VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (1,794)

  • CVE-2022-49943Jun 18, 2025
    affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1

    In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix obscure lockdep violation for udc_mutex A recent commit expanding the scope of the udc_lock mutex in the gadget core managed to cause an obscure and slightly bizarre lockdep violation. In abbr

  • CVE-2022-49938Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the request is sent, the checks would return -EIO when they should be rather setting rc

  • CVE-2022-49937Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usb_control_msg_*() routines Automatic kernel fuzzing led to a WARN about invalid pipe direction in the mceusb driver: ------------[ cut here ]------------ usb 6-1: BOGUS control dir, pi

  • CVE-2022-49936Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage: ============================================ WARNING: possible recursive locking det

  • CVE-2022-49934Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211_scan_rx() ieee80211_scan_rx() tries to access scan_req->flags after a null check, but a UAF is observed when the scan is completed and __ieee80211_scan_completed() executes,

  • CVE-2025-38079HigJun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea

  • CVE-2025-38058MedJun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock ... or we risk stealing final mntput from sync umount - raising mnt_count after umount(2) has verified that victim is not busy, but befor

  • CVE-2025-38078Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization (or reconfiguration) of a stream with the explicit call of snd_pcm_forma

  • CVE-2025-38075Jun 18, 2025
    affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix timeout on deleted connection NOPIN response timer may expire on a deleted connection and crash with such logs: Did not receive response to NOPIN on CID: 0, failing connection for I_T

  • CVE-2025-38074Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq->log_used with vq->mutex The vhost-scsi completion path may access vq->log_base when vq->log_used is already set to false. vhost-thread QEMU-thread vhost_scsi_

  • CVE-2025-38072Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in nd_label_data_init() If a faulty CXL memory device returns a broken zero LSA size in its memory device information (Identify Memory Device (Opcode 4000h), CXL spec. 3.1, 8.

  • CVE-2025-38068Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space

  • CVE-2025-38064Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on device_shutdown() Hongyu reported a hang on kexec in a VM. QEMU reported invalid memory accesses during the hang. Invalid read at addr 0x102877002, size 2, region '(n

  • CVE-2025-38061Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() Honour the user given buffer size for the strn_len() calls (otherwise strn_len() will access memory outside of the user given buffer

  • CVE-2025-38051Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifs_fill_dirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warni

  • CVE-2025-38040Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs The following splat has been observed on a SAMA5D27 platform using atmel_serial: BUG: sleeping function called from invalid context at kernel/irq

  • CVE-2025-38035Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null sk_state_change queue->state_change is set as part of nvmet_tcp_set_queue_sock(), but if the TCP connection isn't established when nvmet_tcp_set_queue_sock() is called then queue->

  • CVE-2025-38034Jun 18, 2025
    affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref btrfs_prelim_ref() calls the old and new reference variables in the incorrect order. This causes a NULL pointer dereference because oldref i

  • CVE-2025-38024Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120 print_address_description mm/kasan/

  • CVE-2025-38023Jun 18, 2025
    affected < 4.12.14-122.266.1fixed 4.12.14-122.266.1

    In the Linux kernel, the following vulnerability has been resolved: nfs: handle failure of nfs_get_lock_context in unlock path When memory is insufficient, the allocation of nfs_lock_context in nfs_get_lock_context() fails and returns -ENOMEM. If we mistakenly treat an nfs4_unl

Page 41 of 90