VYPR

rpm package

opensuse/kernel-default&distro=openSUSE Leap Micro 5.4

pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%20Micro%205.4

Vulnerabilities (578)

  • CVE-2021-47463May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page->mapping dereference in page_is_secretmem() Check for a NULL page->mapping before dereferencing the mapping in page_is_secretmem(), as the page's mapping can be nullified while gup()

  • CVE-2021-47462May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind() syzbot reported access to unitialized memory in mbind() [1] Issue came with commit bda420b98505 ("numa balancing: migrate on fau

  • CVE-2021-47461May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a race between writeprotect and exit_mmap() A race is possible when a process exits, its VMAs are removed by exit_mmap() and at the same time userfaultfd_writeprotect() is called. The race was

  • CVE-2021-47460May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 conversion from inline inode f

  • CVE-2021-47459May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv It will trigger UAF for rx_kref of j1939_priv as following. cpu0 cpu1 j1939_sk_bind(socket0, ndev0

  • CVE-2021-47458May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an ocfs2 filesystem with either o2cb or pcmk cluster stack fails with the trace below. Probl

  • CVE-2021-47457May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible() Using wait_event_interruptible() to wait for complete transmission, but do not check the result of wait_event_interruptible() which c

  • CVE-2021-47456May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module peek_pci, referencing 'chan' again after releasing 'dev' will cause UAF. Fix this by releasing 'dev' later. The following log reveals it: [

  • CVE-2021-47455May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptp_clock_register() I got memory leak as follows when doing fault injection test: unreferenced object 0xffff88800906c618 (size 8): comm "i2c-idt82p33931", pid 4421, jiffies

  • CVE-2021-47454May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPT_COUNT=y, when a CPU is offlined and then onlined again, we get: BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks h

  • CVE-2021-47453May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: ice: Avoid crash from unnecessary IDA free In the remove path, there is an attempt to free the aux_idx IDA whether it was allocated or not. This can potentially cause a crash when unloading the driver on syste

  • CVE-2021-47452May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: skip netdev events generated on netns removal syzbot reported following (harmless) WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nft_netdev_unregister_hooks net/netfilter

  • CVE-2021-47451May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value Currently, when the rule related to IDLETIMER is added, idletimer_tg timer structure is initialized by kmalloc on executing idlet

  • CVE-2021-47450May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host's stage-2 PGD is current

  • CVE-2021-47449May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e ("ice: add lock around Tx timestamp tracker flush") added a lock around the Tx timestamp tracker flow which is used to cleanup any left over

  • CVE-2021-47448May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg() recvmsg() can enter an infinite loop if the caller provides the MSG_WAITALL, the data present in the receive queue is not sufficient to fulfill the request, and no more da

  • CVE-2021-47447May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/a3xx: fix error handling in a3xx_gpu_init() These error paths returned 1 on failure, instead of a negative error code. This would lead to an Oops in the caller. A second problem is that the check for

  • CVE-2021-47446May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/a4xx: fix error handling in a4xx_gpu_init() This code returns 1 on error instead of a negative error. It leads to an Oops in the caller. A second problem is that the check for "if (ret != -ENODATA)" c

  • CVE-2021-47445May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null pointer dereference on pointer edp The initialization of pointer dev dereferences pointer edp before edp is null checked, so there is a potential null pointer deference issue. Fix this by only

  • CVE-2021-47444May 22, 2024
    affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2

    In the Linux kernel, the following vulnerability has been resolved: drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read In commit e11f5bd8228f ("drm: Add support for DP 1.4 Compliance edid corruption test") the function connector_bad_edid() started assuming that

Page 5 of 29