rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS
Vulnerabilities (2,830)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52738 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini Currently amdgpu calls drm_sched_fini() from the fence driver sw fini routine - such function is expected to be called only after the respectiv | ||
| CVE-2023-52736 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of hda_ | ||
| CVE-2023-52730 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can not release the resources, because the sdio function is not presented in these two | ||
| CVE-2023-52708 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mmc: mmc_spi: fix error handling in mmc_spi_probe() If mmc_add_host() fails, it doesn't need to call mmc_remove_host(), or it will cause null-ptr-deref, because of deleting a not added device in mmc_remove_host | ||
| CVE-2023-52707 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueu | ||
| CVE-2023-52703 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path syzbot reported that act_len in kalmia_send_init_packet() is uninitialized when passing it to the first usb_bulk_msg error path. Jiri Pirko noted t | ||
| CVE-2023-52702 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() old_meter needs to be free after it is detached regardless of whether the new meter is successfully attached. | ||
| CVE-2022-48709 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: switch: fix potential memleak in ice_add_adv_recipe() When ice_add_special_words() fails, the 'rm' is not released, which will lead to a memory leak. Fix this up by going to 'err_unroll' label. Compile te | ||
| CVE-2022-48708 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_function() can return NULL and the pointer "function" was dereferenced without checking | ||
| CVE-2021-47431 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload. | ||
| CVE-2021-47430 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n Commit 3c73b81a9164 ("x86/entry, selftests: Further improve user entry sanity checks") added a warning if AC is set when in the kernel. Commit 66 | ||
| CVE-2021-47429 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unrecoverable MCE calling async handler from NMI The machine check handler is not considered NMI on 64s. The early handler is the true NMI handler, and then it schedules the machine_check_excep | ||
| CVE-2021-47428 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping into a 3: label inside the __GEN_COMMON_BODY macro for the normal path after it had finished, rather than jumping o | ||
| CVE-2021-47427 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsi_task use after free Commit d39df158518c ("scsi: iscsi: Have abort handler get ref to conn") added iscsi_get_conn()/iscsi_put_conn() calls during abort handling but then also changed the h | ||
| CVE-2021-47426 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jit_data Make sure to free jit_data through kfree() in the error path. | ||
| CVE-2021-47425 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a re | ||
| CVE-2021-47424 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a ker | ||
| CVE-2021-47423 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/debugfs: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. | ||
| CVE-2021-47422 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. | ||
| CVE-2021-47421 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume In current code, when a PCI error state pci_channel_io_normal is detectd, it will report PCI_ERS_RESULT_CAN_RECOVER status to PCI d |
- CVE-2023-52738May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini Currently amdgpu calls drm_sched_fini() from the fence driver sw fini routine - such function is expected to be called only after the respectiv
- CVE-2023-52736May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of hda_
- CVE-2023-52730May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can not release the resources, because the sdio function is not presented in these two
- CVE-2023-52708May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: mmc: mmc_spi: fix error handling in mmc_spi_probe() If mmc_add_host() fails, it doesn't need to call mmc_remove_host(), or it will cause null-ptr-deref, because of deleting a not added device in mmc_remove_host
- CVE-2023-52707May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueu
- CVE-2023-52703May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path syzbot reported that act_len in kalmia_send_init_packet() is uninitialized when passing it to the first usb_bulk_msg error path. Jiri Pirko noted t
- CVE-2023-52702May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() old_meter needs to be free after it is detached regardless of whether the new meter is successfully attached.
- CVE-2022-48709May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: ice: switch: fix potential memleak in ice_add_adv_recipe() When ice_add_special_words() fails, the 'rm' is not released, which will lead to a memory leak. Fix this up by going to 'err_unroll' label. Compile te
- CVE-2022-48708May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_function() can return NULL and the pointer "function" was dereferenced without checking
- CVE-2021-47431May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload.
- CVE-2021-47430May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n Commit 3c73b81a9164 ("x86/entry, selftests: Further improve user entry sanity checks") added a warning if AC is set when in the kernel. Commit 66
- CVE-2021-47429May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unrecoverable MCE calling async handler from NMI The machine check handler is not considered NMI on 64s. The early handler is the true NMI handler, and then it schedules the machine_check_excep
- CVE-2021-47428May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping into a 3: label inside the __GEN_COMMON_BODY macro for the normal path after it had finished, rather than jumping o
- CVE-2021-47427May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsi_task use after free Commit d39df158518c ("scsi: iscsi: Have abort handler get ref to conn") added iscsi_get_conn()/iscsi_put_conn() calls during abort handling but then also changed the h
- CVE-2021-47426May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jit_data Make sure to free jit_data through kfree() in the error path.
- CVE-2021-47425May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a re
- CVE-2021-47424May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a ker
- CVE-2021-47423May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/debugfs: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked.
- CVE-2021-47422May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked.
- CVE-2021-47421May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume In current code, when a PCI error state pci_channel_io_normal is detectd, it will report PCI_ERS_RESULT_CAN_RECOVER status to PCI d
Page 120 of 142