rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.3
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
Vulnerabilities (3,014)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47359 | — | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix soft lockup during fsstress Below traces are observed during fsstress and system got hung. [ 130.698396] watchdog: BUG: soft lockup - CPU#6 stuck for 26s! | ||
| CVE-2020-36788 | — | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: avoid a use-after-free when BO init fails nouveau_bo_init() is backed by ttm_bo_init() and ferries its return code back to the caller. On failures, ttm_bo_init() invokes the provided destructor whi | ||
| CVE-2021-47358 | — | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: staging: greybus: uart: fix tty use after free User space can hold a tty open indefinitely and tty drivers must not release the underlying structures until the last user is gone. Switch to using the tty-port r | ||
| CVE-2024-35950 | Med | 5.5 | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo | |
| CVE-2024-35949 | — | < 5.14.21-150400.24.153.1 | 5.14.21-150400.24.153.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if | ||
| CVE-2024-35905 | Hig | 7.8 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflow | |
| CVE-2024-35895 | Med | 5.5 | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be in | |
| CVE-2024-35914 | — | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no common ancestor") added an error bail out path. However this path does not drop th | ||
| CVE-2024-35904 | — | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on | ||
| CVE-2024-35901 | — | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skb_over_panic mana_get_rxbuf_cfg() aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skb_ | ||
| CVE-2024-35878 | — | < 5.14.21-150400.24.128.1 | 5.14.21-150400.24.128.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which would cause a kernel oops in vsnprintf() since it only allows passing a NULL ptr | ||
| CVE-2024-35869 | — | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mounting and performing DFS failover by ensuring that all children from parent @tco | ||
| CVE-2024-35868 | — | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_write() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35867 | — | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35864 | — | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35863 | — | < 5.14.21-150400.24.122.2 | 5.14.21-150400.24.122.2 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35862 | — | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35861 | — | < 5.14.21-150400.24.125.1 | 5.14.21-150400.24.125.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-25742 | Med | 6.5 | < 5.14.21-150400.24.116.1 | 5.14.21-150400.24.116.1 | May 17, 2024 | In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES. | |
| CVE-2024-35840 | — | < 5.14.21-150400.24.170.2 | 5.14.21-150400.24.170.2 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mp |
- CVE-2021-47359May 21, 2024affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix soft lockup during fsstress Below traces are observed during fsstress and system got hung. [ 130.698396] watchdog: BUG: soft lockup - CPU#6 stuck for 26s!
- CVE-2020-36788May 21, 2024affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: avoid a use-after-free when BO init fails nouveau_bo_init() is backed by ttm_bo_init() and ferries its return code back to the caller. On failures, ttm_bo_init() invokes the provided destructor whi
- CVE-2021-47358May 21, 2024affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: staging: greybus: uart: fix tty use after free User space can hold a tty open indefinitely and tty drivers must not release the underlying structures until the last user is gone. Switch to using the tty-port r
- affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo
- CVE-2024-35949May 20, 2024affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflow
- affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be in
- CVE-2024-35914May 19, 2024affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no common ancestor") added an error bail out path. However this path does not drop th
- CVE-2024-35904May 19, 2024affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on
- CVE-2024-35901May 19, 2024affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skb_over_panic mana_get_rxbuf_cfg() aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skb_
- CVE-2024-35878May 19, 2024affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which would cause a kernel oops in vsnprintf() since it only allows passing a NULL ptr
- CVE-2024-35869May 19, 2024affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mounting and performing DFS failover by ensuring that all children from parent @tco
- CVE-2024-35868May 19, 2024affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_write() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35867May 19, 2024affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35864May 19, 2024affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35863May 19, 2024affected < 5.14.21-150400.24.122.2fixed 5.14.21-150400.24.122.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35862May 19, 2024affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35861May 19, 2024affected < 5.14.21-150400.24.125.1fixed 5.14.21-150400.24.125.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1
In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES.
- CVE-2024-35840May 17, 2024affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2
In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mp
Page 124 of 151