VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Vulnerabilities (1,878)

  • CVE-2024-58083Mar 6, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() Explicitly verify the target vCPU is fully online _prior_ to clamping the index in kvm_get_vcpu(). If the index is "bad", the nospec clamping will

  • CVE-2024-58052Mar 6, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_table() does not check the return value of smu_atom_get_data_table(). If smu_atom

  • CVE-2022-49733Mar 2, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC There is a small race window at snd_pcm_oss_sync() that is called from OSS PCM SNDCTL_DSP_SYNC ioctl; namely the function calls snd_pcm_oss_make_ready() at first, the

  • CVE-2025-21814MedFeb 27, 2025
    affected < 4.12.14-122.261.1fixed 4.12.14-122.261.1

    In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers unconditionally call the ->enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affecte

  • CVE-2025-21806MedFeb 27, 2025
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned 1, exceeding its budget

  • CVE-2025-21821Feb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm

  • CVE-2025-21802Feb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it rem

  • CVE-2025-21796HigFeb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the

  • CVE-2025-21787MedFeb 27, 2025
    affected < 4.12.14-122.261.1fixed 4.12.14-122.261.1

    In the Linux kernel, the following vulnerability has been resolved: team: better TEAM_OPTION_TYPE_STRING validation syzbot reported following splat [1] Make sure user-provided data contains one nul byte. [1] BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inli

  • CVE-2025-21776MedFeb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer: Oops: gen

  • CVE-2025-21772HigFeb 27, 2025
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use put_dev_sector(), since the preceding read_part_sector() succeede

  • CVE-2025-21766MedFeb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.

  • CVE-2025-21765MedFeb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.

  • CVE-2025-21764HigFeb 27, 2025
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.

  • CVE-2025-21763HigFeb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.

  • CVE-2025-21762HigFeb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.

  • CVE-2025-21760HigFeb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.

  • CVE-2025-21758MedFeb 27, 2025
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocation

  • CVE-2025-21753HigFeb 27, 2025
    affected < 4.12.14-122.250.1fixed 4.12.14-122.250.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fs_info->trans_lock a

  • CVE-2025-21744MedFeb 27, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() On removal of the device or unloading of the kernel module a potential NULL pointer dereference occurs. The following sequence deletes the int

Page 58 of 94