rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
Vulnerabilities (1,878)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-53197 | — | KEV | < 4.12.14-122.247.1 | 4.12.14-122.247.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating | |
| CVE-2024-53194 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c ("thunderbolt: Reset USB4 v2 host router") and commit 59a54c5 | ||
| CVE-2024-53185 | — | < 4.12.14-122.247.1 | 4.12.14-122.247.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2_GLOBAL_CAP_ENCRYPTION flag is set in the negotiate response, the client uses | ||
| CVE-2024-53179 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses->auth_key.response with SMB2.1 + sign mounts which occurs due to following race: task A tas | ||
| CVE-2024-53173 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs | ||
| CVE-2024-53172 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fix duplicate slab cache names while attaching Since commit 4c39529663b9 ("slab: Warn on duplicate cache names when DEBUG_VM=y"), the duplicate slab cache names can be detected and a kernel WARNIN | ||
| CVE-2024-53168 | — | < 4.12.14-122.261.1 | 4.12.14-122.261.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID | ||
| CVE-2024-53157 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware Fix a kernel crash with the below call trace when the SCPI firmware returns OPP count of zero. dvfs_info.opp_count may be zero on some plat | ||
| CVE-2024-53156 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255 | ||
| CVE-2024-53155 | — | < 4.12.14-122.247.1 | 4.12.14-122.247.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix uninitialized value in ocfs2_file_read_iter() Syzbot has reported the following KMSAN splat: BUG: KMSAN: uninit-value in ocfs2_file_read_iter+0x9a4/0xf80 ocfs2_file_read_iter+0x9a4/0xf80 __io_read | ||
| CVE-2024-53150 | — | KEV | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provid | |
| CVE-2024-53146 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that | ||
| CVE-2024-53240 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt t | ||
| CVE-2024-53144 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always requ | ||
| CVE-2024-5660 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 10, 2024 | Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2, Cortex-X3, Cortex-X4, Cortex-X925, Neoverse V1, Neoverse V2, Neoverse V3, Neoverse V3AE, Neoverse N2 | ||
| CVE-2024-53142 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Dec 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALG | ||
| CVE-2024-53141 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f | ||
| CVE-2024-53140 | — | < 4.12.14-122.255.1 | 4.12.14-122.255.1 | Dec 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - (optional) kicks off the dumping process - dump - actual | ||
| CVE-2024-53136 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. A | ||
| CVE-2024-53124 | Med | 4.7 | < 4.12.14-122.255.1 | 4.12.14-122.255.1 | Dec 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules |
- affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating
- CVE-2024-53194Dec 27, 2024affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c ("thunderbolt: Reset USB4 v2 host router") and commit 59a54c5
- CVE-2024-53185Dec 27, 2024affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2_GLOBAL_CAP_ENCRYPTION flag is set in the negotiate response, the client uses
- CVE-2024-53179Dec 27, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses->auth_key.response with SMB2.1 + sign mounts which occurs due to following race: task A tas
- CVE-2024-53173Dec 27, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs
- CVE-2024-53172Dec 27, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fix duplicate slab cache names while attaching Since commit 4c39529663b9 ("slab: Warn on duplicate cache names when DEBUG_VM=y"), the duplicate slab cache names can be detected and a kernel WARNIN
- CVE-2024-53168Dec 27, 2024affected < 4.12.14-122.261.1fixed 4.12.14-122.261.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
- CVE-2024-53157Dec 24, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware Fix a kernel crash with the below call trace when the SCPI firmware returns OPP count of zero. dvfs_info.opp_count may be zero on some plat
- CVE-2024-53156Dec 24, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51 index 255
- CVE-2024-53155Dec 24, 2024affected < 4.12.14-122.247.1fixed 4.12.14-122.247.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix uninitialized value in ocfs2_file_read_iter() Syzbot has reported the following KMSAN splat: BUG: KMSAN: uninit-value in ocfs2_file_read_iter+0x9a4/0xf80 ocfs2_file_read_iter+0x9a4/0xf80 __io_read
- affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provid
- CVE-2024-53146Dec 24, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that
- CVE-2024-53240Dec 24, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt t
- CVE-2024-53144Dec 17, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always requ
- CVE-2024-5660Dec 10, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2, Cortex-X3, Cortex-X4, Cortex-X925, Neoverse V1, Neoverse V2, Neoverse V3, Neoverse V3AE, Neoverse N2
- CVE-2024-53142Dec 6, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALG
- CVE-2024-53141Dec 6, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f
- CVE-2024-53140Dec 4, 2024affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - (optional) kicks off the dumping process - dump - actual
- CVE-2024-53136Dec 4, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. A
- affected < 4.12.14-122.255.1fixed 4.12.14-122.255.1
In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules
Page 77 of 94