allocation failure The driver did not handle failure of `netdev_alloc_skb_ip_align()`. If the allocation failed, dereferencing `skb->protocol` could lead to a NULL pointer derefer | ||
| CVE-2025-40049 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfs_get_parent Syzkaller reports a "KMSAN: uninit-value in squashfs_get_parent" bug. This is caused by open_by_handle_at() being called with a file handle containing an inval | ||
| CVE-2025-40048 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us | ||
| CVE-2025-40044 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m | ||
| CVE-2025-40035 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Struct ff_effect_compat is embedded twice inside uinput_ff_upload_compat, contains internal padding. In particular, there is a hole aft | ||
| CVE-2025-40030 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmux_ops::get_function_name() While the API contract in docs doesn't specify it explicitly, the generic implementation of the get_function_name() callback from struct pinmux | ||
| CVE-2025-40082 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at addr ffff8880289ef218 by task syz.6.248/14290 | ||
| CVE-2025-40040 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksm_madvise syzkaller discovered the following crash: (kernel BUG) [ 44.607039] ------------[ cut here ]------------ [ 44.607422] kernel BUG at mm/userfaultfd.c:2067! | ||
| CVE-2025-40027 | — | < 4.12.14-122.283.1 | 4.12.14-122.283.1 | Oct 28, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/9p: fix double req put in p9_fd_cancelled Syzkaller reports a KASAN issue as below: general protection fault, probably for non-canonical address 0xfbd59c0000000021: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: | ||
| CVE-2025-40018 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr | ||
| CVE-2023-53733 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 24, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode When u32_replace_hw_knode fails, we need to undo the tcf_bind_filter operation done at u32_set_parms. | ||
| CVE-2023-53722 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows | ||
| CVE-2023-53718 | — | < 4.12.14-122.290.1 | 4.12.14-122.290.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in | ||
| CVE-2023-53717 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Oct 22, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wm |
- CVE-2025-40081Oct 28, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Cast nr_pages to unsigned long to avoid overflow when handling large AUX buffer sizes (>= 2 GiB).
- CVE-2025-40078Oct 28, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Explicitly check accesses to bpf_sock_addr Syzkaller found a kernel warning on the following sock_addr program: 0: r0 = 0 1: r2 = *(u32 *)(r1 +60) 2: exit which triggers: verifier bug: e
- CVE-2025-40075Oct 28, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: use dst_dev_net_rcu() Replace three dst_dev() with a lockdep enabled helper.
- CVE-2025-40070Oct 28, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: pps: fix warning in pps_register_cdev when register device fail Similar to previous commit 2a934fdb01db ("media: v4l2-dev: fix error handling in __video_register_device()"), the release hook should be set befor
- CVE-2025-40064Oct 28, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in __pnet_find_base_ndev(). syzbot reported use-after-free of net_device in __pnet_find_base_ndev(), which was called during connect(). [0] smc_pnet_find_ism_resource() fetches sk_dst_g
- CVE-2025-40055Oct 28, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in user_cluster_connect() user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a
- CVE-2025-40053Oct 28, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copy_thresh allocation failure The driver did not handle failure of `netdev_alloc_skb_ip_align()`. If the allocation failed, dereferencing `skb->protocol` could lead to a NULL pointer derefer
- CVE-2025-40049Oct 28, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfs_get_parent Syzkaller reports a "KMSAN: uninit-value in squashfs_get_parent" bug. This is caused by open_by_handle_at() being called with a file handle containing an inval
- CVE-2025-40048Oct 28, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us
- CVE-2025-40044Oct 28, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images m
- CVE-2025-40035Oct 28, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak Struct ff_effect_compat is embedded twice inside uinput_ff_upload_compat, contains internal padding. In particular, there is a hole aft
- CVE-2025-40030Oct 28, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmux_ops::get_function_name() While the API contract in docs doesn't specify it explicitly, the generic implementation of the get_function_name() callback from struct pinmux
- CVE-2025-40082Oct 28, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at addr ffff8880289ef218 by task syz.6.248/14290
- CVE-2025-40040Oct 28, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksm_madvise syzkaller discovered the following crash: (kernel BUG) [ 44.607039] ------------[ cut here ]------------ [ 44.607422] kernel BUG at mm/userfaultfd.c:2067!
- CVE-2025-40027Oct 28, 2025affected < 4.12.14-122.283.1fixed 4.12.14-122.283.1
In the Linux kernel, the following vulnerability has been resolved: net/9p: fix double req put in p9_fd_cancelled Syzkaller reports a KASAN issue as below: general protection fault, probably for non-canonical address 0xfbd59c0000000021: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN:
- CVE-2025-40018Oct 24, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr
- CVE-2023-53733Oct 24, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode When u32_replace_hw_knode fails, we need to undo the tcf_bind_filter operation done at u32_set_parms.
- CVE-2023-53722Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-of-bounds in raid1_remove_disk(). We have already found similar reports as follows
- CVE-2023-53718Oct 22, 2025affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpu_buffer during resize process When ring_buffer_swap_cpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in
- CVE-2023-53717Oct 22, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9k_wm
Page 16 of 90