opensuse/kernel-default&distro=openSUSE Leap Micro 5.5

Vulnerabilities (928)

• CVE-2021-47588Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already called by register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() r

• CVE-2021-47587Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a g

• CVE-2021-47586Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup KASAN reports an out-of-bounds read in rk_gmac_setup on the line: while (ops->regs[i]) { This happens for most platforms since the regs flexible array mem

• CVE-2021-47585Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak in __add_inode_ref() Line 1169 (#3) allocates a memory chunk for victim_name by kmalloc(), but when the function returns in line 1184 (#4) victim_name allocated by line 1169 (#3) is not

• CVE-2021-47584Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: iocost: Fix divide-by-zero on donation from low hweight cgroup The donation calculation logic assumes that the donor has non-zero after-donation hweight, so the lowest active hweight a donating cgroup can have

• CVE-2021-47583Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutex_init() location Syzbot reported, that mxl111sf_ctrl_msg() uses uninitialized mutex. The problem was in wrong mutex_init() location. Previous mutex_init(&state->msg_lock) call was

• CVE-2021-47582Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: USB: core: Make do_proc_control() and do_proc_bulk() killable The USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke usb_start_wait_urb(), which contains an uninterruptible wait with a user-specified timeout valu

• CVE-2021-47580Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger va

• CVE-2021-47578Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Don't call kcalloc() if size arg is zero If the size arg to kcalloc() is zero, it returns ZERO_SIZE_PTR. Because of that, for a following NULL pointer check to work on the returned pointer, k

• CVE-2021-47577Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: io-wq: check for wq exit after adding new worker task_work We check IO_WQ_BIT_EXIT before attempting to create a new worker, and wq exit cancels pending work if we have any. But it's possible to have a race bet

• CVE-2021-47576Jun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() In resp_mode_select() sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40

• CVE-2024-38599HigJun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the x

• CVE-2024-38598MedJun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU

• CVE-2024-38596MedJun 19, 2024
  affected < 5.14.21-150500.55.83.1fixed 5.14.21-150500.55.83.1

  In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. In one data path, the write function unix_release_sock() atomically writes to sk->sk_shutdo

• CVE-2024-38587MedJun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof() vs ARRAY_SIZE() bug The "buf" pointer is an array of u16 values. This code should be using ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512), otherwise it can the still got o

• CVE-2024-38579MedJun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key

• CVE-2024-38578HigJun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for t

• CVE-2024-38567MedJun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a sp

• CVE-2024-38565MedJun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: enable proper endpoint verification Syzkaller reports [1] hitting a warning about an endpoint in use not having an expected type to it. Fix the issue by checking for the existence of all proper e

• CVE-2024-38560HigJun 19, 2024
  affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that