opensuse/kernel-default-base&distro=openSUSE Leap Micro 5.4

Vulnerabilities (578)

• CVE-2021-47108Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf In commit 41ca9caaae0b ("drm/mediatek: hdmi: Add check for CEA modes only") a check for CEA modes was added to function mtk_hdmi_bridge_mode_vali

• CVE-2021-47105Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: ice: xsk: return xsk buffers back to pool when cleaning the ring Currently we only NULL the xdp_buff pointer in the internal SW ring but we never give it back to the xsk buffer pool. This means that buffers can

• CVE-2021-47104Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() The wrong goto label was used for the error case and missed cleanup of the pkt allocation. Addresses-Coverity-ID: 1493352 ("Resource leak")

• CVE-2021-47102Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix incorrect structure access In line: upper = info->upper_dev; We access upper_dev field, which is related only for particular events (e.g. event == NETDEV_CHANGEUPPER). So, this line

• CVE-2021-47101Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than sizeof(smsr) bytes and in this case smsr will be uninitialized. Fail log: BUG: KMSAN: uninit-value in asix_check_host_enable driver

• CVE-2021-47100Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module Hi, When testing install and uninstall of ipmi_si.ko and ipmi_msghandler.ko, the system crashed. The log as follows: [ 141.087026] BUG: unable

• CVE-2021-47099Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: veth: ensure skb entering GRO are not cloned. After commit d3256efd8e8b ("veth: allow enabling NAPI even without XDP"), if GRO is enabled on a veth device and TSO is disabled on the peer device, TCP skbs will g

• CVE-2021-47098Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of temperature calculations") addressed a number of underflow situation

• CVE-2021-47097Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantech_change_report_id() The array param[] in elantech_change_report_id() must be at least 3 bytes, because elantech_read_reg_params() is calling ps2_comman

• CVE-2021-47096Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized user_pversion The user_pversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation.

• CVE-2021-47095Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: initialize ssif_info->client early During probe ssif_info->client is dereferenced in error path. However, it is set when some of the error checking has already been done. This causes following kerne

• CVE-2021-47094Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Don't advance iterator after restart due to yielding After dropping mmu_lock in the TDP MMU, restart the iterator during tdp_iter_next() and do not advance the iterator. Advancing the iterator re

• CVE-2021-47093Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel_pmc_core: fix memleak on registration failure In case device registration fails during module initialisation, the platform device structure needs to be freed using platform_device_put() to p

• CVE-2021-47091Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: mac80211: fix locking in ieee80211_start_ap error path We need to hold the local->mtx to release the channel context, as even encoded by the lockdep_assert_held() there. Fix it.

• CVE-2021-47087Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix incorrect page free bug Pointer to the allocated pages (struct page *page) has already progressed towards the end of allocation. It is incorrect to perform __free_pages(page, order) using this p

• CVE-2021-47083Mar 4, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: fix global-out-of-bounds issue When eint virtual eint number is greater than gpio number, it maybe produce 'desc[eint_n]' size globle-out-of-bounds issue.

• CVE-2021-47082Mar 4, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: tun: avoid double free in tun_free_netdev Avoid double free in tun_free_netdev() by moving the dev->tstats and tun->security allocs to a new ndo_init routine (tun_net_init()) that will be called by register_net

• CVE-2024-26622Mar 4, 2024
  affected < 5.14.21-150400.24.111.2.150400.24.52.1fixed 5.14.21-150400.24.111.2.150400.24.52.1

  In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested, we need to fetch head->write_buf after head->io_sem is held. Ot

• CVE-2023-52582Mar 2, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: netfs: Only call folio_start_fscache() one time for each folio If a network filesystem using netfs implements a clamp_length() function, it can set subrequest lengths smaller than a page size. When we loop thr

• CVE-2023-52576Mar 2, 2024
  affected < 5.14.21-150400.24.116.1.150400.24.54.5fixed 5.14.21-150400.24.116.1.150400.24.54.5

  In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer() The code calling ima_free_kexec_buffer() runs long after the memblock allocator has already been torn down, potentially resulting in a u