rpm package
suse/kernel-syms&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
Vulnerabilities (1,878)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-53114 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Dec 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is reported to be a cause of a rando | ||
| CVE-2024-53112 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Dec 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_tra | ||
| CVE-2024-53104 | — | KEV | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Dec 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra | |
| CVE-2023-52922 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Nov 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153 | ||
| CVE-2024-53101 | Med | 5.5 | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Nov 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initiali | |
| CVE-2024-8805 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Nov 22, 2024 | BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific | ||
| CVE-2024-53057 | Hig | 7.8 | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create | |
| CVE-2024-53088 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under hea | ||
| CVE-2024-53085 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according, as this leaves window for tpm_hwrng_read() to be called while the operation is | ||
| CVE-2024-53066 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decode_getfattr_attrs() Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: [B]=BAD_PAGE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) ==== | ||
| CVE-2024-53063 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_ | ||
| CVE-2024-53061 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, re | ||
| CVE-2024-53058 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In case the non-paged data of a SKB carries protocol header and protocol payload to be transmitted on a certain platform that the DMA AXI ad | ||
| CVE-2024-50304 | — | < 4.12.14-122.250.1 | 4.12.14-122.250.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL mutex and ip_tunnel_find() is only called from the control path where the mutex | ||
| CVE-2024-50302 | Med | 5.5 | KEV | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak k |
| CVE-2024-50301 | Hig | 7.1 | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uid_eq | |
| CVE-2024-50299 | Med | 5.5 | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address | |
| CVE-2024-50296 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel crash occurs. The reason is that the two actions call function pci_disable_sriov | ||
| CVE-2024-50290 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that. | ||
| CVE-2024-50289 | — | < 4.12.14-122.237.1 | 4.12.14-122.237.1 | Nov 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap) There is a spectre-r |
- CVE-2024-53114Dec 2, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is reported to be a cause of a rando
- CVE-2024-53112Dec 2, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_tra
- affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra
- CVE-2023-52922Nov 28, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153
- affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initiali
- CVE-2024-8805Nov 22, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific
- affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create
- CVE-2024-53088Nov 19, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under hea
- CVE-2024-53085Nov 19, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according, as this leaves window for tpm_hwrng_read() to be called while the operation is
- CVE-2024-53066Nov 19, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decode_getfattr_attrs() Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: [B]=BAD_PAGE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) ====
- CVE-2024-53063Nov 19, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_
- CVE-2024-53061Nov 19, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, re
- CVE-2024-53058Nov 19, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In case the non-paged data of a SKB carries protocol header and protocol payload to be transmitted on a certain platform that the DMA AXI ad
- CVE-2024-50304Nov 19, 2024affected < 4.12.14-122.250.1fixed 4.12.14-122.250.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL mutex and ip_tunnel_find() is only called from the control path where the mutex
- affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak k
- affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uid_eq
- affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address
- CVE-2024-50296Nov 19, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel crash occurs. The reason is that the two actions call function pci_disable_sriov
- CVE-2024-50290Nov 19, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that.
- CVE-2024-50289Nov 19, 2024affected < 4.12.14-122.237.1fixed 4.12.14-122.237.1
In the Linux kernel, the following vulnerability has been resolved: media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap) There is a spectre-r
Page 78 of 94