VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.5

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Vulnerabilities (4,617)

  • CVE-2021-47083Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: fix global-out-of-bounds issue When eint virtual eint number is greater than gpio number, it maybe produce 'desc[eint_n]' size globle-out-of-bounds issue.

  • CVE-2021-47082Mar 4, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: tun: avoid double free in tun_free_netdev Avoid double free in tun_free_netdev() by moving the dev->tstats and tun->security allocs to a new ndo_init routine (tun_net_init()) that will be called by register_net

  • CVE-2021-47086Mar 4, 2024
    affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

    In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl() implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problem

  • CVE-2024-26622Mar 4, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested, we need to fetch head->write_buf after head->io_sem is held. Ot

  • CVE-2023-52582Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: netfs: Only call folio_start_fscache() one time for each folio If a network filesystem using netfs implements a clamp_length() function, it can set subrequest lengths smaller than a page size. When we loop thr

  • CVE-2023-52581Mar 2, 2024
    affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before

  • CVE-2023-52580Mar 2, 2024
    affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

    In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETH_P_1588 flow dissector When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to __skb_flow_dissect, nhoff value calculation is wrong. For example:

  • CVE-2023-52576Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer() The code calling ima_free_kexec_buffer() runs long after the memblock allocator has already been torn down, potentially resulting in a u

  • CVE-2023-52574Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: team: fix null-ptr-deref when team device type is changed Get a null-ptr-deref bug as follows with reproducer [1]. BUG: kernel NULL pointer dereference, address: 0000000000000228 ... RIP: 0010:vlan_dev_hard_he

  • CVE-2023-52573Mar 2, 2024
    affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

    In the Linux kernel, the following vulnerability has been resolved: net: rds: Fix possible NULL-pointer dereference In rds_rdma_cm_event_handler_cmn() check, if conn pointer exists before dereferencing it as rdma_set_service_type() argument Found by Linux Verification Center (

  • CVE-2023-52572Mar 2, 2024
    affected < 5.14.21-150500.55.97.1fixed 5.14.21-150500.55.97.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifs_demultiplex_thread() There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/

  • CVE-2023-52569Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG() after failure to insert delayed dir index item Instead of calling BUG() when we fail to insert a delayed dir index item into the delayed node's tree, we can just release all the resources we

  • CVE-2023-52567Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: serial: 8250_port: Check IRQ data before use In case the leaf driver wants to use IRQ polling (irq = 0) and IIR register shows that an interrupt happened in the 8250 hardware the IRQ data can be NULL. In such a

  • CVE-2023-52566Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() In nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the reference count of bh when the call to nilfs_dat_translate() fails.

  • CVE-2023-52564Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" This reverts commit 9b9c8195f3f0d74a826077fc1c01b9ee74907239. The commit above is reverted as it did not solve the original issue. gsm_cleanup_mux() tries to fr

  • CVE-2023-52563Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix memory leak on ->hpd_notify callback The EDID returned by drm_bridge_get_edid() needs to be freed.

  • CVE-2023-52561Mar 2, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved Adding a reserved memory region for the framebuffer memory (the splash memory region set up by the bootloader). It fixes a kernel pan

  • CVE-2023-52559Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid memory allocation in iommu_suspend() The iommu_suspend() syscore suspend callback is invoked with IRQ disabled. Allocating memory with the GFP_KERNEL flag may re-enable IRQs during the suspend

  • CVE-2023-52518Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_codec: Fix leaking content of local_codecs The following memory leak can be observed when the controller supports codecs which are stored in local_codecs list but the elements are never freed: u

  • CVE-2023-52532Mar 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type (probably from a newer hardware), still free the SKB, update the queue tail, etc., otherwise the accounting will be wrong. Also, TX errors

Page 218 of 231