VYPR

rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Vulnerabilities (1,486)

  • CVE-2022-48708May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_function() can return NULL and the pointer "function" was dereferenced without checking

  • CVE-2021-47431May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload.

  • CVE-2021-47425May 21, 2024
    affected < 4.12.14-122.228.1fixed 4.12.14-122.228.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a re

  • CVE-2021-47424May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a ker

  • CVE-2021-47423May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/debugfs: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked.

  • CVE-2021-47418May 21, 2024
    affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: fix NULL deref in fifo_set_limit() syzbot reported another NULL deref in fifo_set_limit() [1] I could repro the issue with : unshare -n tc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000

  • CVE-2021-47416May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported memory leak in MDIO bus interface, the problem was in wrong state logic. MDIOBUS_ALLOCATED indicates 2 states: 1. Bus is only allocated 2. Bus allocated and __mdiob

  • CVE-2021-47409May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.

  • CVE-2021-47407May 21, 2024
    affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle SRCU initialization failure during page track init Check the return of init_srcu_struct(), which can fail due to OOM, when initializing the page track mechanism. Lack of checking leads to a NU

  • CVE-2021-47405May 21, 2024
    affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1

    In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: free raw_report buffers in usbhid_stop Free the unsent raw_report buffers when the device is removed. Fixes a memory leak reported by syzbot at: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d

  • CVE-2021-47404May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malici

  • CVE-2021-47403May 21, 2024
    affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1

    In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix module reference leak A reference to the carrier module was taken on every open but was only released once when the final reference to the tty struct was dropped. Fix this by taking the mod

  • CVE-2021-47401May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information to user space (or trigge

  • CVE-2021-47400May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3_nic_net_open repeatedly hns3_nic_net_open() is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a

  • CVE-2021-47399May 21, 2024
    affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1

    In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup The ixgbe driver currently generates a NULL pointer dereference with some machine (online cpus < 63). This is due to the fact that the maximum value of num

  • CVE-2021-47397May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb We should always check if skb_header_pointer's return is NULL before using it, otherwise it may cause null-ptr-deref, as syzbot reported: K

  • CVE-2021-47395May 21, 2024
    affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1

    In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap Limit max values for vht mcs and nss in ieee80211_parse_tx_radiotap routine in order to fix the following warning reported by syzbot: WARNING

  • CVE-2021-47391May 21, 2024
    affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests The FSM can run in a circle allowing rdma_resolve_ip() to be called twice on the same id_priv. While this cannot happen without going thr

  • CVE-2021-47388May 21, 2024
    affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1

    In the Linux kernel, the following vulnerability has been resolved: mac80211: fix use-after-free in CCMP/GCMP RX When PN checking is done in mac80211, for fragmentation we need to copy the PN to the RX struct so we can later use it to do a comparison, since commit bf30ca922a0c

  • CVE-2021-47387May 21, 2024
    affected < 4.12.14-122.231.1fixed 4.12.14-122.231.1

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: schedutil: Use kobject release() method to free sugov_tunables The struct sugov_tunables is protected by the kobject, so we can't free it directly. Otherwise we would get a call trace like this: ODEB

Page 21 of 75