rpm package
opensuse/kernel-rt&distro=openSUSE Leap Micro 5.3
pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%20Micro%205.3
Vulnerabilities (676)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-51779 | Hig | 7.0 | < 5.14.21-150400.15.65.1 | 5.14.21-150400.15.65.1 | Feb 29, 2024 | bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. | |
| CVE-2021-47047 | — | < 5.14.21-150400.15.79.1 | 5.14.21-150400.15.79.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails The spi controller supports 44-bit address space on AXI in DMA mode, so set dma_addr_t width to 44-bit to avoid using a swiotlb mapping. In addition | ||
| CVE-2021-46936 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in tw_timer_handler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7 | ||
| CVE-2021-46934 | — | < 5.14.21-150400.15.71.1 | 5.14.21-150400.15.71.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i | ||
| CVE-2021-46933 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. ffs_data_clear is indirectly called from both ffs_fs_kill_sb and ffs_ep0_release, so it ends up being called twice when userland closes ep0 and then unmou | ||
| CVE-2021-46932 | — | < 5.14.21-150400.15.71.1 | 5.14.21-150400.15.71.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may hap | ||
| CVE-2021-46931 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5e_tx_reporter_dump_sq() casts its void * argument to struct mlx5e_txqsq *, but in TX-timeout-recovery flow the argument is actually o | ||
| CVE-2021-46930 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix list_head check warning This is caused by uninitialization of list_head. BUG: KASAN: use-after-free in __list_del_entry_valid+0x34/0xe4 Call trace: dump_backtrace+0x0/0x298 show_stack+0x24/0x34 | ||
| CVE-2021-46929 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free issue in sctp_sock_dump(): BUG: KASAN: use-after-free in __lock_acquire+0x36d9 | ||
| CVE-2021-46927 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assert After commit 5b78ed24e8ec ("mm/pagemap: add mmap_assert_locked() annotations to find_vma*()"), the call to get_user_pages() will trigger | ||
| CVE-2021-46926 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: harden detection of controller The existing code currently sets a pointer to an ACPI handle before checking that it's actually a SoundWire controller. This can lead to issues where th | ||
| CVE-2021-46925 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A crash occurs when smc_cdc_tx_handler() tries to access smc_sock but smc_release() has already freed it. [ 4570.695099] BUG: unable to handle page fault fo | ||
| CVE-2021-46924 | — | < 5.14.21-150400.15.71.1 | 5.14.21-150400.15.71.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in the error handling path and remove path, this cause memory leak as follows: unre | ||
| CVE-2021-46923 | — | < 5.14.21-150400.15.71.1 | 5.14.21-150400.15.71.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/mount_setattr: always cleanup mount_kattr Make sure that finish_mount_kattr() is called after mount_kattr was succesfully built in both the success and failure case to prevent leaking any references we took | ||
| CVE-2023-52474 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs whe | ||
| CVE-2019-25162 | — | < 5.14.21-150400.15.71.1 | 5.14.21-150400.15.71.1 | Feb 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde | ||
| CVE-2022-48626 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and | ||
| CVE-2023-52470 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref. | ||
| CVE-2023-52469 | — | < 5.14.21-150400.15.76.1 | 5.14.21-150400.15.76.1 | Feb 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t | ||
| CVE-2023-52467 | — | < 5.14.21-150400.15.71.1 | 5.14.21-150400.15.71.1 | Feb 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. |
- affected < 5.14.21-150400.15.65.1fixed 5.14.21-150400.15.65.1
bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
- CVE-2021-47047Feb 28, 2024affected < 5.14.21-150400.15.79.1fixed 5.14.21-150400.15.79.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails The spi controller supports 44-bit address space on AXI in DMA mode, so set dma_addr_t width to 44-bit to avoid using a swiotlb mapping. In addition
- CVE-2021-46936Feb 27, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in tw_timer_handler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7
- CVE-2021-46934Feb 27, 2024affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i
- CVE-2021-46933Feb 27, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. ffs_data_clear is indirectly called from both ffs_fs_kill_sb and ffs_ep0_release, so it ends up being called twice when userland closes ep0 and then unmou
- CVE-2021-46932Feb 27, 2024affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1
In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may hap
- CVE-2021-46931Feb 27, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5e_tx_reporter_dump_sq() casts its void * argument to struct mlx5e_txqsq *, but in TX-timeout-recovery flow the argument is actually o
- CVE-2021-46930Feb 27, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix list_head check warning This is caused by uninitialization of list_head. BUG: KASAN: use-after-free in __list_del_entry_valid+0x34/0xe4 Call trace: dump_backtrace+0x0/0x298 show_stack+0x24/0x34
- CVE-2021-46929Feb 27, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free issue in sctp_sock_dump(): BUG: KASAN: use-after-free in __lock_acquire+0x36d9
- CVE-2021-46927Feb 27, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assert After commit 5b78ed24e8ec ("mm/pagemap: add mmap_assert_locked() annotations to find_vma*()"), the call to get_user_pages() will trigger
- CVE-2021-46926Feb 27, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: harden detection of controller The existing code currently sets a pointer to an ACPI handle before checking that it's actually a SoundWire controller. This can lead to issues where th
- CVE-2021-46925Feb 27, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A crash occurs when smc_cdc_tx_handler() tries to access smc_sock but smc_release() has already freed it. [ 4570.695099] BUG: unable to handle page fault fo
- CVE-2021-46924Feb 27, 2024affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1
In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in the error handling path and remove path, this cause memory leak as follows: unre
- CVE-2021-46923Feb 27, 2024affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1
In the Linux kernel, the following vulnerability has been resolved: fs/mount_setattr: always cleanup mount_kattr Make sure that finish_mount_kattr() is called after mount_kattr was succesfully built in both the success and failure case to prevent leaking any references we took
- CVE-2023-52474Feb 26, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs whe
- CVE-2019-25162Feb 26, 2024affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1
In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde
- CVE-2022-48626Feb 25, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and
- CVE-2023-52470Feb 25, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.
- CVE-2023-52469Feb 25, 2024affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1
In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t
- CVE-2023-52467Feb 25, 2024affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1
In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
Page 23 of 34