rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4
Vulnerabilities (2,888)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48711 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of the network topology. T | |
| CVE-2021-47620 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of while num_reports loop, and would fill journal with false positives. Added check to beginning of loop p | |
| CVE-2021-47619 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking f | |
| CVE-2021-47618 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, bef | |
| CVE-2021-47617 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after | |
| CVE-2021-47616 | Hig | 7.8 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxe_queue_cleanup On error handling path in rxe_qp_from_init() qp->sq.queue is freed and then rxe_create_qp() will drop last reference to this object. qp clean up function will try t | |
| CVE-2021-47614 | Hig | 7.8 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of | |
| CVE-2021-47612 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000 | |
| CVE-2021-47611 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify that the extended element ID is present. | |
| CVE-2021-47609 | Hig | 7.8 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tr | |
| CVE-2021-47608 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic fetch The change in commit 37086bfdc737 ("bpf: Propagate stack bounds to registers in atomics w/ BPF_FETCH") around check_mem_access() handling is buggy since this woul | |
| CVE-2021-47607 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val] | |
| CVE-2021-47603 | Med | 4.4 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditd_thread() could get blocked attempting to send audit records to the usersp | |
| CVE-2021-47602 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header. Syzbot repor | |
| CVE-2021-47601 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix an IS_ERR() vs NULL bug The __get_free_pages() function does not return error pointers it returns NULL so fix this condition to avoid a NULL dereference. | |
| CVE-2021-47600 | Hig | 7.8 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec(). | |
| CVE-2021-47598 | Hig | 7.8 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D | |
| CVE-2021-47597 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of i | |
| CVE-2021-47596 | Hig | 7.8 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg Currently, the hns3_remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client ins | |
| CVE-2021-47592 | Med | 5.5 | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress |
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of the network topology. T
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of while num_reports loop, and would fill journal with false positives. Added check to beginning of loop p
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking f
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, bef
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxe_queue_cleanup On error handling path in rxe_qp_from_init() qp->sq.queue is freed and then rxe_create_qp() will drop last reference to this object. qp clean up function will try t
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify that the extended element ID is present.
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tr
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic fetch The change in commit 37086bfdc737 ("bpf: Propagate stack bounds to registers in atomics w/ BPF_FETCH") around check_mem_access() handling is buggy since this woul
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val]
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditd_thread() could get blocked attempting to send audit records to the usersp
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header. Syzbot repor
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix an IS_ERR() vs NULL bug The __get_free_pages() function does not return error pointers it returns NULL so fix this condition to avoid a NULL dereference.
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec().
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of i
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg Currently, the hns3_remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client ins
- affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress
Page 99 of 145