rpm package
suse/kernel-syms&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (1,878)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-38222 | Med | 5.5 | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4_prepare_inline_data When running the following code on an ext4 filesystem with inline_data feature enabled, it will lead to the bug below. fd = open("file1", O_RD | |
| CVE-2025-38214 | Med | 5.5 | < 4.12.14-122.272.1 | 4.12.14-122.272.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode() in fb_set_var() fails to allocate memory for fb_videomode, later it may lead to a null-ptr dereference in fb_videomod | |
| CVE-2025-38212 | Hig | 7.8 | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i | |
| CVE-2025-38198 | Hig | 7.8 | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the "store_modes" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in drivers/ | |
| CVE-2025-38192 | Med | 5.5 | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address | |
| CVE-2025-38211 | — | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction The commit 59c68ac31e15 ("iw_cm: free cm_id resources on the last deref") simplified cm_id resource management by freeing cm_id once all ref | ||
| CVE-2025-38200 | — | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer unde | ||
| CVE-2025-38193 | — | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: reject invalid perturb period Gerrard Tai reported that SFQ perturb_period has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to mak | ||
| CVE-2025-38190 | — | < 4.12.14-122.272.1 | 4.12.14-122.272.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: atm: Revert atm_account_tx() if copy_from_iter_full() fails. In vcc_sendmsg(), we account skb->truesize to sk->sk_wmem_alloc by atm_account_tx(). It is expected to be reverted by atm_pop_raw() later called by | ||
| CVE-2025-38185 | — | < 4.12.14-122.272.1 | 4.12.14-122.272.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcp_c_send(). syzbot reported the splat below. [0] vcc_sendmsg() copies data passed from userspace to skb and passes it to vcc->dev->ops->send(). atmtcp_c_send() acc | ||
| CVE-2025-38184 | — | < 4.12.14-122.272.1 | 4.12.14-122.272.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun tipc: Started i | ||
| CVE-2025-38181 | — | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_ | ||
| CVE-2025-38180 | — | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF. | ||
| CVE-2025-38177 | — | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca | ||
| CVE-2025-38174 | — | < 4.12.14-122.272.1 | 4.12.14-122.272.1 | Jul 4, 2025 | In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in tb_cfg_request_dequeue(): general protection fault, probably for non-canonical address 0xdead000000000122 CPU: 6 PID: | ||
| CVE-2025-38105 | Med | 5.5 | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active stat | |
| CVE-2025-38173 | — | < 4.12.14-122.272.1 | 4.12.14-122.272.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0. | ||
| CVE-2025-38166 | — | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:629! ...... [ 2172.944996] PKRU: 55555554 [ 2172.945155] Call Trace: [ 2172.94529 | ||
| CVE-2025-38161 | — | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction Upon RQ destruction if the firmware command fails which is the last resource to be destroyed some SW resources were already cleaned regardless | ||
| CVE-2025-38157 | — | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | Jul 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Abort software beacon handling if disabled A malicious USB device can send a WMI_SWBA_EVENTID event from an ath9k_htc-managed device before beaconing has been enabled. This causes a device-by-z |
- affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4_prepare_inline_data When running the following code on an ext4 filesystem with inline_data feature enabled, it will lead to the bug below. fd = open("file1", O_RD
- affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode() in fb_set_var() fails to allocate memory for fb_videomode, later it may lead to a null-ptr dereference in fb_videomod
- affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() i
- affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the "store_modes" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in drivers/
- affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address
- CVE-2025-38211Jul 4, 2025affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction The commit 59c68ac31e15 ("iw_cm: free cm_id resources on the last deref") simplified cm_id resource management by freeing cm_id once all ref
- CVE-2025-38200Jul 4, 2025affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer unde
- CVE-2025-38193Jul 4, 2025affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: reject invalid perturb period Gerrard Tai reported that SFQ perturb_period has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to mak
- CVE-2025-38190Jul 4, 2025affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1
In the Linux kernel, the following vulnerability has been resolved: atm: Revert atm_account_tx() if copy_from_iter_full() fails. In vcc_sendmsg(), we account skb->truesize to sk->sk_wmem_alloc by atm_account_tx(). It is expected to be reverted by atm_pop_raw() later called by
- CVE-2025-38185Jul 4, 2025affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcp_c_send(). syzbot reported the splat below. [0] vcc_sendmsg() copies data passed from userspace to skb and passes it to vcc->dev->ops->send(). atmtcp_c_send() acc
- CVE-2025-38184Jul 4, 2025affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1
In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun tipc: Started i
- CVE-2025-38181Jul 4, 2025affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). syzkaller reported a null-ptr-deref in sock_omalloc() while allocating a CALIPSO option. [0] The NULL is of struct sock, which was fetched by sk_to_
- CVE-2025-38180Jul 4, 2025affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF.
- CVE-2025-38177Jul 4, 2025affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() ca
- CVE-2025-38174Jul 4, 2025affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in tb_cfg_request_dequeue(): general protection fault, probably for non-canonical address 0xdead000000000122 CPU: 6 PID:
- affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active stat
- CVE-2025-38173Jul 3, 2025affected < 4.12.14-122.272.1fixed 4.12.14-122.272.1
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero-length skcipher requests Do not access random memory for zero-length skcipher requests. Just return 0.
- CVE-2025-38166Jul 3, 2025affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:629! ...... [ 2172.944996] PKRU: 55555554 [ 2172.945155] Call Trace: [ 2172.94529
- CVE-2025-38161Jul 3, 2025affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction Upon RQ destruction if the firmware command fails which is the last resource to be destroyed some SW resources were already cleaned regardless
- CVE-2025-38157Jul 3, 2025affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Abort software beacon handling if disabled A malicious USB device can send a WMI_SWBA_EVENTID event from an ath9k_htc-managed device before beaconing has been enabled. This causes a device-by-z
Page 40 of 94