VYPR

rpm package

opensuse/kernel-default&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.5

Vulnerabilities (1,895)

  • CVE-2023-52590Mar 6, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change ocfs2 rename code to avoid touching renamed directory if its p

  • CVE-2023-52589Mar 6, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ disable race issue In rkisp1_isp_stop() and rkisp1_csi_disable() the driver masks the interrupts and then apparently assumes that the interrupt handler won't be running, and proceeds in t

  • CVE-2023-52587Mar 6, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the `priv->lock` while iterating the `priv->multicast_list` in `ipoib_mcast_join_task()` opens a window for `ipoib_mcast_dev_flush()` to remove the items while in the

  • CVE-2023-52586Mar 6, 2024
    affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add mutex lock in control vblank irq Add a mutex lock to control vblank irq to synchronize vblank enable/disable operations happening from different threads to prevent race conditions while registe

  • CVE-2023-52585Mar 6, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183 amdgpu

  • CVE-2023-52583Mar 6, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix deadlock or deadcode of misusing dget() The lock order is incorrect between denty and its parent, we should always make sure that the parent get the lock first. But since this deadcode is never used

  • CVE-2022-48630Mar 5, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'ma

  • CVE-2022-48629Mar 5, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - ensure buffer for generate is completely filled The generate function in struct rng_alg expects that the destination buffer is completely filled if the function returns 0. qcom_rng_read() can

  • CVE-2021-47107HigMar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix READDIR buffer overflow If a client sends a READDIR count argument that is too small (say, zero), then the buffer size calculation in the new init_dirlist helper functions results in an underflow, all

  • CVE-2021-47108Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf In commit 41ca9caaae0b ("drm/mediatek: hdmi: Add check for CEA modes only") a check for CEA modes was added to function mtk_hdmi_bridge_mode_vali

  • CVE-2021-47106Mar 4, 2024
    affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy() We need to use list_for_each_entry_safe() iterator because we can not access @catchall after kfree_rcu() call. syzbot reported: BUG: KASA

  • CVE-2021-47105Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: ice: xsk: return xsk buffers back to pool when cleaning the ring Currently we only NULL the xdp_buff pointer in the internal SW ring but we never give it back to the xsk buffer pool. This means that buffers can

  • CVE-2021-47104Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() The wrong goto label was used for the error case and missed cleanup of the pkt allocation. Addresses-Coverity-ID: 1493352 ("Resource leak")

  • CVE-2021-47103Mar 4, 2024
    affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

    In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk->sk_rx_dst to RCU rules syzbot reported various issues around early demux, one being included in this changelog [1] sk->sk_rx_dst is using RCU protection without clearly documenting it.

  • CVE-2021-47102Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix incorrect structure access In line: upper = info->upper_dev; We access upper_dev field, which is related only for particular events (e.g. event == NETDEV_CHANGEUPPER). So, this line

  • CVE-2021-47101Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than sizeof(smsr) bytes and in this case smsr will be uninitialized. Fail log: BUG: KMSAN: uninit-value in asix_check_host_enable driver

  • CVE-2021-47100Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module Hi, When testing install and uninstall of ipmi_si.ko and ipmi_msghandler.ko, the system crashed. The log as follows: [ 141.087026] BUG: unable

  • CVE-2021-47099Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: veth: ensure skb entering GRO are not cloned. After commit d3256efd8e8b ("veth: allow enabling NAPI even without XDP"), if GRO is enabled on a veth device and TSO is disabled on the peer device, TCP skbs will g

  • CVE-2021-47098Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of temperature calculations") addressed a number of underflow situation

  • CVE-2021-47097Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantech_change_report_id() The array param[] in elantech_change_report_id() must be at least 3 bytes, because elantech_read_reg_params() is calling ps2_comman

Page 78 of 95