VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (1,794)

  • CVE-2024-56642Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanup_bearer() without repro. [0][1] When bearer_disable() calls tipc_udp_disable(),

  • CVE-2024-56641Dec 27, 2024
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: initialize close_work early to avoid warning We encountered a warning that close_work was canceled before initialization. WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x

  • CVE-2024-56640Dec 27, 2024
    affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access uns

  • CVE-2024-56637Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ip_set.ko while it is itself requesting a set type backend module, leading to a kernel crash. The race condition may be pr

  • CVE-2024-56633Dec 27, 2024
    affected < 4.12.14-122.261.1fixed 4.12.14-122.261.1

    In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg The current sk memory accounting logic in __SK_REDIRECT is pre-uncharging tosend bytes, which is either msg->sg.size or a smaller value apply_bytes. Po

  • CVE-2024-56630Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2_get_init_inode() fails syzbot is reporting busy inodes after unmount, for commit 9c89fe0af826 ("ocfs2: Handle error from dquot_initialize()") forgot to call iput() when new_inode()

  • CVE-2024-56623Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 signals to tell dpc_thread to terminate (UNLOADING flag and kthread_stop). On settin

  • CVE-2024-56616Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1 byte accounting for the message body CRC (aka message data CRC) at the end of the

  • CVE-2024-56615Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the OOB writes.

  • CVE-2024-56606Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: af_packet: avoid erroring out after sock_init_data() in packet_create() After sock_init_data() the allocated sk object is attached to the provided sock object. On error, packet_create() frees the sk object leav

  • CVE-2024-56605Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk o

  • CVE-2024-56604Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the provided sock object. If rfcomm_dlc_alloc() fails, we release the sk object, but l

  • CVE-2024-56603Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: net: af_can: do not leave a dangling sk pointer in can_create() On error can_create() frees the allocated sk object, but sock_init_data() has already attached it to the provided sock object. This will leave a d

  • CVE-2024-56601Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock o

  • CVE-2024-56600Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the

  • CVE-2024-56599Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod ath10k', ath10k_sdio_remove() will free sdio workqueue by destroy_workqueue(). But if CONFIG_INIT_ON_FREE_DEFAULT_ON is set to yes,

  • CVE-2024-56594Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: set the right AMDGPU sg segment limitation The driver needs to set the correct max_segment_size; otherwise debug_dma_map_sg() will complain about the over-mapping of the AMDGPU sg length as followin

  • CVE-2024-56593Dec 27, 2024
    affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sd_sgentry_align' value applies (e.g. 512

  • CVE-2024-56590Dec 27, 2024
    affected < 4.12.14-122.258.1fixed 4.12.14-122.258.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet This fixes not checking if skb really contains an ACL header otherwise the code may attempt to access some uninitilized/invalid memory past

  • CVE-2024-56587Dec 27, 2024
    affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1

    In the Linux kernel, the following vulnerability has been resolved: leds: class: Protect brightness_show() with led_cdev->led_access mutex There is NULL pointer issue observed if from Process A where hid device being added which results in adding a led_cdev addition and later a

Page 71 of 90