rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (1,696)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47670 | — | < 5.3.18-150300.59.204.1.150300.18.122.1 | 5.3.18-150300.59.204.1.150300.18.122.1 | Apr 17, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the peak_usb_netif_rx_ni(). | ||
| CVE-2021-47669 | — | < 5.3.18-150300.59.204.1.150300.18.122.1 | 5.3.18-150300.59.204.1.150300.18.122.1 | Apr 17, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: vxcan: vxcan_xmit: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the canfd_frame cfd which aliases skb memory is accessed after the netif_rx_ni(). | ||
| CVE-2021-47668 | — | < 5.3.18-150300.59.204.1.150300.18.122.1 | 5.3.18-150300.59.204.1.150300.18.122.1 | Apr 17, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the netif_rx_ni() in: sta | ||
| CVE-2020-36789 | — | < 5.3.18-150300.59.204.1.150300.18.122.1 | 5.3.18-150300.59.204.1.150300.18.122.1 | Apr 17, 2025 | In the Linux kernel, the following vulnerability has been resolved: can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context If a driver calls can_get_echo_skb() during a hardware IRQ (which is often, but not always, the case), the 'WARN_ON(in_irq)' in net/ | ||
| CVE-2025-22121 | — | < 5.3.18-150300.59.207.1.150300.18.124.1 | 5.3.18-150300.59.207.1.150300.18.124.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() There's issue as follows: BUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz | ||
| CVE-2025-22055 | — | < 5.3.18-150300.59.204.1.150300.18.122.1 | 5.3.18-150300.59.204.1.150300.18.122.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink | ||
| CVE-2025-22045 | — | < 5.3.18-150300.59.218.1.150300.18.130.1 | 5.3.18-150300.59.218.1.150300.18.130.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs On the following path, flush_tlb_range() can be used for zapping normal PMD entries (PMD entries that point to page tables) together with the PTE | ||
| CVE-2025-22028 | — | < 5.3.18-150300.59.207.1.150300.18.124.1 | 5.3.18-150300.59.207.1.150300.18.124.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: vimc: skip .s_stream() for stopped entities Syzbot reported [1] a warning prompted by a check in call_s_stream() that checks whether .s_stream() operation is warranted for unstarted or stopped subdevs. | ||
| CVE-2025-22020 | — | < 5.3.18-150300.59.204.1.150300.18.122.1 | 5.3.18-150300.59.204.1.150300.18.122.1 | Apr 16, 2025 | In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt | ||
| CVE-2025-22004 | — | < 5.3.18-150300.59.204.1.150300.18.122.1 | 5.3.18-150300.59.204.1.150300.18.122.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free. | ||
| CVE-2025-21999 | — | < 5.3.18-150300.59.207.1.150300.18.124.1 | 5.3.18-150300.59.207.1.150300.18.124.1 | Apr 3, 2025 | In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc | ||
| CVE-2025-21971 | — | < 5.3.18-150300.59.218.1.150300.18.130.1 | 5.3.18-150300.59.218.1.150300.18.130.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe | ||
| CVE-2025-21969 | — | < 5.3.18-150300.59.221.1.150300.18.132.1 | 5.3.18-150300.59.221.1.150300.18.132.1 | Apr 1, 2025 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd After the hci sync command releases l2cap_conn, the hci receive data work queue references the released l2cap_conn when sending to the upper laye | ||
| CVE-2023-53033 | — | < 5.3.18-150300.59.204.1.150300.18.122.1 | 5.3.18-150300.59.204.1.150300.18.122.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits If the offset + length goes over the ethernet + vlan header, then the length is adjusted to copy the bytes that are within the bounda | ||
| CVE-2023-53026 | — | < 5.3.18-150300.59.204.1.150300.18.122.1 | 5.3.18-150300.59.204.1.150300.18.122.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the | ||
| CVE-2023-53024 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, 2039f26f3aca ("bpf: Fix leakage due to insufficient speculative store bypass mitigation") inserts lfence ins | ||
| CVE-2023-53015 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopff_init() only checks the total sum of the report counts for each report field to be at least 4, but hid_betopff_play() expects 4 report fields. A device advertisi | ||
| CVE-2023-53000 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from __nla_validate_parse() or validate_nla() u16 type = nla_type(nla); if (type == 0 || type > maxtype) | ||
| CVE-2023-52983 | — | < 5.3.18-150300.59.235.1.150300.18.140.1 | 5.3.18-150300.59.235.1.150300.18.140.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bic_set_bfqq() After commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'"), bic->bfqq will be accessed in bic_set_bfqq(), however, in some context bic->bfqq will b | ||
| CVE-2023-52974 | — | < 5.3.18-150300.59.201.1.150300.18.120.1 | 5.3.18-150300.59.201.1.150300.18.120.1 | Mar 27, 2025 | In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress If during iscsi_sw_tcp_session_create() iscsi_tcp_r2tpool_alloc() fails, userspace could be accessing the host's ipaddress attr. If we th |
- CVE-2021-47670Apr 17, 2025affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1
In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the peak_usb_netif_rx_ni().
- CVE-2021-47669Apr 17, 2025affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1
In the Linux kernel, the following vulnerability has been resolved: can: vxcan: vxcan_xmit: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the canfd_frame cfd which aliases skb memory is accessed after the netif_rx_ni().
- CVE-2021-47668Apr 17, 2025affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_restart: fix use after free bug After calling netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the netif_rx_ni() in: sta
- CVE-2020-36789Apr 17, 2025affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context If a driver calls can_get_echo_skb() during a hardware IRQ (which is often, but not always, the case), the 'WARN_ON(in_irq)' in net/
- CVE-2025-22121Apr 16, 2025affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() There's issue as follows: BUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz
- CVE-2025-22055Apr 16, 2025affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1
In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink
- CVE-2025-22045Apr 16, 2025affected < 5.3.18-150300.59.218.1.150300.18.130.1fixed 5.3.18-150300.59.218.1.150300.18.130.1
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs On the following path, flush_tlb_range() can be used for zapping normal PMD entries (PMD entries that point to page tables) together with the PTE
- CVE-2025-22028Apr 16, 2025affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1
In the Linux kernel, the following vulnerability has been resolved: media: vimc: skip .s_stream() for stopped entities Syzbot reported [1] a warning prompted by a check in call_s_stream() that checks whether .s_stream() operation is warranted for unstarted or stopped subdevs.
- CVE-2025-22020Apr 16, 2025affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1
In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt
- CVE-2025-22004Apr 3, 2025affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.
- CVE-2025-21999Apr 3, 2025affected < 5.3.18-150300.59.207.1.150300.18.124.1fixed 5.3.18-150300.59.207.1.150300.18.124.1
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc
- CVE-2025-21971Apr 1, 2025affected < 5.3.18-150300.59.218.1.150300.18.130.1fixed 5.3.18-150300.59.218.1.150300.18.130.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
- CVE-2025-21969Apr 1, 2025affected < 5.3.18-150300.59.221.1.150300.18.132.1fixed 5.3.18-150300.59.221.1.150300.18.132.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd After the hci sync command releases l2cap_conn, the hci receive data work queue references the released l2cap_conn when sending to the upper laye
- CVE-2023-53033Mar 27, 2025affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits If the offset + length goes over the ethernet + vlan header, then the length is adjusted to copy the bytes that are within the bounda
- CVE-2023-53026Mar 27, 2025affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the
- CVE-2023-53024Mar 27, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, 2039f26f3aca ("bpf: Fix leakage due to insufficient speculative store bypass mitigation") inserts lfence ins
- CVE-2023-53015Mar 27, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopff_init() only checks the total sum of the report counts for each report field to be at least 4, but hid_betopff_play() expects 4 report fields. A device advertisi
- CVE-2023-53000Mar 27, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from __nla_validate_parse() or validate_nla() u16 type = nla_type(nla); if (type == 0 || type > maxtype)
- CVE-2023-52983Mar 27, 2025affected < 5.3.18-150300.59.235.1.150300.18.140.1fixed 5.3.18-150300.59.235.1.150300.18.140.1
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bic_set_bfqq() After commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'"), bic->bfqq will be accessed in bic_set_bfqq(), however, in some context bic->bfqq will b
- CVE-2023-52974Mar 27, 2025affected < 5.3.18-150300.59.201.1.150300.18.120.1fixed 5.3.18-150300.59.201.1.150300.18.120.1
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress If during iscsi_sw_tcp_session_create() iscsi_tcp_r2tpool_alloc() fails, userspace could be accessing the host's ipaddress attr. If we th
Page 21 of 85