VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (1,794)

  • CVE-2024-57890Jan 15, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqe_size * cmd.wr_count", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pa

  • CVE-2024-57888Jan 15, 2025
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker After commit 746ae46c1113 ("drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM") amdgpu started seeing the following

  • CVE-2024-57887Jan 15, 2025
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533_attach_dsi() The host_node pointer was assigned and freed in adv7533_parse_dt(), and later, adv7533_attach_dsi() uses the same. Fix this use-after-free issue by dropp

  • CVE-2024-57884Jan 15, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() The task sometimes continues looping in throttle_direct_reclaim() because allow_direct_reclaim(pgdat) keeps returning fal

  • CVE-2024-57849Jan 11, 2025
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu() ... CPUHP

  • CVE-2024-57791Jan 11, 2025
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sock_recvmsg when draining clc data When receiving clc msg, the field length in smc_clc_msg_hdr indicates the length of msg should be received from network and the value should no

  • CVE-2024-56369Jan 11, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() drm_mode_vrefresh() is trying to avoid divide by zero by checking whether htotal or vtotal are zero. But we may still end up with a div-by-zero of v

  • CVE-2024-55916Jan 11, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet If the KVP (or VSS) daemon starts before the VMBus channel's ringbuffer is fully initialized, we can hit the panic below: hv_utils: Registeri

  • CVE-2024-49571Jan 11, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg When receiving proposal msg in server, the field iparea_offset and the field ipv6_prefixes_cnt in proposal msg are from the remote

  • CVE-2024-54683Jan 11, 2025
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: IDLETIMER: Fix for possible ABBA deadlock Deletion of the last rule referencing a given idletimer may happen at the same time as a read of its file in sysfs: | ======================================

  • CVE-2024-53680Jan 11, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instr

  • CVE-2024-52332Jan 11, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when

  • CVE-2024-48881Jan 11, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again Commit 028ddcac477b ("bcache: Remove unnecessary NULL point check in node allocations") leads a NULL pointer deference in cache_set_flush(). 1721

  • CVE-2024-47809Jan 11, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called from request_lock() as lkb->lkb_resource is not assigned yet, only after validat

  • CVE-2024-47141Jan 11, 2025
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc->pinmux data When two client of the same gpio call pinctrl_select_state() for the same functionality, we are seeing NULL pointer issue while accessing desc->mux_owne

  • CVE-2024-56779Jan 8, 2025
    affected < 4.12.14-122.261.1fixed 4.12.14-122.261.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequen

  • CVE-2024-56770Jan 8, 2025
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of

  • CVE-2024-56769Jan 6, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read b

  • CVE-2024-56763Jan 6, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it.

  • CVE-2024-56759Jan 6, 2025
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled

Page 69 of 90