rpm package
suse/kernel-syms-rt&distro=SUSE Linux Enterprise Real Time 12 SP5
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5
Vulnerabilities (1,429)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52764 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in set_flicker Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit t | ||
| CVE-2023-52762 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtio_max_dma_size The following codes have an implicit conversion from size_t to u32: (u32)max_size = (size_t)virtio_max_dma_size(vdev); This may lead overflow, Ex (size_ | ||
| CVE-2023-52757 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All release_mid() callers seem to hold a reference of @mid so there is no need to call kref_put(&mid->refcount, __release_mid) under @server->mid_lock spi | ||
| CVE-2023-52754 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resource for the second interface imon driver probes two USB interfaces, and at the probe of the second interface, the driver assumes blindly that the first interface got boun | ||
| CVE-2023-52753 | — | < 4.12.14-10.194.1 | 4.12.14-10.194.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference of timing generator [Why & How] Check whether assigned timing generator is NULL or not before accessing its funcs to prevent NULL dereference. | ||
| CVE-2023-52752 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ | ||
| CVE-2022-48710 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix a possible null pointer dereference In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode | ||
| CVE-2023-52747 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Restore allocated resources on failed copyout Fix a resource leak if an error occurs. | ||
| CVE-2023-52743 | — | < 4.12.14-10.197.1 | 4.12.14-10.197.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Do not use WQ_MEM_RECLAIM flag for workqueue When both ice and the irdma driver are loaded, a warning in check_flush_dependency is being triggered. This is due to ice driver workqueue being allocated with | ||
| CVE-2023-52742 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: USB: Fix wrong-direction WARNING in plusb.c The syzbot fuzzer detected a bug in the plusb network driver: A zero-length control-OUT transfer was treated as a read instead of a write. In modern kernels thi | ||
| CVE-2023-52741 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix use-after-free in rdata->read_into_pages() When the network status is unstable, use-after-free may occur when read data from the server. BUG: KASAN: use-after-free in readpages_fill_pages+0x14c/0x7 | ||
| CVE-2023-52737 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This however can lead to a deadlock if | ||
| CVE-2023-52732 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ceph: blocklist the kclient when receiving corrupted snap trace When received corrupted snap trace we don't know what exactly has happened in MDS side. And we shouldn't continue IOs and metadatas access to MDS, | ||
| CVE-2023-52730 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can not release the resources, because the sdio function is not presented in these two | ||
| CVE-2023-52708 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mmc: mmc_spi: fix error handling in mmc_spi_probe() If mmc_add_host() fails, it doesn't need to call mmc_remove_host(), or it will cause null-ptr-deref, because of deleting a not added device in mmc_remove_host | ||
| CVE-2023-52703 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path syzbot reported that act_len in kalmia_send_init_packet() is uninitialized when passing it to the first usb_bulk_msg error path. Jiri Pirko noted t | ||
| CVE-2022-48708 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_function() can return NULL and the pointer "function" was dereferenced without checking | ||
| CVE-2021-47431 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload. | ||
| CVE-2021-47425 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a re | ||
| CVE-2021-47424 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a ker |
- CVE-2023-52764May 21, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in set_flicker Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit t
- CVE-2023-52762May 21, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtio_max_dma_size The following codes have an implicit conversion from size_t to u32: (u32)max_size = (size_t)virtio_max_dma_size(vdev); This may lead overflow, Ex (size_
- CVE-2023-52757May 21, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All release_mid() callers seem to hold a reference of @mid so there is no need to call kref_put(&mid->refcount, __release_mid) under @server->mid_lock spi
- CVE-2023-52754May 21, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resource for the second interface imon driver probes two USB interfaces, and at the probe of the second interface, the driver assumes blindly that the first interface got boun
- CVE-2023-52753May 21, 2024affected < 4.12.14-10.194.1fixed 4.12.14-10.194.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference of timing generator [Why & How] Check whether assigned timing generator is NULL or not before accessing its funcs to prevent NULL dereference.
- CVE-2023-52752May 21, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @
- CVE-2022-48710May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix a possible null pointer dereference In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode
- CVE-2023-52747May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Restore allocated resources on failed copyout Fix a resource leak if an error occurs.
- CVE-2023-52743May 21, 2024affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: ice: Do not use WQ_MEM_RECLAIM flag for workqueue When both ice and the irdma driver are loaded, a warning in check_flush_dependency is being triggered. This is due to ice driver workqueue being allocated with
- CVE-2023-52742May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net: USB: Fix wrong-direction WARNING in plusb.c The syzbot fuzzer detected a bug in the plusb network driver: A zero-length control-OUT transfer was treated as a read instead of a write. In modern kernels thi
- CVE-2023-52741May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix use-after-free in rdata->read_into_pages() When the network status is unstable, use-after-free may occur when read data from the server. BUG: KASAN: use-after-free in readpages_fill_pages+0x14c/0x7
- CVE-2023-52737May 21, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This however can lead to a deadlock if
- CVE-2023-52732May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: ceph: blocklist the kclient when receiving corrupted snap trace When received corrupted snap trace we don't know what exactly has happened in MDS side. And we shouldn't continue IOs and metadatas access to MDS,
- CVE-2023-52730May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can not release the resources, because the sdio function is not presented in these two
- CVE-2023-52708May 21, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: mmc: mmc_spi: fix error handling in mmc_spi_probe() If mmc_add_host() fails, it doesn't need to call mmc_remove_host(), or it will cause null-ptr-deref, because of deleting a not added device in mmc_remove_host
- CVE-2023-52703May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path syzbot reported that act_len in kalmia_send_init_packet() is uninitialized when passing it to the first usb_bulk_msg error path. Jiri Pirko noted t
- CVE-2022-48708May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_function() can return NULL and the pointer "function" was dereferenced without checking
- CVE-2021-47431May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload.
- CVE-2021-47425May 21, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a re
- CVE-2021-47424May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a ker
Page 21 of 72