rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS
Vulnerabilities (2,830)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47617 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after | ||
| CVE-2021-47616 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxe_queue_cleanup On error handling path in rxe_qp_from_init() qp->sq.queue is freed and then rxe_create_qp() will drop last reference to this object. qp clean up function will try t | ||
| CVE-2021-47614 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of | ||
| CVE-2021-47612 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000 | ||
| CVE-2021-47611 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify that the extended element ID is present. | ||
| CVE-2021-47609 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tr | ||
| CVE-2021-47608 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic fetch The change in commit 37086bfdc737 ("bpf: Propagate stack bounds to registers in atomics w/ BPF_FETCH") around check_mem_access() handling is buggy since this woul | ||
| CVE-2021-47607 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val] | ||
| CVE-2021-47603 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditd_thread() could get blocked attempting to send audit records to the usersp | ||
| CVE-2021-47602 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header. Syzbot repor | ||
| CVE-2021-47601 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix an IS_ERR() vs NULL bug The __get_free_pages() function does not return error pointers it returns NULL so fix this condition to avoid a NULL dereference. | ||
| CVE-2021-47600 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec(). | ||
| CVE-2021-47598 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D | ||
| CVE-2021-47597 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of i | ||
| CVE-2021-47596 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg Currently, the hns3_remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client ins | ||
| CVE-2021-47595 | — | < 5.14.21-150400.24.170.2.150400.24.86.2 | 5.14.21-150400.24.170.2.150400.24.86.2 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 | ||
| CVE-2021-47592 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress | ||
| CVE-2021-47589 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in `igbvf_probe` In `igbvf_probe`, if register_netdev() fails, the program will go to label err_hw_init, and then to label err_ioremap. In free_netdev() which is just below label err_iore | ||
| CVE-2021-47587 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a g | ||
| CVE-2021-47586 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup KASAN reports an out-of-bounds read in rk_gmac_setup on the line: while (ops->regs[i]) { This happens for most platforms since the regs flexible array mem |
- CVE-2021-47617Jun 20, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after
- CVE-2021-47616Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxe_queue_cleanup On error handling path in rxe_qp_from_init() qp->sq.queue is freed and then rxe_create_qp() will drop last reference to this object. qp clean up function will try t
- CVE-2021-47614Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of
- CVE-2021-47612Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000
- CVE-2021-47611Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify that the extended element ID is present.
- CVE-2021-47609Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tr
- CVE-2021-47608Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic fetch The change in commit 37086bfdc737 ("bpf: Propagate stack bounds to registers in atomics w/ BPF_FETCH") around check_mem_access() handling is buggy since this woul
- CVE-2021-47607Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val]
- CVE-2021-47603Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditd_thread() could get blocked attempting to send audit records to the usersp
- CVE-2021-47602Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header. Syzbot repor
- CVE-2021-47601Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix an IS_ERR() vs NULL bug The __get_free_pages() function does not return error pointers it returns NULL so fix this condition to avoid a NULL dereference.
- CVE-2021-47600Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec().
- CVE-2021-47598Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() method from init(), because core stack already does that. syzbot was able to trigger use after free: D
- CVE-2021-47597Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of i
- CVE-2021-47596Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg Currently, the hns3_remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client ins
- CVE-2021-47595Jun 19, 2024affected < 5.14.21-150400.24.170.2.150400.24.86.2fixed 5.14.21-150400.24.170.2.150400.24.86.2
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7
- CVE-2021-47592Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress
- CVE-2021-47589Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in `igbvf_probe` In `igbvf_probe`, if register_netdev() fails, the program will go to label err_hw_init, and then to label err_ioremap. In free_netdev() which is just below label err_iore
- CVE-2021-47587Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a g
- CVE-2021-47586Jun 19, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup KASAN reports an out-of-bounds read in rk_gmac_setup on the line: while (ops->regs[i]) { This happens for most platforms since the regs flexible array mem
Page 109 of 142