rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Vulnerabilities (1,486)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-41081 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ila_output() As explained in commit 1378817486d6 ("tipc: block BH before using dst_cache"), net/core/dst_cache.c helpers need to be called with BH disabled. ila_output() is called from lwtunne | ||
| CVE-2024-41079 | — | < 4.12.14-122.231.1 | 4.12.14-122.231.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue entry need to be set to 0 when they are not used (not specified). Though, the tar | ||
| CVE-2024-41078 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix quota root leak after quota disable failure If during the quota disable we fail when cleaning the quota tree or when deleting the root from the root tree, we jump to the 'out' label without e | ||
| CVE-2024-41073 | — | < 4.12.14-122.231.1 | 4.12.14-122.231.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free will result. Clear the RQF_SPECIAL_LOAD when the re | ||
| CVE-2024-41072 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211_wext_siwscan()', add extra check whether number of channels passed via 'ioctl(sock, SIOCSIWSCAN, ...)' doesn't exceed IW_MAX_FREQUENCIES and r | ||
| CVE-2024-41070 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() Al reported a possible use-after-free (UAF) in kvm_spapr_tce_attach_iommu_group(). It looks up `stt` from tablefd, but then continues to u | ||
| CVE-2024-41068 | — | < 4.12.14-122.228.1 | 4.12.14-122.228.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix sclp_init() cleanup on failure If sclp_init() fails it only partially cleans up: if there are multiple failing calls to sclp_init() sclp_state_change_event will be added several times to sclp_reg | ||
| CVE-2024-41066 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: tx_buff[free_map[consumer_index]]->skb = new_skb; free_map[consumer_index] = | ||
| CVE-2024-41064 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: avoid possible crash when edev->pdev changes If a PCI device is removed during eeh_pe_report_edev(), edev->pdev will change and can cause a crash, hold the PCI rescan/remove lock while taking a cop | ||
| CVE-2024-41063 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() syzbot is reporting that calling hci_release_dev() from hci_error_reset() due to hci_dev_put() from hci_error_reset() can cause deadlock at destro | ||
| CVE-2024-41062 | — | < 4.12.14-122.228.1 | 4.12.14-122.228.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, where the former releases the sock and the latter accesses it without lock protection | ||
| CVE-2024-41060 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bo_va->bo is non-NULL before using it The call to radeon_vm_clear_freed might clear bo_va->bo, so we have to check it before dereferencing it. | ||
| CVE-2024-41059 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x | ||
| CVE-2024-41048 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: skmsg: Skip zero length skb in sk_msg_recvmsg When running BPF selftests (./test_progs -t sockmap_basic) on a Loongarch platform, the following kernel panic occurs: [...] Oops[#1]: CPU: 22 PID: 2824 Comm | ||
| CVE-2024-41044 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ppp: reject claimed-as-LCP but actually malformed packets Since 'ppp_async_encode()' assumes valid LCP packets (with code from 1 to 7 inclusive), add 'ppp_check_packet()' to ensure that LCP packet has an actual | ||
| CVE-2024-41035 | — | < 4.12.14-122.228.1 | 4.12.14-122.228.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore (see the Closes: tag below) caused by our assumption that the reserved bits in an endpoin | ||
| CVE-2024-41020 | — | < 4.12.14-122.228.1 | 4.12.14-122.228.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 ("filelock: Remove locks reliably when fcntl/close race is detected"), I missed that there are two copies of the code I was p | ||
| CVE-2024-41016 | Med | 5.5 | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before me | |
| CVE-2024-41015 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2_check_dir_entry() This adds sanity checks for ocfs2_dir_entry to make sure all members of ocfs2_dir_entry don't stray beyond valid memory region. | ||
| CVE-2024-41014 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | Jul 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data There is a lack of verification of the space occupied by fixed members of xlog_op_header in the xlog_recover_process_data. We can create a crafted image to |
- CVE-2024-41081Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ila_output() As explained in commit 1378817486d6 ("tipc: block BH before using dst_cache"), net/core/dst_cache.c helpers need to be called with BH disabled. ila_output() is called from lwtunne
- CVE-2024-41079Jul 29, 2024affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1
In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results) for the command queue entry need to be set to 0 when they are not used (not specified). Though, the tar
- CVE-2024-41078Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix quota root leak after quota disable failure If during the quota disable we fail when cleaning the quota tree or when deleting the root from the root tree, we jump to the 'out' label without e
- CVE-2024-41073Jul 29, 2024affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1
In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free will result. Clear the RQF_SPECIAL_LOAD when the re
- CVE-2024-41072Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211_wext_siwscan()', add extra check whether number of channels passed via 'ioctl(sock, SIOCSIWSCAN, ...)' doesn't exceed IW_MAX_FREQUENCIES and r
- CVE-2024-41070Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() Al reported a possible use-after-free (UAF) in kvm_spapr_tce_attach_iommu_group(). It looks up `stt` from tablefd, but then continues to u
- CVE-2024-41068Jul 29, 2024affected < 4.12.14-122.228.1fixed 4.12.14-122.228.1
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix sclp_init() cleanup on failure If sclp_init() fails it only partially cleans up: if there are multiple failing calls to sclp_init() sclp_state_change_event will be added several times to sclp_reg
- CVE-2024-41066Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Add tx check to prevent skb leak Below is a summary of how the driver stores a reference to an skb during transmit: tx_buff[free_map[consumer_index]]->skb = new_skb; free_map[consumer_index] =
- CVE-2024-41064Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: avoid possible crash when edev->pdev changes If a PCI device is removed during eeh_pe_report_edev(), edev->pdev will change and can cause a crash, hold the PCI rescan/remove lock while taking a cop
- CVE-2024-41063Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() syzbot is reporting that calling hci_release_dev() from hci_error_reset() due to hci_dev_put() from hci_error_reset() can cause deadlock at destro
- CVE-2024-41062Jul 29, 2024affected < 4.12.14-122.228.1fixed 4.12.14-122.228.1
In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hci_rx_work, where the former releases the sock and the latter accesses it without lock protection
- CVE-2024-41060Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bo_va->bo is non-NULL before using it The call to radeon_vm_clear_freed might clear bo_va->bo, so we have to check it before dereferencing it.
- CVE-2024-41059Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copy_name [syzbot reported] BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160 sized_strscpy+0xc4/0x160 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411 hfsplus_listxattr+0x11e9/0x
- CVE-2024-41048Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: skmsg: Skip zero length skb in sk_msg_recvmsg When running BPF selftests (./test_progs -t sockmap_basic) on a Loongarch platform, the following kernel panic occurs: [...] Oops[#1]: CPU: 22 PID: 2824 Comm
- CVE-2024-41044Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: ppp: reject claimed-as-LCP but actually malformed packets Since 'ppp_async_encode()' assumes valid LCP packets (with code from 1 to 7 inclusive), add 'ppp_check_packet()' to ensure that LCP packet has an actual
- CVE-2024-41035Jul 29, 2024affected < 4.12.14-122.228.1fixed 4.12.14-122.228.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor Syzbot has identified a bug in usbcore (see the Closes: tag below) caused by our assumption that the reserved bits in an endpoin
- CVE-2024-41020Jul 29, 2024affected < 4.12.14-122.228.1fixed 4.12.14-122.228.1
In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path When I wrote commit 3cad1bc01041 ("filelock: Remove locks reliably when fcntl/close race is detected"), I missed that there are two copies of the code I was p
- affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before me
- CVE-2024-41015Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2_check_dir_entry() This adds sanity checks for ocfs2_dir_entry to make sure all members of ocfs2_dir_entry don't stray beyond valid memory region.
- CVE-2024-41014Jul 29, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data There is a lack of verification of the space occupied by fixed members of xlog_op_header in the xlog_recover_process_data. We can create a crafted image to
Page 8 of 75