rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (2,888)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-36940 | Hig | 7.8 | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freei | |
| CVE-2024-36926 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI | |
| CVE-2024-36904 | Hig | 7.8 | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat | |
| CVE-2024-36899 | Hig | 7.0 | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed | |
| CVE-2024-36894 | Med | 5.6 | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() callback to dequeue pending USB requests submitted to the UDC. There is a scenario | |
| CVE-2023-52881 | Med | 5.5 | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The | |
| CVE-2023-52880 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADM | |
| CVE-2021-47571 | Hig | 7.8 | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that. | |
| CVE-2021-47565 | Hig | 7.8 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sas_target object is freed but its sdev object | |
| CVE-2021-47564 | Hig | 7.8 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] | |
| CVE-2021-47563 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpf_prog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndo_bpf op and VSI rebuild flow. The latter takes place for example when user changes queue | |
| CVE-2021-47562 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi->txq_map sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi->tx | |
| CVE-2021-47560 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not | |
| CVE-2021-47559 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() Coverity reports a possible NULL dereferencing problem: in smc_vlan_by_tcpsk(): 6. returned_null: netdev_lower_get_next returns NULL (checked 29 o | |
| CVE-2021-47558 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a k | |
| CVE-2021-47556 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce() ethtool_set_coalesce() now uses both the .get_coalesce() and .set_coalesce() callbacks. But the check for their availability is buggy, so chang | |
| CVE-2021-47555 | Med | 5.5 | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the real_dev refcnt Inject error before dev_hold(real_dev) in register_vlan_dev(), and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 | |
| CVE-2021-47554 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: avoid putting an uninitialized iova_domain The system will crash if we put an uninitialized iova_domain, this could happen when an error occurs before initializing the iova_domain in vdpasim_create(). | |
| CVE-2021-47553 | Hig | 7.8 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringup_cpu() To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left ar | |
| CVE-2021-47551 | Med | 6.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again In SRIOV configuration, the reset may failed to bring asic back to normal but stop cpsch already been called, the start_cpsch will not |
- affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freei
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI
- affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat
- affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed
- affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() callback to dequeue pending USB requests submitted to the UDC. There is a scenario
- affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADM
- affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that.
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sas_target object is freed but its sdev object
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1]
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpf_prog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndo_bpf op and VSI rebuild flow. The latter takes place for example when user changes queue
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi->txq_map sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi->tx
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect driver from buggy firmware When processing port up/down events generated by the device's firmware, the driver protects itself from events reported for non-existent local ports, but not
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() Coverity reports a possible NULL dereferencing problem: in smc_vlan_by_tcpsk(): 6. returned_null: netdev_lower_get_next returns NULL (checked 29 o
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a k
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce() ethtool_set_coalesce() now uses both the .get_coalesce() and .set_coalesce() callbacks. But the check for their availability is buggy, so chang
- affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the real_dev refcnt Inject error before dev_hold(real_dev) in register_vlan_dev(), and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: avoid putting an uninitialized iova_domain The system will crash if we put an uninitialized iova_domain, this could happen when an error occurs before initializing the iova_domain in vdpasim_create().
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringup_cpu() To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left ar
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again In SRIOV configuration, the reset may failed to bring asic back to normal but stop cpsch already been called, the start_cpsch will not
Page 101 of 145