rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (1,696)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52752 | — | < 5.3.18-150300.59.167.1.150300.18.98.1 | 5.3.18-150300.59.167.1.150300.18.98.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ | ||
| CVE-2022-48710 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix a possible null pointer dereference In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode | ||
| CVE-2023-52707 | — | < 5.3.18-150300.59.167.1.150300.18.98.1 | 5.3.18-150300.59.167.1.150300.18.98.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueu | ||
| CVE-2021-47431 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload. | ||
| CVE-2021-47428 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping into a 3: label inside the __GEN_COMMON_BODY macro for the normal path after it had finished, rather than jumping o | ||
| CVE-2021-47426 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jit_data Make sure to free jit_data through kfree() in the error path. | ||
| CVE-2021-47425 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a re | ||
| CVE-2021-47424 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a ker | ||
| CVE-2021-47423 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/debugfs: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. | ||
| CVE-2021-47422 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. | ||
| CVE-2021-47416 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported memory leak in MDIO bus interface, the problem was in wrong state logic. MDIOBUS_ALLOCATED indicates 2 states: 1. Bus is only allocated 2. Bus allocated and __mdiob | ||
| CVE-2021-47413 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle When passing 'phys' in the devicetree to describe the USB PHY phandle (which is the recommended way according to Documentation/devicetree/bindings/usb/ | ||
| CVE-2021-47409 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. | ||
| CVE-2021-47405 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: free raw_report buffers in usbhid_stop Free the unsent raw_report buffers when the device is removed. Fixes a memory leak reported by syzbot at: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d | ||
| CVE-2021-47404 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malici | ||
| CVE-2021-47402 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect fl_walk() with rcu Patch that refactored fl_walk() to use idr_for_each_entry_continue_ul() also removed rcu protection of individual filters which causes following use-after-free whe | ||
| CVE-2021-47399 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup The ixgbe driver currently generates a NULL pointer dereference with some machine (online cpus < 63). This is due to the fact that the maximum value of num | ||
| CVE-2021-47396 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our handling of the hrtimer here is wrong: If the timer fires late (e.g. due to vCPU sched | ||
| CVE-2021-47395 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap Limit max values for vht mcs and nss in ieee80211_parse_tx_radiotap routine in order to fix the following warning reported by syzbot: WARNING | ||
| CVE-2021-47393 | — | < 5.3.18-150300.59.164.1.150300.18.96.1 | 5.3.18-150300.59.164.1.150300.18.96.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sysfs. For example, setting current fan speed to 20 is used to enforce fan speed to |
- CVE-2023-52752May 21, 2024affected < 5.3.18-150300.59.167.1.150300.18.98.1fixed 5.3.18-150300.59.167.1.150300.18.98.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @
- CVE-2022-48710May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix a possible null pointer dereference In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode
- CVE-2023-52707May 21, 2024affected < 5.3.18-150300.59.167.1.150300.18.98.1fixed 5.3.18-150300.59.167.1.150300.18.98.1
In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueu
- CVE-2021-47431May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload.
- CVE-2021-47428May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping into a 3: label inside the __GEN_COMMON_BODY macro for the normal path after it had finished, rather than jumping o
- CVE-2021-47426May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jit_data Make sure to free jit_data through kfree() in the error path.
- CVE-2021-47425May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a re
- CVE-2021-47424May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a ker
- CVE-2021-47423May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/debugfs: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked.
- CVE-2021-47422May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked.
- CVE-2021-47416May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported memory leak in MDIO bus interface, the problem was in wrong state logic. MDIOBUS_ALLOCATED indicates 2 states: 1. Bus is only allocated 2. Bus allocated and __mdiob
- CVE-2021-47413May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle When passing 'phys' in the devicetree to describe the USB PHY phandle (which is the recommended way according to Documentation/devicetree/bindings/usb/
- CVE-2021-47409May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.
- CVE-2021-47405May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: free raw_report buffers in usbhid_stop Free the unsent raw_report buffers when the device is removed. Fixes a memory leak reported by syzbot at: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d
- CVE-2021-47404May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malici
- CVE-2021-47402May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect fl_walk() with rcu Patch that refactored fl_walk() to use idr_for_each_entry_continue_ul() also removed rcu protection of individual filters which causes following use-after-free whe
- CVE-2021-47399May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup The ixgbe driver currently generates a NULL pointer dereference with some machine (online cpus < 63). This is due to the fact that the maximum value of num
- CVE-2021-47396May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our handling of the hrtimer here is wrong: If the timer fires late (e.g. due to vCPU sched
- CVE-2021-47395May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap Limit max values for vht mcs and nss in ieee80211_parse_tx_radiotap routine in order to fix the following warning reported by syzbot: WARNING
- CVE-2021-47393May 21, 2024affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sysfs. For example, setting current fan speed to 20 is used to enforce fan speed to
Page 49 of 85