suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.2

Vulnerabilities (1,696)

• CVE-2021-47174Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version Arturo reported this backtrace: [709732.358791] WARNING: CPU: 3 PID: 456 at arch/x86/kernel/fpu/core.c:128 kernel_fpu_be

• CVE-2021-47173Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced

• CVE-2021-47172Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug

• CVE-2021-47171Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [] kmall

• CVE-2021-47170Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large.

• CVE-2021-47169Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if th

• CVE-2021-47168Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because that's the size of the ->dat

• CVE-2021-47167Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oopsable condition in __nfs_pageio_add_request() Ensure that nfs_pageio_error_cleanup() resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also change th

• CVE-2021-47166Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list.

• CVE-2021-47165Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unabl

• CVE-2021-47164Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is witho

• CVE-2021-47163Mar 25, 2024
  affected < 5.3.18-150300.59.204.1.150300.18.122.1fixed 5.3.18-150300.59.204.1.150300.18.122.1

  In the Linux kernel, the following vulnerability has been resolved: tipc: wait and exit until all work queues are done On some host, a crash could be triggered simply by repeating these commands several times: # modprobe tipc # tipc bearer enable media udp name UDP1 locali

• CVE-2021-47161Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the error handling path of the probe function, as already done in the rem

• CVE-2021-47160Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: fix VLAN traffic leaks PCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but was not reset when it is disabled, which may cause traffic leaks: ip link add br0 type bridge v

• CVE-2021-47153Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunate

• CVE-2021-47150Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the memory

• CVE-2021-47142Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a use-after-free looks like we forget to set ttm->sg to NULL. Hit panic below [ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG

• CVE-2021-47141Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: gve: Add NULL pointer checks when freeing irqs. When freeing notification blocks, we index priv->msix_vectors. If we failed to allocate priv->msix_vectors (see abort_with_msix_vectors) this could lead to a NULL

• CVE-2021-47139Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: net: hns3: put off calling register_netdev() until client initialize complete Currently, the netdevice is registered before client initializing complete. So there is a timewindow between netdevice available and

• CVE-2021-47138Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these i