rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Vulnerabilities (1,486)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-38632	—	< 4.12.14-122.231.1	4.12.14-122.231.1	Jun 21, 2024	In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfio_intx_enable() If vfio_irq_ctx_alloc() failed will lead to 'name' memory leak.
CVE-2024-38630	—	< 4.12.14-122.225.1	4.12.14-122.225.1	Jun 21, 2024	In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the cpu5wdt module is removing, the origin code uses del_timer() to de-activate the timer. If the timer handler is running, del_timer()
CVE-2024-38627	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 21, 2024	In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The put_device(&stm->dev) call will trigger stm_device_release() which frees "stm" so the vfree(stm) on the next line is a double free.
CVE-2024-38621	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 21, 2024	In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. The ->length is the length of the buffer. The ->bytesused is how many bytes we have copied thus far. Wh
CVE-2021-4439	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The cmtp_add_connection() would add a cmtp session to a controller and run a kernel thread to process cmtp. __module_get(THIS_MODULE); session->ta
CVE-2022-48771	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fence_rep object will lead to a stale entry in the file descriptor table as put_unused_fd() won't release it. This enables use
CVE-2022-48769	—	< 4.12.14-122.228.1	4.12.14-122.228.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports [0] that his recent MacbookPro crashes in the firmware when using the variable services at runtime. The culprit appears to be a ca
CVE-2022-48761	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: fix crash when suspend if remote wake enable Crashed at i.mx8qm platform when suspend if enable remote wakeup Internal error: synchronous external abort: 96000210 [#1] PREEMPT SMP Modules linke
CVE-2022-48760	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usb_kill_urb by adding memory barriers The syzbot fuzzer has identified a bug in which processes hang waiting for usb_kill_urb() to return. It turns out the issue is not unlinking the UR
CVE-2022-48759	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev struct rpmsg_ctrldev contains a struct cdev. The current code frees the rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but the cdev i
CVE-2022-48758	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() The bnx2fc_destroy() functions are removing the interface before calling destroy_work. This results multiple WARNings from sysfs_remo
CVE-2022-48756	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize the "dev" variable after the sanity check
CVE-2022-48754	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add device reset GPIO support") added call to phy_device_reset(phydev) after the put_device() call in phy_detach(). The comment before the put
CVE-2022-48751	—	< 4.12.14-122.228.1	4.12.14-122.228.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smc_setsockopt() and it is caused by accessing smc->clcsock after clcsock was released. BUG: kernel NULL pointer dereference, ad
CVE-2022-48743	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the
CVE-2022-48740	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of cond_list on error paths On error path from cond_read_list() and duplicate_policydb_cond_list() the cond_list_destroy() gets called a second time in caller functions, resulting in NU
CVE-2022-48733	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:create_snapshot(), we allocate a pending snapshot structure and then attach it to the transaction's list of pending snapshots. After that
CVE-2022-48732	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's wit
CVE-2022-48722	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154_xmit_complete() helper is not called. Only ieee802154_wake_queue() is called manually. We then leak the skb structure. Free the skb structu
CVE-2022-48715	—	< 4.12.14-122.222.1	4.12.14-122.222.1	Jun 20, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and r

CVE-2024-38632Jun 21, 2024
affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfio_intx_enable() If vfio_irq_ctx_alloc() failed will lead to 'name' memory leak.
CVE-2024-38630Jun 21, 2024
affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger When the cpu5wdt module is removing, the origin code uses del_timer() to de-activate the timer. If the timer handler is running, del_timer()
CVE-2024-38627Jun 21, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The put_device(&stm->dev) call will trigger stm_device_release() which frees "stm" so the vfree(stm) on the next line is a double free.
CVE-2024-38621Jun 21, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. The ->length is the length of the buffer. The ->bytesused is how many bytes we have copied thus far. Wh
CVE-2021-4439Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The cmtp_add_connection() would add a cmtp session to a controller and run a kernel thread to process cmtp. __module_get(THIS_MODULE); session->ta
CVE-2022-48771Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fence_rep object will lead to a stale entry in the file descriptor table as put_unused_fd() won't release it. This enables use
CVE-2022-48769Jun 20, 2024
affected < 4.12.14-122.228.1fixed 4.12.14-122.228.1
In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports [0] that his recent MacbookPro crashes in the firmware when using the variable services at runtime. The culprit appears to be a ca
CVE-2022-48761Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: fix crash when suspend if remote wake enable Crashed at i.mx8qm platform when suspend if enable remote wakeup Internal error: synchronous external abort: 96000210 [#1] PREEMPT SMP Modules linke
CVE-2022-48760Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usb_kill_urb by adding memory barriers The syzbot fuzzer has identified a bug in which processes hang waiting for usb_kill_urb() to return. It turns out the issue is not unlinking the UR
CVE-2022-48759Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev struct rpmsg_ctrldev contains a struct cdev. The current code frees the rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but the cdev i
CVE-2022-48758Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() The bnx2fc_destroy() functions are removing the interface before calling destroy_work. This results multiple WARNings from sysfs_remo
CVE-2022-48756Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize the "dev" variable after the sanity check
CVE-2022-48754Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add device reset GPIO support") added call to phy_device_reset(phydev) after the put_device() call in phy_detach(). The comment before the put
CVE-2022-48751Jun 20, 2024
affected < 4.12.14-122.228.1fixed 4.12.14-122.228.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smc_setsockopt() and it is caused by accessing smc->clcsock after clcsock was released. BUG: kernel NULL pointer dereference, ad
CVE-2022-48743Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the
CVE-2022-48740Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of cond_list on error paths On error path from cond_read_list() and duplicate_policydb_cond_list() the cond_list_destroy() gets called a second time in caller functions, resulting in NU
CVE-2022-48733Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free after failure to create a snapshot At ioctl.c:create_snapshot(), we allocate a pending snapshot structure and then attach it to the transaction's list of pending snapshots. After that
CVE-2022-48732Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's wit
CVE-2022-48722Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154_xmit_complete() helper is not called. Only ieee802154_wake_queue() is called manually. We then leak the skb structure. Free the skb structu
CVE-2022-48715Jun 20, 2024
affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and r

Page 13 of 75