suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.2

Vulnerabilities (1,696)

• CVE-2021-47137Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: net: lantiq: fix memory corruption in RX ring In a situation where memory allocation or dma mapping fails, an invalid address is programmed into the descriptor. This can lead to memory corruption. If the memory

• CVE-2021-47136Mar 25, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: net: zero-initialize tc skb extension on allocation Function skb_ext_add() doesn't initialize created skb extension with any value and leaves it up to the user. However, since extension of type TC_SKB_EXT origi

• CVE-2024-26643MedMar 21, 2024
  affected < 5.3.18-150300.59.164.1.150300.18.96.1fixed 5.3.18-150300.59.164.1.150300.18.96.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it

• CVE-2024-26642MedMar 21, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.

• CVE-2021-47131Mar 15, 2024
  affected < 5.3.18-150300.59.161.1.150300.18.94.1fixed 5.3.18-150300.59.161.1.150300.18.94.1

  In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix use-after-free after the TLS device goes down and up When a netdev with active TLS offload goes down, tls_device_down is called to stop the offload and tear down the TLS context. However, the socke

• CVE-2021-47130Mar 15, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: nvmet: fix freeing unallocated p2pmem In case p2p device was found but the p2p pool is empty, the nvme target is still trying to free the sgl from the p2p pool instead of the regular sgl pool and causing a cras

• CVE-2021-47126Mar 15, 2024
  affected < 5.3.18-150300.59.170.1.150300.18.100.1fixed 5.3.18-150300.59.170.1.150300.18.100.1

  In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: git://git.kernel.org/pub/scm

• CVE-2021-47120Mar 15, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: fix NULL-deref on disconnect Commit 9d7b18668956 ("HID: magicmouse: add support for Apple Magic Trackpad 2") added a sanity check for an Apple trackpad but returned success instead of -ENODEV w

• CVE-2021-47119Mar 15, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_fill_super Buffer head references must be released before calling kill_bdev(); otherwise the buffer head (and its page referenced by b_data) will not be freed by kill_bdev, and sub

• CVE-2021-47118Mar 15, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing `cad_pid` During boot, kernel_init_freeable() initializes `cad_pid` to the init task's struct pid. Later on, we may change `cad_pid` via a sysctl, and when this happens

• CVE-2021-47117Mar 15, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault: [130747.323114] kernel BUG at fs/ext4/extents_status.c:762! [130747.323117

• CVE-2021-47114Mar 15, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with

• CVE-2021-47113Mar 15, 2024
  affected < 5.3.18-150300.59.161.1.150300.18.94.1fixed 5.3.18-150300.59.161.1.150300.18.94.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: abort in rename_exchange if we fail to insert the second ref Error injection stress uncovered a problem where we'd leave a dangling inode ref if we failed during a rename_exchange. This happens because

• CVE-2021-47112Mar 15, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features (Async PF, PV EOI, steal time) work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all

• CVE-2021-47110Mar 15, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machine_shutdown() hook and this only happens for boot CPU. We need to disable it for all CPUs to guard against memory corrup

• CVE-2021-47109Mar 15, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: neighbour: allow NUD_NOARP entries to be forced GCed IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's possible to fill up the neighbour table with enough entries that it will overflow for valid c

• CVE-2023-28746MedMar 14, 2024
  affected < 5.3.18-150300.59.153.2.150300.18.90.2fixed 5.3.18-150300.59.153.2.150300.18.90.2

  Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

• CVE-2023-52607Mar 6, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the p

• CVE-2023-52597Mar 6, 2024
  affected < 5.3.18-150300.59.153.2.150300.18.90.2fixed 5.3.18-150300.59.153.2.150300.18.90.2

  In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix setting of fpc register kvm_arch_vcpu_ioctl_set_fpu() allows to set the floating point control (fpc) register of a guest cpu. The new value is tested for validity by temporarily loading it into t

• CVE-2023-52591Mar 6, 2024
  affected < 5.3.18-150300.59.158.1.150300.18.92.5fixed 5.3.18-150300.59.158.1.150300.18.92.5

  In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change reiserfs rename code to avoid touching renamed directory if