rpm package

suse/kernel-syms-rt&distro=SUSE Linux Enterprise Real Time 12 SP5

pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Vulnerabilities (1,429)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-27436	Med	5.5	< 4.12.14-10.188.1	4.12.14-10.188.1	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array.
CVE-2024-35791		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() Do the cache flush of converted pages in svm_register_enc_region() before dropping kvm->lock to fix use-after-free issues where regi
CVE-2024-27419	Med	4.7	< 4.12.14-10.188.1	4.12.14-10.188.1	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently.
CVE-2024-27410		—	< 4.12.14-10.191.1	4.12.14-10.191.1	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an
CVE-2024-27396	Hig	7.8	< 4.12.14-10.188.1	4.12.14-10.188.1	May 14, 2024	In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU gr
CVE-2024-27401		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 13, 2024	In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the user_length provided. If the length of the head packet exceeds the user_length,
CVE-2024-27399		—	< 4.12.14-10.191.1	4.12.14-10.191.1	May 13, 2024	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be
CVE-2024-27398		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 13, 2024	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection
CVE-2023-52655		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 13, 2024	In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeof(u64) the value passed to skb_trim() as length will wrap around ending up as some very large value. T
CVE-2021-34981		—	< 4.12.14-10.70.2	4.12.14-10.70.2	May 7, 2024	Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target s
CVE-2022-48704		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 3, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not b
CVE-2022-48695		—	< 4.12.14-10.182.1	4.12.14-10.182.1	May 3, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c
CVE-2022-48702		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 3, 2024	In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_a
CVE-2022-48701		—	< 4.12.14-10.182.1	4.12.14-10.182.1	May 3, 2024	In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-boun
CVE-2022-48697		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 3, 2024	In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr 0000607
CVE-2022-48688		—	< 4.12.14-10.182.1	4.12.14-10.182.1	May 3, 2024	In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately b
CVE-2022-48687		—	< 4.12.14-10.182.1	4.12.14-10.182.1	May 3, 2024	In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through
CVE-2022-48686		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 3, 2024	In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sy
CVE-2022-48672		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 3, 2024	In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which m
CVE-2024-27078	Med	5.5	< 4.12.14-10.182.1	4.12.14-10.182.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleak

CVE-2024-27436MedMay 17, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array.
CVE-2024-35791May 17, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() Do the cache flush of converted pages in svm_register_enc_region() before dropping kvm->lock to fix use-after-free issues where regi
CVE-2024-27419MedMay 17, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently.
CVE-2024-27410May 17, 2024
affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an
CVE-2024-27396HigMay 14, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU gr
CVE-2024-27401May 13, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the user_length provided. If the length of the head packet exceeds the user_length,
CVE-2024-27399May 13, 2024
affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be
CVE-2024-27398May 13, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection
CVE-2023-52655May 13, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeof(u64) the value passed to skb_trim() as length will wrap around ending up as some very large value. T
CVE-2021-34981May 7, 2024
affected < 4.12.14-10.70.2fixed 4.12.14-10.70.2
Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target s
CVE-2022-48704May 3, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not b
CVE-2022-48695May 3, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c
CVE-2022-48702May 3, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_a
CVE-2022-48701May 3, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-boun
CVE-2022-48697May 3, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350 Read of size 4 at addr 0000607
CVE-2022-48688May 3, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately b
CVE-2022-48687May 3, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through
CVE-2022-48686May 3, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the io_work loop when we set rd_enabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sy
CVE-2022-48672May 3, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which m
CVE-2024-27078MedMay 1, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleak

Page 30 of 72