VYPR

rpm package

suse/kernel-default&distro=SUSE Manager Server 4.3

pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Server%204.3

Vulnerabilities (1,907)

  • CVE-2021-47195Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called afte

  • CVE-2021-47194Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type If the userspace tools switch from NL80211_IFTYPE_P2P_GO to NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it does not call the cleanu

  • CVE-2021-47193Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix memory leak during rmmod Driver failed to release all memory allocated. This would lead to memory leak during driver removal. Properly free memory when the module is removed.

  • CVE-2021-47192Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix hang when device state is set via sysfs This fixes a regression added with: commit f0f82e2476f6 ("scsi: core: Fix capacity set to zero after offlinining device") The problem is that aft

  • CVE-2021-47191Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() The following warning was observed running syzkaller: [ 3813.830724] sg_write: data in/out 65466/242 bytes for SCSI command 0x9e-- guessing data in;

  • CVE-2021-47189Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory ordering between normal and ordered work functions Ordered work functions aren't guaranteed to be handled by the same thread which executed the normal work functions. The only way execution be

  • CVE-2021-47188Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Improve SCSI abort handling The following has been observed on a test setup: WARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c Call trace: ufshcd_queu

  • CVE-2021-47187Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings

  • CVE-2021-47185Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one: Workqueue: events_unbound

  • CVE-2021-47184Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40E_VSI_RELEASING flag to signalize deleting and releasing of VSI resources to syn

  • CVE-2021-47183Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix link down processing to address NULL pointer dereference If an FC link down transition while PLOGIs are outstanding to fabric well known addresses, outstanding ABTS requests may result in a NULL

  • CVE-2021-47182Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsi_mode_sense() buffer length handling Several problems exist with scsi_mode_sense() buffer length handling: 1) The allocation length field of the MODE SENSE(10) command is 16-bits, occu

  • CVE-2021-47181Apr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.

  • CVE-2024-26816MedApr 10, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is us

  • CVE-2024-26814Apr 5, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The

  • CVE-2024-26813Apr 5, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SET_IRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allo

  • CVE-2024-26808Apr 4, 2024
    affected < 5.14.21-150400.24.170.2fixed 5.14.21-150400.24.170.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic

  • CVE-2024-26800Apr 4, 2024
    affected < 5.14.21-150400.24.128.1fixed 5.14.21-150400.24.128.1

    In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns -EBUSY, tls_do_decryption will wait until all async decryptions have completed.

  • CVE-2024-26792Apr 4, 2024
    affected < 5.14.21-150400.24.119.1fixed 5.14.21-150400.24.119.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case there's an error committing the transaction. The second

  • CVE-2024-26782Apr 4, 2024
    affected < 5.14.21-150400.24.144.1fixed 5.14.21-150400.24.144.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin

Page 84 of 96