rpm package
opensuse/kernel-rt&distro=openSUSE Leap Micro 5.4
pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%20Micro%205.4
Vulnerabilities (571)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47485 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all t | ||
| CVE-2021-47484 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix possible null pointer dereference. This patch fixes possible null pointer dereference in files "rvu_debugfs.c" and "rvu_nix.c" | ||
| CVE-2021-47483 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: regmap: Fix possible double-free in regcache_rbtree_exit() In regcache_rbtree_insert_to_block(), when 'present' realloc failed, the 'blk' which is supposed to assign to 'rbnode->block' will be freed, so 'rbnode | ||
| CVE-2021-47482 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was in wrong error handling in batadv_mesh_init(). Before this patch batadv_mesh_init() was calling bata | ||
| CVE-2021-47481 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally the zero fill would hide the missing initialization, but an errant set to desc_size in reg_create() causes a crash: BUG: unable to handle | ||
| CVE-2021-47480 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to make sure that the low-level device driver module won't be unloaded before SC | ||
| CVE-2021-47479 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use-after-free in rtl8712_dl_fw Syzbot reported use-after-free in rtl8712_dl_fw(). The problem was in race condition between r871xu_dev_remove() ->ndo_open() callback. It's easy to see fr | ||
| CVE-2021-47478 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: isofs: Fix out of bound access for corrupted isofs image When isofs image is suitably corrupted isofs_read_inode() can read data beyond the end of buffer. Sanity-check the directory entry length before using it | ||
| CVE-2021-47477 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and must not be allocated on the stack or transfers will fail. Allocate proper transfer buffers in the various command | ||
| CVE-2021-47476 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: comedi: ni_usb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed trans | ||
| CVE-2021-47475 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix transfer-buffer overflows The driver uses endpoint-sized USB transfer buffers but up until recently had no sanity checks on the sizes. Commit e1f13c879a7c ("staging: comedi: check validity | ||
| CVE-2021-47474 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix bulk-buffer overflow The driver is using endpoint-sized buffers but must not assume that the tx and rx buffers are of equal size or a malicious device could overflow the slab-allocated rece | ||
| CVE-2021-47473 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() Commit 8c0eb596baa5 ("[SCSI] qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()"), intended to change: bsg_j | ||
| CVE-2021-47471 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference crash on unload The mxsfb->crtc.funcs may already be NULL when unloading the driver, in which case calling mxsfb_irq_disable() via drm_irq_uninstall() from mxsfb_unload( | ||
| CVE-2021-47470 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential use-after-free in slab_debugfs_fops When sysfs_slab_add failed, we shouldn't call debugfs_slab_add() for s because s will be freed soon. And slab_debugfs_fops will use s later leading t | ||
| CVE-2021-47468 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card->isac.release() function from an atomic context. Fix this by calling this function after releasing the lock. The followi | ||
| CVE-2021-47467 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfree_at_end The reference counting issue happens in the normal path of kfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the function forgets to handle the retu | ||
| CVE-2021-47466 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential memoryleak in kmem_cache_open() In error path, the random_seq of slub cache might be leaked. Fix this by using __kmem_cache_release() to release all the relevant resources. | ||
| CVE-2021-47465 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() In commit 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") kvm_start_guest() became idle_kvm_start_guest(). The old code allocate | ||
| CVE-2021-47464 | — | < 5.14.21-150400.15.82.1 | 5.14.21-150400.15.82.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: audit: fix possible null-pointer dereference in audit_filter_rules Fix possible null-pointer dereference in audit_filter_rules. audit_filter_rules() error: we previously assumed 'ctx' could be null |
- CVE-2021-47485May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all t
- CVE-2021-47484May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix possible null pointer dereference. This patch fixes possible null pointer dereference in files "rvu_debugfs.c" and "rvu_nix.c"
- CVE-2021-47483May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: regmap: Fix possible double-free in regcache_rbtree_exit() In regcache_rbtree_insert_to_block(), when 'present' realloc failed, the 'blk' which is supposed to assign to 'rbnode->block' will be freed, so 'rbnode
- CVE-2021-47482May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was in wrong error handling in batadv_mesh_init(). Before this patch batadv_mesh_init() was calling bata
- CVE-2021-47481May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally the zero fill would hide the missing initialization, but an errant set to desc_size in reg_create() causes a crash: BUG: unable to handle
- CVE-2021-47480May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to make sure that the low-level device driver module won't be unloaded before SC
- CVE-2021-47479May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use-after-free in rtl8712_dl_fw Syzbot reported use-after-free in rtl8712_dl_fw(). The problem was in race condition between r871xu_dev_remove() ->ndo_open() callback. It's easy to see fr
- CVE-2021-47478May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: isofs: Fix out of bound access for corrupted isofs image When isofs image is suitably corrupted isofs_read_inode() can read data beyond the end of buffer. Sanity-check the directory entry length before using it
- CVE-2021-47477May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and must not be allocated on the stack or transfers will fail. Allocate proper transfer buffers in the various command
- CVE-2021-47476May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: comedi: ni_usb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed trans
- CVE-2021-47475May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix transfer-buffer overflows The driver uses endpoint-sized USB transfer buffers but up until recently had no sanity checks on the sizes. Commit e1f13c879a7c ("staging: comedi: check validity
- CVE-2021-47474May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix bulk-buffer overflow The driver is using endpoint-sized buffers but must not assume that the tx and rx buffers are of equal size or a malicious device could overflow the slab-allocated rece
- CVE-2021-47473May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() Commit 8c0eb596baa5 ("[SCSI] qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()"), intended to change: bsg_j
- CVE-2021-47471May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference crash on unload The mxsfb->crtc.funcs may already be NULL when unloading the driver, in which case calling mxsfb_irq_disable() via drm_irq_uninstall() from mxsfb_unload(
- CVE-2021-47470May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential use-after-free in slab_debugfs_fops When sysfs_slab_add failed, we shouldn't call debugfs_slab_add() for s because s will be freed soon. And slab_debugfs_fops will use s later leading t
- CVE-2021-47468May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card->isac.release() function from an atomic context. Fix this by calling this function after releasing the lock. The followi
- CVE-2021-47467May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfree_at_end The reference counting issue happens in the normal path of kfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the function forgets to handle the retu
- CVE-2021-47466May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential memoryleak in kmem_cache_open() In error path, the random_seq of slub cache might be leaked. Fix this by using __kmem_cache_release() to release all the relevant resources.
- CVE-2021-47465May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() In commit 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") kvm_start_guest() became idle_kvm_start_guest(). The old code allocate
- CVE-2021-47464May 22, 2024affected < 5.14.21-150400.15.82.1fixed 5.14.21-150400.15.82.1
In the Linux kernel, the following vulnerability has been resolved: audit: fix possible null-pointer dereference in audit_filter_rules Fix possible null-pointer dereference in audit_filter_rules. audit_filter_rules() error: we previously assumed 'ctx' could be null
Page 4 of 29