VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.1

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Vulnerabilities (1,638)

  • CVE-2020-36789Apr 17, 2025
    affected < 5.3.18-150300.59.204.1fixed 5.3.18-150300.59.204.1

    In the Linux kernel, the following vulnerability has been resolved: can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context If a driver calls can_get_echo_skb() during a hardware IRQ (which is often, but not always, the case), the 'WARN_ON(in_irq)' in net/

  • CVE-2025-22121Apr 16, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() There's issue as follows: BUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz

  • CVE-2025-22055Apr 16, 2025
    affected < 5.3.18-150300.59.204.1fixed 5.3.18-150300.59.204.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink

  • CVE-2025-22045Apr 16, 2025
    affected < 5.3.18-150300.59.218.1fixed 5.3.18-150300.59.218.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs On the following path, flush_tlb_range() can be used for zapping normal PMD entries (PMD entries that point to page tables) together with the PTE

  • CVE-2025-22028Apr 16, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: media: vimc: skip .s_stream() for stopped entities Syzbot reported [1] a warning prompted by a check in call_s_stream() that checks whether .s_stream() operation is warranted for unstarted or stopped subdevs.

  • CVE-2025-22020Apr 16, 2025
    affected < 5.3.18-150300.59.204.1fixed 5.3.18-150300.59.204.1

    In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt

  • CVE-2025-22004Apr 3, 2025
    affected < 5.3.18-150300.59.204.1fixed 5.3.18-150300.59.204.1

    In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.

  • CVE-2025-21999Apr 3, 2025
    affected < 5.3.18-150300.59.207.1fixed 5.3.18-150300.59.207.1

    In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc

  • CVE-2025-21971Apr 1, 2025
    affected < 5.3.18-150300.59.218.1fixed 5.3.18-150300.59.218.1

    In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe

  • CVE-2025-21969Apr 1, 2025
    affected < 5.3.18-150300.59.221.1fixed 5.3.18-150300.59.221.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd After the hci sync command releases l2cap_conn, the hci receive data work queue references the released l2cap_conn when sending to the upper laye

  • CVE-2023-53033Mar 27, 2025
    affected < 5.3.18-150300.59.204.1fixed 5.3.18-150300.59.204.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits If the offset + length goes over the ethernet + vlan header, then the length is adjusted to copy the bytes that are within the bounda

  • CVE-2023-53026Mar 27, 2025
    affected < 5.3.18-150300.59.204.1fixed 5.3.18-150300.59.204.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the

  • CVE-2023-53024Mar 27, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, 2039f26f3aca ("bpf: Fix leakage due to insufficient speculative store bypass mitigation") inserts lfence ins

  • CVE-2023-53015Mar 27, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopff_init() only checks the total sum of the report counts for each report field to be at least 4, but hid_betopff_play() expects 4 report fields. A device advertisi

  • CVE-2023-53000Mar 27, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from __nla_validate_parse() or validate_nla() u16 type = nla_type(nla); if (type == 0 || type > maxtype)

  • CVE-2023-52974Mar 27, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress If during iscsi_sw_tcp_session_create() iscsi_tcp_r2tpool_alloc() fails, userspace could be accessing the host's ipaddress attr. If we th

  • CVE-2023-52973Mar 27, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF After a call to console_unlock() in vcs_read() the vc_data struct can be freed by vc_deallocate(). Because of that, the struct vc_data p

  • CVE-2022-49739Mar 27, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check inode size of inline inodes Check if the inode size of stuffed (inline) inodes is within the allowed range when reading inodes from disk (gfs2_dinode_in()). This prevents us from on-disk cor

  • CVE-2023-52935Mar 27, 2025
    affected < 5.3.18-150300.59.201.1fixed 5.3.18-150300.59.201.1

    In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix ->anon_vma race If an ->anon_vma is attached to the VMA, collapse_and_free_pmd() requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anon_vma lock (

  • CVE-2023-52927HigMar 14, 2025
    affected < 5.3.18-150300.59.215.1fixed 5.3.18-150300.59.215.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the ex

Page 14 of 82