VYPR

rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Vulnerabilities (1,878)

  • CVE-2022-50459Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. isc

  • CVE-2022-50456Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt to resolve a logical address in th

  • CVE-2022-50453Oct 1, 2025
    affected < 4.12.14-122.296.1fixed 4.12.14-122.296.1

    In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbinding the GPIO device, then calling any of the system calls relevant to the GPIO char

  • CVE-2021-4460Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If get_num_sdma_queues or get_num_xgmi_sdma_queues is 0, we end up doing a shift operation where the number of bits shifted equals number of bits in the operand

  • CVE-2023-53484Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: lib: cpu_rmap: Avoid use after free on rmap->obj array entries When calling irq_set_affinity_notifier() with NULL at the notify argument, it will cause freeing of the glue pointer in the corresponding array ent

  • CVE-2023-53477Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Add lwtunnel encap size of all siblings in nexthop calculation In function rt6_nlmsg_size(), the length of nexthop is calculated by multipling the nexthop length of fib6_info and the number of siblings. H

  • CVE-2023-53476Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep

  • CVE-2023-53464Oct 1, 2025
    affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad ("scsi: iscsi: iscsi_tcp: Fix null-ptr-

  • CVE-2023-53456Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that qla4xxx parses nlattrs: - qla4xxx_set_chap_entry() - qla4xxx_iface_set_param() - qla4xxx_sysfs_ddb_set_param() and each of

  • CVE-2023-53454Oct 1, 2025
    affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1

    In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would le

  • CVE-2023-53451Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate pointer before dereferencing the pointer.

  • CVE-2022-50443Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix it by

  • CVE-2022-50440Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimens

  • CVE-2022-50435Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid crash when inline data creation follows DIO write When inode is created and written to using direct IO, there is nothing to clear the EXT4_STATE_MAY_INLINE_DATA flag. Thus when inode gets truncated

  • CVE-2022-50434Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 (size 512): comm "insmod", pid 308021, jiffies 4324277909

  • CVE-2022-50432Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in __kernfs_remove Syzkaller managed to trigger concurrent calls to kernfs_remove_by_name_ns() for the same file resulting in a KASAN detected use-after-free. The race occurs when the

  • CVE-2022-50423Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() There is an use-after-free reported by KASAN: BUG: KASAN: use-after-free in acpi_ut_remove_reference+0x3b/0x82 Read of size 1 at addr ffff8

  • CVE-2022-50422Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() When executing SMP task failed, the smp_execute_task_sg() calls del_timer() to delete "slow_task->timer". However, if the timer handler sas_task_int

  • CVE-2025-39913HigOct 1, 2025
    affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1

    In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. syzbot reported the splat below. [0] The repro does the following: 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(

  • CVE-2025-39923Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees When we don't have a clock specified in the device tree, we have no way to ensure the BAM is on. This is often the case for remotely-controll

Page 26 of 94