VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise Micro 5.5

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Vulnerabilities (4,617)

  • CVE-2019-25162Feb 26, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde

  • CVE-2022-48626Feb 25, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and

  • CVE-2023-52470Feb 25, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.

  • CVE-2023-52469Feb 25, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t

  • CVE-2023-52467Feb 25, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

  • CVE-2024-26603Feb 24, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buffer was taken from fx_sw->xstate_size. fx_sw->xstate_size can be changed from user

  • CVE-2024-26602Feb 24, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize

  • CVE-2024-26601Feb 24, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on cod

  • CVE-2024-26600Feb 24, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This can happen on an idle Et

  • CVE-2023-52458MedFeb 23, 2024
    affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

    In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If th

  • CVE-2024-26599Feb 23, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in of_pwm_single_xlate() With args->args_count == 2 args->args[2] is not defined. Actually the flags are contained in args->args[1].

  • CVE-2024-26598Feb 23, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DI

  • CVE-2024-26597Feb 23, 2024
    affected < 5.14.21-150500.55.68.1fixed 5.14.21-150500.55.68.1

    In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below: =

  • CVE-2024-26595Feb 23, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer

  • CVE-2023-52464Feb 23, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx

  • CVE-2023-52463Feb 23, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as

  • CVE-2023-52462Feb 23, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: fix check for attempt to corrupt spilled pointer When register is spilled onto a stack as a 1/2/4-byte register, we set slot_type[BPF_REG_SIZE - 1] (plus potentially few more below it, depending on actual

  • CVE-2023-52457Feb 23, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback return

  • CVE-2023-52456Feb 23, 2024
    affected < 5.14.21-150500.55.52.1fixed 5.14.21-150500.55.52.1

    In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. When the TTY port is closed in th

  • CVE-2023-52454Feb 23, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel

Page 222 of 231