rpm package
suse/kernel-syms&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (1,878)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-53174 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to | ||
| CVE-2023-53165 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer. | ||
| CVE-2023-53153 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext Key information in wext.connect is not reset on (re)connect and can hold data from a previous connection. Reset key data to avoid that drivers or mac80211 incorrectl | ||
| CVE-2023-53151 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing writes, raid1 has cond_resched() while raid10 doesn't, and too many writes can cause s | ||
| CVE-2023-53150 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be dereferenced. Add a fix to validate rport before deref | ||
| CVE-2023-53149 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4_writepages() calls to avoid races with switching of journalled data flag or inode format. This lock can how | ||
| CVE-2023-53148 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between t | ||
| CVE-2023-53147 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn and x->preplay_esn should be allocated at xfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the xfrm_update_ae_params(... | ||
| CVE-2022-50258 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() This patch fixes a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument o | ||
| CVE-2022-50257 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the map_ops array would be invalid, whereas all of the entries in the kmap_ops arra | ||
| CVE-2022-50253 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb->len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb->len == 0 when we enter __dev_queue_xmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbu | ||
| CVE-2022-50252 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v | ||
| CVE-2022-50249 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease the refcount. | ||
| CVE-2022-50244 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() If device_register() fails in cxl_pci_afu|adapter(), the device is not added, device_unregister() can not be called in the error path, otherwise it | ||
| CVE-2022-50242 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() If vp alloc failed in qlcnic_sriov_init(), all previously allocated vp needs to be freed. | ||
| CVE-2022-50236 | — | < 4.12.14-122.280.1 | 4.12.14-122.280.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix crash on isr after kexec() If the system is rebooted via isr(), the IRQ handler might be triggered before the domain is initialized. Resulting on an invalid memory access error. Fix: [ 0 | ||
| CVE-2022-50235 | — | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument to prevent a buffer overflow attack. | ||
| CVE-2025-39800 | Med | 5.5 | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() If we find an unexpected generation for the extent buffer we are cloning at btrfs_copy_root(), we just WARN_ON() and don't error out and | |
| CVE-2025-40300 | Med | 5.5 | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already | |
| CVE-2025-39787 | Med | 5.5 | < 4.12.14-122.275.1 | 4.12.14-122.275.1 | Sep 11, 2025 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate |
- CVE-2023-53174Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() needs be freed. As the comment of device_add() says, put_device() should be used to
- CVE-2023-53165Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer.
- CVE-2023-53153Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext Key information in wext.connect is not reset on (re)connect and can hold data from a previous connection. Reset key data to avoid that drivers or mac80211 incorrectl
- CVE-2023-53151Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing writes, raid1 has cond_resched() while raid10 doesn't, and too many writes can cause s
- CVE-2023-53150Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be dereferenced. Add a fix to validate rport before deref
- CVE-2023-53149Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protecting ext4_writepages() calls to avoid races with switching of journalled data flag or inode format. This lock can how
- CVE-2023-53148Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between t
- CVE-2023-53147Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn and x->preplay_esn should be allocated at xfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the xfrm_update_ae_params(...
- CVE-2022-50258Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() This patch fixes a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument o
- CVE-2022-50257Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the map_ops array would be invalid, whereas all of the entries in the kmap_ops arra
- CVE-2022-50253Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb->len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb->len == 0 when we enter __dev_queue_xmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbu
- CVE-2022-50252Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential use-after-free condition under memory pressure. If the kzalloc() fails, q_vector will be freed but left in the original adapter->q_vector[v
- CVE-2022-50249Sep 15, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease the refcount.
- CVE-2022-50244Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() If device_register() fails in cxl_pci_afu|adapter(), the device is not added, device_unregister() can not be called in the error path, otherwise it
- CVE-2022-50242Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() If vp alloc failed in qlcnic_sriov_init(), all previously allocated vp needs to be freed.
- CVE-2022-50236Sep 15, 2025affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix crash on isr after kexec() If the system is rebooted via isr(), the IRQ handler might be triggered before the domain is initialized. Resulting on an invalid memory access error. Fix: [ 0
- CVE-2022-50235Sep 15, 2025affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument to prevent a buffer overflow attack.
- affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() If we find an unexpected generation for the extent buffer we are cloning at btrfs_copy_root(), we just WARN_ON() and don't error out and
- affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already
- affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate
Page 34 of 94