VYPR

rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (1,794)

  • CVE-2023-53484Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: lib: cpu_rmap: Avoid use after free on rmap->obj array entries When calling irq_set_affinity_notifier() with NULL at the notify argument, it will cause freeing of the glue pointer in the corresponding array ent

  • CVE-2023-53477Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Add lwtunnel encap size of all siblings in nexthop calculation In function rt6_nlmsg_size(), the length of nexthop is calculated by multipling the nexthop length of fib6_info and the number of siblings. H

  • CVE-2023-53476Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() This condition needs to match the previous "if (epcp->state == LISTEN) {" exactly to avoid a NULL dereference of either "listen_ep" or "ep

  • CVE-2023-53464Oct 1, 2025
    affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad ("scsi: iscsi: iscsi_tcp: Fix null-ptr-

  • CVE-2023-53456Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that qla4xxx parses nlattrs: - qla4xxx_set_chap_entry() - qla4xxx_iface_set_param() - qla4xxx_sysfs_ddb_set_param() and each of

  • CVE-2023-53454Oct 1, 2025
    affected < 4.12.14-122.290.1fixed 4.12.14-122.290.1

    In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would le

  • CVE-2023-53451Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate pointer before dereferencing the pointer.

  • CVE-2022-50443Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix it by

  • CVE-2022-50440Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimens

  • CVE-2022-50435Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid crash when inline data creation follows DIO write When inode is created and written to using direct IO, there is nothing to clear the EXT4_STATE_MAY_INLINE_DATA flag. Thus when inode gets truncated

  • CVE-2022-50434Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 (size 512): comm "insmod", pid 308021, jiffies 4324277909

  • CVE-2022-50432Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in __kernfs_remove Syzkaller managed to trigger concurrent calls to kernfs_remove_by_name_ns() for the same file resulting in a KASAN detected use-after-free. The race occurs when the

  • CVE-2022-50423Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() There is an use-after-free reported by KASAN: BUG: KASAN: use-after-free in acpi_ut_remove_reference+0x3b/0x82 Read of size 1 at addr ffff8

  • CVE-2022-50422Oct 1, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() When executing SMP task failed, the smp_execute_task_sg() calls del_timer() to delete "slow_task->timer". However, if the timer handler sas_task_int

  • CVE-2025-39923Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees When we don't have a clock specified in the device tree, we have no way to ensure the BAM is on. This is often the case for remotely-controll

  • CVE-2025-39913Oct 1, 2025
    affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1

    In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. syzbot reported the splat below. [0] The repro does the following: 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(

  • CVE-2025-39911Oct 1, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path If request_irq() in i40e_vsi_request_irq_msix() fails in an iteration later than the first, the error path wants to free the IRQs requested so far.

  • CVE-2025-39885Sep 23, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix recursive semaphore deadlock in fiemap call syzbot detected a OCFS2 hang due to a recursive semaphore on a FS_IOC_FIEMAP of the extent list on a specially crafted mmap file. context_switch kernel/sc

  • CVE-2025-39876Sep 23, 2025
    affected < 4.12.14-122.280.1fixed 4.12.14-122.280.1

    In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() The function of_phy_find_device may return NULL, so we need to take care before dereferencing phy_dev.

  • CVE-2025-39869Sep 23, 2025
    affected < 4.12.14-122.275.1fixed 4.12.14-122.275.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map Fix a critical memory allocation bug in edma_setup_from_hw() where queue_priority_map was allocated with insufficient memory. The code decl

Page 22 of 90