rpm package
opensuse/kernel-rt&distro=openSUSE Leap Micro 5.4
pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%20Micro%205.4
Vulnerabilities (571)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47537 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix a memleak bug in rvu_mbox_init() In rvu_mbox_init(), mbox_regions is not freed or passed out under the switch-default region, which could lead to a memory leak. Fix this bug by changing 'retu | ||
| CVE-2021-47536 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix wrong list_del in smc_lgr_cleanup_early smc_lgr_cleanup_early() meant to delete the link group from the link group list, but it deleted the list head by mistake. This may cause memory corruption s | ||
| CVE-2021-47535 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 ("drm/msm/a6xx: fix crashstate capture for A650") we changed a6xx_get_gmu_registers() to read 3 sets of registers. Unfortunately, we | ||
| CVE-2021-47534 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Add missing drm_crtc_commit_put Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a global state for the HVS, with each FIFO storing the current CRTC com | ||
| CVE-2021-47533 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Clear the HVS FIFO commit pointer once done Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a wait on the previous commit done on a given HVS FIFO. Ho | ||
| CVE-2021-47529 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Fix memory leaks in error handling path Should an error occur (invalid TLV len or memory allocation failure), the memory already allocated in 'reduce_power_data' should be freed before returning, other | ||
| CVE-2021-47528 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init() In cdnsp_endpoint_init(), cdnsp_ring_alloc() is assigned to pep->ring and there is a dereference of it in cdnsp_endpoint_init(), which could l | ||
| CVE-2021-47526 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: Fix NULL pointer dereference in ->remove() drvdata has to be set in _probe() - otherwise platform_get_drvdata() causes null pointer dereference BUG in _remove(). | ||
| CVE-2021-47525 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix use-after-free and memleak on unbind Deregister the port when unbinding the driver to prevent it from being used after releasing the driver data and leaking memory allocated by serial core | ||
| CVE-2021-47524 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix minor-number leak on probe errors Make sure to release the allocated minor number before returning on probe errors. | ||
| CVE-2021-47523 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr This buffer is currently allocated in hfi1_init(): if (reinit) ret = init_after_reset(dd); else ret = loadtime_init(dd); if (ret) goto done; /* allocate | ||
| CVE-2021-47522 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through uhid, there is a chance we don't have output reports and so report_field is null. | ||
| CVE-2021-47521 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in ems_pcmcia_add_card() If the last channel is not available then "dev" is freed. Fortunately, we can just use "pdev->irq" instead. Also we should check if at least one chann | ||
| CVE-2021-47520 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call n | ||
| CVE-2021-47518 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done The done() netlink callback nfc_genl_dump_ses_done() should check if received argument is non-NULL, because its allocation could fail earlier in d | ||
| CVE-2021-47516 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfp: Fix memory leak in nfp_cpp_area_cache_add() In line 800 (#1), nfp_cpp_area_alloc() allocates and initializes a CPP area structure. But in line 807 (#2), when the cache is allocated failed, this CPP area st | ||
| CVE-2021-47514 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcou | ||
| CVE-2021-47513 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering Avoid a memory leak if there is not a CPU port defined. Addresses-Coverity-ID: 1492897 ("Resource leak") Addresses-Coverity-ID: 1492899 ("Resource | ||
| CVE-2021-47511 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes only the positive values and handle them with size_ | ||
| CVE-2021-47510 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix re-dirty process of tree-log nodes There is a report of a transaction abort of -EAGAIN with the following script. #!/bin/sh for d in sda sdb; do mkfs.btrfs -d single -m single -f /dev |
- CVE-2021-47537May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix a memleak bug in rvu_mbox_init() In rvu_mbox_init(), mbox_regions is not freed or passed out under the switch-default region, which could lead to a memory leak. Fix this bug by changing 'retu
- CVE-2021-47536May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix wrong list_del in smc_lgr_cleanup_early smc_lgr_cleanup_early() meant to delete the link group from the link group list, but it deleted the list head by mistake. This may cause memory corruption s
- CVE-2021-47535May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 ("drm/msm/a6xx: fix crashstate capture for A650") we changed a6xx_get_gmu_registers() to read 3 sets of registers. Unfortunately, we
- CVE-2021-47534May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Add missing drm_crtc_commit_put Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a global state for the HVS, with each FIFO storing the current CRTC com
- CVE-2021-47533May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Clear the HVS FIFO commit pointer once done Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a wait on the previous commit done on a given HVS FIFO. Ho
- CVE-2021-47529May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Fix memory leaks in error handling path Should an error occur (invalid TLV len or memory allocation failure), the memory already allocated in 'reduce_power_data' should be freed before returning, other
- CVE-2021-47528May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init() In cdnsp_endpoint_init(), cdnsp_ring_alloc() is assigned to pep->ring and there is a dereference of it in cdnsp_endpoint_init(), which could l
- CVE-2021-47526May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: Fix NULL pointer dereference in ->remove() drvdata has to be set in _probe() - otherwise platform_get_drvdata() causes null pointer dereference BUG in _remove().
- CVE-2021-47525May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix use-after-free and memleak on unbind Deregister the port when unbinding the driver to prevent it from being used after releasing the driver data and leaking memory allocated by serial core
- CVE-2021-47524May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix minor-number leak on probe errors Make sure to release the allocated minor number before returning on probe errors.
- CVE-2021-47523May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr This buffer is currently allocated in hfi1_init(): if (reinit) ret = init_after_reset(dd); else ret = loadtime_init(dd); if (ret) goto done; /* allocate
- CVE-2021-47522May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through uhid, there is a chance we don't have output reports and so report_field is null.
- CVE-2021-47521May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in ems_pcmcia_add_card() If the last channel is not available then "dev" is freed. Fortunately, we can just use "pdev->irq" instead. Also we should check if at least one chann
- CVE-2021-47520May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call n
- CVE-2021-47518May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done The done() netlink callback nfc_genl_dump_ses_done() should check if received argument is non-NULL, because its allocation could fail earlier in d
- CVE-2021-47516May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: nfp: Fix memory leak in nfp_cpp_area_cache_add() In line 800 (#1), nfp_cpp_area_alloc() allocates and initializes a CPP area structure. But in line 807 (#2), when the cache is allocated failed, this CPP area st
- CVE-2021-47514May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcou
- CVE-2021-47513May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering Avoid a memory leak if there is not a CPU port defined. Addresses-Coverity-ID: 1492897 ("Resource leak") Addresses-Coverity-ID: 1492899 ("Resource
- CVE-2021-47511May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes only the positive values and handle them with size_
- CVE-2021-47510May 24, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix re-dirty process of tree-log nodes There is a report of a transaction abort of -EAGAIN with the following script. #!/bin/sh for d in sda sdb; do mkfs.btrfs -d single -m single -f /dev
Page 2 of 29