rpm package
suse/kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Vulnerabilities (1,350)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48626 | Hig | 7.8 | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and | |
| CVE-2021-46905 | Med | 5.5 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unco | |
| CVE-2021-46904 | Med | 5.5 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the n | |
| CVE-2024-26595 | Med | 5.5 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer | |
| CVE-2023-52463 | Med | 5.5 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as | |
| CVE-2023-52454 | Med | 5.5 | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel | |
| CVE-2024-26593 | Hig | 7.1 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to t | |
| CVE-2024-26589 | Hig | 7.8 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So th | |
| CVE-2024-26586 | Med | 6.7 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn, | |
| CVE-2023-52451 | Hig | 7.8 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array dlpar_memory_remove_by_index() may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC inde | |
| CVE-2023-52449 | Med | 5.5 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi->desc’ in gluebi_read | |
| CVE-2023-52448 | Med | 5.5 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump Syzkaller has reported a NULL pointer dereference when accessing rgd->rd_rgl in gfs2_rgrp_dump(). This can happen when creating rgd->rd_gl fails in r | |
| CVE-2023-52445 | Hig | 7.8 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on t | |
| CVE-2023-52443 | Med | 5.5 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}" a string | |
| CVE-2024-26585 | Med | 4.7 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling | |
| CVE-2024-26584 | Med | 5.5 | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES | |
| CVE-2024-26583 | Med | 4.7 | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch | |
| CVE-2023-52439 | Hig | 7.8 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ------------------------------------------------------- uio_unregister_device uio_open idev = idr_find() device_unregister(&idev->dev) put_device(&idev- | |
| CVE-2024-26581 | Hig | 7.8 | < 5.3.18-150300.59.164.1 | 5.3.18-150300.59.164.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not | |
| CVE-2023-52433 | Med | 4.4 | < 5.3.18-150300.59.164.1 | 5.3.18-150300.59.164.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path mig |
- affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unco
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the n
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as
- affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to t
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So th
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn,
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array dlpar_memory_remove_by_index() may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC inde
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi->desc’ in gluebi_read
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump Syzkaller has reported a NULL pointer dereference when accessing rgd->rd_rgl in gfs2_rgrp_dump(). This can happen when creating rgd->rd_gl fails in r
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on t
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}" a string
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling
- affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
- affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ------------------------------------------------------- uio_unregister_device uio_open idev = idr_find() device_unregister(&idev->dev) put_device(&idev-
- affected < 5.3.18-150300.59.164.1fixed 5.3.18-150300.59.164.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not
- affected < 5.3.18-150300.59.164.1fixed 5.3.18-150300.59.164.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path mig
Page 55 of 68