VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (1,794)

  • CVE-2025-38623Aug 22, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: pnv_php: Fix surprise plug detection and recovery The existing PowerNV hotplug code did not handle surprise plug events correctly, leading to a complete failure of the hotplug system after device removal a

  • CVE-2025-38618Aug 22, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by ac

  • CVE-2025-38617Aug 22, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix a

  • CVE-2025-38604Aug 19, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Kill URBs before clearing tx status queue In rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing b_tx_status.queue. This change prevents callbacks from using already freed sk

  • CVE-2025-38602Aug 19, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Add missing check for alloc_ordered_workqueue Add check for the return value of alloc_ordered_workqueue since it may return NULL pointer.

  • CVE-2025-38591Aug 19, 2025
    affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = *(u8 *)(r1 + 169); exit; With pointer field sk being at of

  • CVE-2025-38574Aug 19, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptp_xmit() Commit aabc6596ffb3 ("net: ppp: Add bound checking for skb data on ppp_sync_txmung") fixed ppp_sync_txmunge() We need a similar fix in pptp_xmit(), otherwise we m

  • CVE-2025-38572Aug 19, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: reject malicious packets in ipv6_gso_segment() syzbot was able to craft a packet with very long IPv6 extension headers leading to an overflow of skb->transport_header. This 16bit field has a limited rang

  • CVE-2025-38565Aug 19, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perf_mmap() fail When perf_mmap() fails to allocate a buffer, it still invokes the event_mapped() callback of the related event. On X86 this might increase the perf_rdpmc_allowed refere

  • CVE-2025-38563Aug 19, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevent VMA split of buffer mappings The perf mmap code is careful about mmap()'ing the user page with the ringbuffer and additionally the auxiliary buffer, when the event supports it. Once the first

  • CVE-2025-38556Aug 19, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity.

  • CVE-2025-38553Aug 19, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Restrict conditions for adding duplicating netems to qdisc tree netem_enqueue's duplication prevention logic breaks when a netem resides in a qdisc tree with other netems - this can lead to a soft lo

  • CVE-2025-38546Aug 16, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clip_vcc. ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to vcc->user_back. The code assumes that vcc_destroy_socket() passes NULL skb to vcc->push() when the sock

  • CVE-2025-38539Aug 16, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Add down_write(trace_event_sem) when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum

  • CVE-2025-38527Aug 16, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifs_oplock_break A race condition can occur in cifs_oplock_break() leading to a use-after-free of the cinode structure when unmounting: cifs_oplock_break() _cifsFileIn

  • CVE-2025-38515Aug 16, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increment job count before swapping tail spsc queue A small race exists between spsc_queue_push and the run-job worker, in which spsc_queue_push may return not-first while the run-job worker has alre

  • CVE-2025-38513Aug 16, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() There is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For example, the following is possible: T0 T1 zd_m

  • CVE-2025-38512Aug 16, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAt

  • CVE-2025-38499MedAug 11, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be

  • CVE-2022-50233Aug 9, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name} Both dev_name and short_name are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting

Page 33 of 90