rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Vulnerabilities (1,486)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52502 | — | < 4.12.14-122.201.1 | 4.12.14-122.201.1 | Mar 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock s | ||
| CVE-2022-48627 | — | < 4.12.14-122.201.1 | 4.12.14-122.201.1 | Mar 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to m | ||
| CVE-2021-47078 | — | < 4.12.14-122.201.1 | 4.12.14-122.201.1 | Mar 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Clear all QP fields if creation failed rxe_qp_do_cleanup() relies on valid pointer values in QP for the properly created ones, but in case rxe_qp_from_init() failed it was filled with garbage and caus | ||
| CVE-2021-47077 | — | < 4.12.14-122.201.1 | 4.12.14-122.201.1 | Mar 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add pointer checks in qedf_update_link_speed() The following trace was observed: [ 14.042059] Call Trace: [ 14.042061] [ 14.042068] qedf_link_update+0x144/0x1f0 [qedf] [ 14.0421 | ||
| CVE-2021-47076 | — | < 4.12.14-122.201.1 | 4.12.14-122.201.1 | Mar 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused the following kernel panic if someone sent an atomic operation with an explicitl | ||
| CVE-2021-47074 | — | < 4.12.14-122.219.1 | 4.12.14-122.219.1 | Mar 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-loop: fix memory leak in nvme_loop_create_ctrl() When creating loop ctrl in nvme_loop_create_ctrl(), if nvme_init_ctrl() fails, the loop ctrl should be freed before jumping to the "out" label. | ||
| CVE-2021-47073 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Mar 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems where the Dell WMI interface is supported. While exit_dell_smbios_wmi() u | ||
| CVE-2021-47071 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Mar 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix a memory leak in error handling paths If 'vmbus_establish_gpadl()' fails, the (recv|send)_gpadl will not be updated and 'hv_uio_cleanup()' in the error handling path will not be able to free | ||
| CVE-2021-47070 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Mar 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix another memory leak in error handling paths Memory allocated by 'vmbus_alloc_ring()' at the beginning of the probe function is never freed in the error handling path. Add the missing 'vmbus | ||
| CVE-2021-47068 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d ("nfc: fix refcount leak in llcp_sock_connect()") and c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()") fixed a refcount leak bug in bi | ||
| CVE-2021-47063 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: bridge/panel: Cleanup connector on bridge detach If we don't call drm_connector_cleanup() manually in panel_bridge_detach(), the connector will be cleaned up with the other DRM objects in the call to drm_m | ||
| CVE-2021-47061 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU If allocating a new instance of an I/O bus fails when unregistering a device, wait to destroy the device until after all readers are guar | ||
| CVE-2021-47060 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MMIO zones if kvm_io_bus_unregister_dev() fails to allocate memory for the new instance of the bus. If it can't in | ||
| CVE-2021-47056 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init ADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2pf_shutdown() before calling adf_iov_putmsg()->mutex_lock(vf2pf_lock), however the | ||
| CVE-2021-47055 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e | ||
| CVE-2021-47054 | — | < 4.12.14-122.201.1 | 4.12.14-122.201.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: bus: qcom: Put child node before return Put child node before return to fix potential reference count leak. Generally, the reference count of child is incremented and decremented automatically in the macro for_ | ||
| CVE-2024-26615 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1 | ||
| CVE-2024-26614 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: | ||
| CVE-2023-52488 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent ($00), followed by all the FIFO d | ||
| CVE-2023-52486 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from |
- CVE-2023-52502Mar 2, 2024affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1
In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock s
- CVE-2022-48627Mar 2, 2024affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1
In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to m
- CVE-2021-47078Mar 1, 2024affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Clear all QP fields if creation failed rxe_qp_do_cleanup() relies on valid pointer values in QP for the properly created ones, but in case rxe_qp_from_init() failed it was filled with garbage and caus
- CVE-2021-47077Mar 1, 2024affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add pointer checks in qedf_update_link_speed() The following trace was observed: [ 14.042059] Call Trace: [ 14.042061] [ 14.042068] qedf_link_update+0x144/0x1f0 [qedf] [ 14.0421
- CVE-2021-47076Mar 1, 2024affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused the following kernel panic if someone sent an atomic operation with an explicitl
- CVE-2021-47074Mar 1, 2024affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1
In the Linux kernel, the following vulnerability has been resolved: nvme-loop: fix memory leak in nvme_loop_create_ctrl() When creating loop ctrl in nvme_loop_create_ctrl(), if nvme_init_ctrl() fails, the loop ctrl should be freed before jumping to the "out" label.
- CVE-2021-47073Mar 1, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems where the Dell WMI interface is supported. While exit_dell_smbios_wmi() u
- CVE-2021-47071Mar 1, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix a memory leak in error handling paths If 'vmbus_establish_gpadl()' fails, the (recv|send)_gpadl will not be updated and 'hv_uio_cleanup()' in the error handling path will not be able to free
- CVE-2021-47070Mar 1, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix another memory leak in error handling paths Memory allocated by 'vmbus_alloc_ring()' at the beginning of the probe function is never freed in the error handling path. Add the missing 'vmbus
- CVE-2021-47068Feb 29, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d ("nfc: fix refcount leak in llcp_sock_connect()") and c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()") fixed a refcount leak bug in bi
- CVE-2021-47063Feb 29, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: drm: bridge/panel: Cleanup connector on bridge detach If we don't call drm_connector_cleanup() manually in panel_bridge_detach(), the connector will be cleaned up with the other DRM objects in the call to drm_m
- CVE-2021-47061Feb 29, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU If allocating a new instance of an I/O bus fails when unregistering a device, wait to destroy the device until after all readers are guar
- CVE-2021-47060Feb 29, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MMIO zones if kvm_io_bus_unregister_dev() fails to allocate memory for the new instance of the bus. If it can't in
- CVE-2021-47056Feb 29, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init ADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2pf_shutdown() before calling adf_iov_putmsg()->mutex_lock(vf2pf_lock), however the
- CVE-2021-47055Feb 29, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e
- CVE-2021-47054Feb 29, 2024affected < 4.12.14-122.201.1fixed 4.12.14-122.201.1
In the Linux kernel, the following vulnerability has been resolved: bus: qcom: Put child node before return Put child node before return to fix potential reference count leak. Generally, the reference count of child is incremented and decremented automatically in the macro for_
- CVE-2024-26615Feb 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1
- CVE-2024-26614Feb 29, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU:
- CVE-2023-52488Feb 29, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent ($00), followed by all the FIFO d
- CVE-2023-52486Feb 29, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from
Page 40 of 75