rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.3
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
Vulnerabilities (3,014)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47449 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e ("ice: add lock around Tx timestamp tracker flush") added a lock around the Tx timestamp tracker flow which is used to cleanup any left over | ||
| CVE-2021-47448 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg() recvmsg() can enter an infinite loop if the caller provides the MSG_WAITALL, the data present in the receive queue is not sufficient to fulfill the request, and no more da | ||
| CVE-2021-47447 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/a3xx: fix error handling in a3xx_gpu_init() These error paths returned 1 on failure, instead of a negative error code. This would lead to an Oops in the caller. A second problem is that the check for | ||
| CVE-2021-47446 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/a4xx: fix error handling in a4xx_gpu_init() This code returns 1 on error instead of a negative error. It leads to an Oops in the caller. A second problem is that the check for "if (ret != -ENODATA)" c | ||
| CVE-2021-47445 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null pointer dereference on pointer edp The initialization of pointer dev dereferences pointer edp before edp is null checked, so there is a potential null pointer deference issue. Fix this by only | ||
| CVE-2021-47444 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read In commit e11f5bd8228f ("drm: Add support for DP 1.4 Compliance edid corruption test") the function connector_bad_edid() started assuming that | ||
| CVE-2021-47443 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() 'params' is allocated in digital_tg_listen_mdaa(), but not free when digital_send_cmd() failed, which will cause memory leak. Fix it by freeing | ||
| CVE-2021-47442 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digital_in_send_sdd_req() 'skb' is allocated in digital_in_send_sdd_req(), but not free when digital_in_send_cmd() failed, which will cause memory leak. Fix it by freei | ||
| CVE-2021-47441 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type m | ||
| CVE-2021-47440 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devm_regmap_init_encx24j600 devm_regmap_init may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing regi | ||
| CVE-2021-47439 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Added the condition for scheduling ksz_mib_read_work When the ksz module is installed and removed using rmmod, kernel crashes with null pointer dereferrence error. During rmmod, ksz_switch_ | ||
| CVE-2021-47438 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path Prior to this patch in case mlx5_core_destroy_cq() failed it returns without completing all destroy operations and that leads to memory leak. Inst | ||
| CVE-2021-47437 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: adis16475: fix deadlock on frequency set With commit 39c024b51b560 ("iio: adis16475: improve sync scale mode handling"), two deadlocks were introduced: 1) The call to 'adis_write_reg_16()' was not changed | ||
| CVE-2021-47436 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 ("usb: musb: musb_dsps: request_irq() after initializing musb") has inverted the calls to dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() | ||
| CVE-2021-47435 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result i | ||
| CVE-2021-47434 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at [6:63] bits of the command ring control register (CRCR). All the control bits like command stop, abort a | ||
| CVE-2021-47433 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfs_replace_file_extents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the | ||
| CVE-2023-52878 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_skb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a | ||
| CVE-2023-52877 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() It is possible that typec_register_partner() returns ERR_PTR on failure. When port->partner is an error, a NULL pointer dereference may occur as | ||
| CVE-2023-52876 | — | < 5.14.21-150400.24.122.2.150400.24.58.2 | 5.14.21-150400.24.122.2.150400.24.58.2 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. |
- CVE-2021-47449May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e ("ice: add lock around Tx timestamp tracker flush") added a lock around the Tx timestamp tracker flow which is used to cleanup any left over
- CVE-2021-47448May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg() recvmsg() can enter an infinite loop if the caller provides the MSG_WAITALL, the data present in the receive queue is not sufficient to fulfill the request, and no more da
- CVE-2021-47447May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a3xx: fix error handling in a3xx_gpu_init() These error paths returned 1 on failure, instead of a negative error code. This would lead to an Oops in the caller. A second problem is that the check for
- CVE-2021-47446May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a4xx: fix error handling in a4xx_gpu_init() This code returns 1 on error instead of a negative error. It leads to an Oops in the caller. A second problem is that the check for "if (ret != -ENODATA)" c
- CVE-2021-47445May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null pointer dereference on pointer edp The initialization of pointer dev dereferences pointer edp before edp is null checked, so there is a potential null pointer deference issue. Fix this by only
- CVE-2021-47444May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read In commit e11f5bd8228f ("drm: Add support for DP 1.4 Compliance edid corruption test") the function connector_bad_edid() started assuming that
- CVE-2021-47443May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() 'params' is allocated in digital_tg_listen_mdaa(), but not free when digital_send_cmd() failed, which will cause memory leak. Fix it by freeing
- CVE-2021-47442May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digital_in_send_sdd_req() 'skb' is allocated in digital_in_send_sdd_req(), but not free when digital_in_send_cmd() failed, which will cause memory leak. Fix it by freei
- CVE-2021-47441May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type m
- CVE-2021-47440May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devm_regmap_init_encx24j600 devm_regmap_init may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing regi
- CVE-2021-47439May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Added the condition for scheduling ksz_mib_read_work When the ksz module is installed and removed using rmmod, kernel crashes with null pointer dereferrence error. During rmmod, ksz_switch_
- CVE-2021-47438May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path Prior to this patch in case mlx5_core_destroy_cq() failed it returns without completing all destroy operations and that leads to memory leak. Inst
- CVE-2021-47437May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: iio: adis16475: fix deadlock on frequency set With commit 39c024b51b560 ("iio: adis16475: improve sync scale mode handling"), two deadlocks were introduced: 1) The call to 'adis_write_reg_16()' was not changed
- CVE-2021-47436May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 ("usb: musb: musb_dsps: request_irq() after initializing musb") has inverted the calls to dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev()
- CVE-2021-47435May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result i
- CVE-2021-47434May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at [6:63] bits of the command ring control register (CRCR). All the control bits like command stop, abort a
- CVE-2021-47433May 22, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfs_replace_file_extents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the
- CVE-2023-52878May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_skb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a
- CVE-2023-52877May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() It is possible that typec_register_partner() returns ERR_PTR on failure. When port->partner is an error, a NULL pointer dereference may occur as
- CVE-2023-52876May 21, 2024affected < 5.14.21-150400.24.122.2.150400.24.58.2fixed 5.14.21-150400.24.122.2.150400.24.58.2
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.
Page 116 of 151