rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,617)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-42154 | — | < 5.14.21-150500.55.83.1.150500.6.37.1 | 5.14.21-150500.55.83.1.150500.6.37.1 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all (neither does it | ||
| CVE-2024-42152 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we know that a ctrl was allocated (in the admin connect request handler | ||
| CVE-2024-42148 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equ | ||
| CVE-2024-42145 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extra | ||
| CVE-2024-42142 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, ingress acl is used for three features. It is created only when vport metadata match and prio tag are enabled. But active-backup lag mode also uses | ||
| CVE-2024-42139 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper extts handling Extts events are disabled and enabled by the application ts2phc. However, in case where the driver is removed when the application is running, a specific extts event remains ena | ||
| CVE-2024-42137 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot Commit 272970be3dab ("Bluetooth: hci_qca: Fix driver shutdown on closed serdev") will cause below regression issue: BT can't be enabled | ||
| CVE-2024-42131 | — | < 5.14.21-150500.55.88.1.150500.6.39.4 | 5.14.21-150500.55.88.1.150500.6.39.4 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits). | ||
| CVE-2024-42127 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt handlers must be prepared to be called at any time. At driver removal time, the clocks are disabled early and th | ||
| CVE-2024-42126 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE int | ||
| CVE-2024-42124 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemptible Stop calling smp_processor_id() from preemptible code in qedf_execute_tmf90. This results in BUG_ON() when running an RT kernel. [ 659.343280] BUG: using sm | ||
| CVE-2024-42122 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL pointer check for kzalloc [Why & How] Check return pointer of kzalloc before using it. | ||
| CVE-2024-42121 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msg_id before read or write [WHAT] msg_id is used as an array index and it cannot be a negative value, and therefore cannot be equal to MOD_HDCP_MESSAGE_ID_INVALID (-1). [HOW] Chec | ||
| CVE-2024-42120 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity. | ||
| CVE-2024-42119 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY] ENGINE_ID_UNKNOWN = -1 and can not be used as an array index. Plus, it also means it is uninitialized and does not need free audio. [HOW] Sk | ||
| CVE-2024-42115 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2_free_inode During the stress testing of the jffs2 file system,the following abnormal printouts were found: [ 2430.649000] Unable to handle kernel paging requ | ||
| CVE-2024-42110 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() The following is emitted when using idxd (DSA) dmanegine as the data mover for ntb_transport that ntb_netdev uses. [74412.5469 | ||
| CVE-2024-42107 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if PTP is disabled The ice_ptp_extts_event() function can race with ice_ptp_release() and result in a NULL pointer dereference which leads to a kernel panic. Panic occurs because the i | ||
| CVE-2024-42106 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: inet_diag: Initialize pad field in struct inet_diag_req_v2 KMSAN reported uninit-value access in raw_lookup() [1]. Diag for raw sockets uses the pad field in struct inet_diag_req_v2 for the underlying protocol. | ||
| CVE-2024-42105 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | Jul 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix inode number range checks Patch series "nilfs2: fix potential issues related to reserved inodes". This series fixes one use-after-free issue reported by syzbot, caused by nilfs2's internal inode be |
- CVE-2024-42154Jul 30, 2024affected < 5.14.21-150500.55.83.1.150500.6.37.1fixed 5.14.21-150500.55.83.1.150500.6.37.1
In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all (neither does it
- CVE-2024-42152Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we know that a ctrl was allocated (in the admin connect request handler
- CVE-2024-42148Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equ
- CVE-2024-42145Jul 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extra
- CVE-2024-42142Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, ingress acl is used for three features. It is created only when vport metadata match and prio tag are enabled. But active-backup lag mode also uses
- CVE-2024-42139Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper extts handling Extts events are disabled and enabled by the application ts2phc. However, in case where the driver is removed when the application is running, a specific extts event remains ena
- CVE-2024-42137Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot Commit 272970be3dab ("Bluetooth: hci_qca: Fix driver shutdown on closed serdev") will cause below regression issue: BT can't be enabled
- CVE-2024-42131Jul 30, 2024affected < 5.14.21-150500.55.88.1.150500.6.39.4fixed 5.14.21-150500.55.88.1.150500.6.39.4
In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits).
- CVE-2024-42127Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt handlers must be prepared to be called at any time. At driver removal time, the clocks are disabled early and th
- CVE-2024-42126Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE int
- CVE-2024-42124Jul 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemptible Stop calling smp_processor_id() from preemptible code in qedf_execute_tmf90. This results in BUG_ON() when running an RT kernel. [ 659.343280] BUG: using sm
- CVE-2024-42122Jul 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL pointer check for kzalloc [Why & How] Check return pointer of kzalloc before using it.
- CVE-2024-42121Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msg_id before read or write [WHAT] msg_id is used as an array index and it cannot be a negative value, and therefore cannot be equal to MOD_HDCP_MESSAGE_ID_INVALID (-1). [HOW] Chec
- CVE-2024-42120Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity.
- CVE-2024-42119Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY] ENGINE_ID_UNKNOWN = -1 and can not be used as an array index. Plus, it also means it is uninitialized and does not need free audio. [HOW] Sk
- CVE-2024-42115Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: jffs2: Fix potential illegal address access in jffs2_free_inode During the stress testing of the jffs2 file system,the following abnormal printouts were found: [ 2430.649000] Unable to handle kernel paging requ
- CVE-2024-42110Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() The following is emitted when using idxd (DSA) dmanegine as the data mover for ntb_transport that ntb_netdev uses. [74412.5469
- CVE-2024-42107Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if PTP is disabled The ice_ptp_extts_event() function can race with ice_ptp_release() and result in a NULL pointer dereference which leads to a kernel panic. Panic occurs because the i
- CVE-2024-42106Jul 30, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: inet_diag: Initialize pad field in struct inet_diag_req_v2 KMSAN reported uninit-value access in raw_lookup() [1]. Diag for raw sockets uses the pad field in struct inet_diag_req_v2 for the underlying protocol.
- CVE-2024-42105Jul 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix inode number range checks Patch series "nilfs2: fix potential issues related to reserved inodes". This series fixes one use-after-free issue reported by syzbot, caused by nilfs2's internal inode be
Page 146 of 231