rpm package
suse/kernel-syms-azure&distro=SUSE Linux Enterprise Server 12 SP5
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Vulnerabilities (1,481)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-43866 | Med | 4.7 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health W | |
| CVE-2024-43863 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll->fence wait-> | |
| CVE-2024-43861 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive. | |
| CVE-2024-43856 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devres_destroy() to remove and free the data structure used to | |
| CVE-2024-43854 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being written media. For PI metadata this | |
| CVE-2024-43853 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgro | |
| CVE-2024-43839 | Hig | 7.8 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures To have enough space to write all possible sprintf() args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 ch | |
| CVE-2024-43831 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Handle invalid decoder vsi Handle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsi is valid for future use. | |
| CVE-2024-43819 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontr | |
| CVE-2024-42322 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression | |
| CVE-2024-42312 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize i_uid/i_gid Always initialize i_uid/i_gid inside the sysfs core so set_ownership() can safely skip setting them. Commit 5ec27ec735ba ("fs/proc/proc_sysctl.c: fix the default values of | |
| CVE-2024-42310 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on | |
| CVE-2024-42309 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer deref | |
| CVE-2024-42306 | Med | 5.5 | < 4.12.14-16.200.1 | 4.12.14-16.200.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruption while loading the bitmap and fail the allocation with error. However the next allocation fr | |
| CVE-2024-42305 | Med | 5.5 | < 4.12.14-16.200.1 | 4.12.14-16.200.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dx_root before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD | |
| CVE-2024-42301 | Hig | 7.8 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below i | |
| CVE-2024-42289 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: During vport delete send async logout explicitly During vport delete, it is observed that during unload we hit a crash because of stale entries in outstanding command array. For all these stale | |
| CVE-2024-42288 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly. Correctly dereference ICB | |
| CVE-2024-42287 | Med | 4.7 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Complete command early within lock A crash was observed while performing NPIV and FW reset, BUG: kernel NULL pointer dereference, address: 000000000000001c #PF: supervisor read access in kerne | |
| CVE-2024-42286 | Med | 5.5 | < 4.12.14-16.197.1 | 4.12.14-16.197.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvme_local_port correctly The driver load failed with error message, qla2xxx [0000:04:00.0]-ffff:0: register_localport failed: ret=ffffffef and with a kernel crash, BUG: unable to ha |
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health W
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll->fence wait->
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devres_destroy() to remove and free the data structure used to
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being written media. For PI metadata this
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. This can be reproduced by the following methods: 1.add an mdelay(1000) before acquiring the cgro
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures To have enough space to write all possible sprintf() args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 ch
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Handle invalid decoder vsi Handle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsi is valid for future use.
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontr
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize i_uid/i_gid Always initialize i_uid/i_gid inside the sysfs core so set_ownership() can safely skip setting them. Commit 5ec27ec735ba ("fs/proc/proc_sysctl.c: fix the default values of
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer deref
- affected < 4.12.14-16.200.1fixed 4.12.14-16.200.1
In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruption while loading the bitmap and fail the allocation with error. However the next allocation fr
- affected < 4.12.14-16.200.1fixed 4.12.14-16.200.1
In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dx_root before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below i
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: During vport delete send async logout explicitly During vport delete, it is observed that during unload we hit a crash because of stale entries in outstanding command array. For all these stale
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly. Correctly dereference ICB
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Complete command early within lock A crash was observed while performing NPIV and FW reset, BUG: kernel NULL pointer dereference, address: 000000000000001c #PF: supervisor read access in kerne
- affected < 4.12.14-16.197.1fixed 4.12.14-16.197.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvme_local_port correctly The driver load failed with error message, qla2xxx [0000:04:00.0]-ffff:0: register_localport failed: ret=ffffffef and with a kernel crash, BUG: unable to ha
Page 5 of 75