suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5

Vulnerabilities (4,617)

• CVE-2024-38602Jun 19, 2024
  affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6

  In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference count leak issue of the object "ax25_dev". Memory leak issue in ax25_addr_ax25dev(): The

• CVE-2024-38601Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new pag

• CVE-2024-38600Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection In snd_card_disconnect(), we set card->shutdown flag at the beginning, call callbacks and do sync for card->power_ref_sleep waiters at the end. The callb

• CVE-2024-38597Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndo_poll_controller to avoid deadlocks Erhard reports netpoll warnings from sungem: netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398) WARNING: CPU:

• CVE-2024-38594Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: net: stmmac: move the EST lock to struct stmmac_priv Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To addre

• CVE-2024-38591Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix deadlock on SRQ async events. xa_lock for SRQ table may be required in AEQ. Use xa_store_irq()/ xa_erase_irq() to avoid deadlock.

• CVE-2024-38590Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Modify the print level of CQE error Too much print may lead to a panic in kernel. Change ibdev_err() to ibdev_err_ratelimited(), and change the printing level of cqe dump to debug level.

• CVE-2024-38588Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix possible use-after-free issue in ftrace_location() KASAN reports a bug: BUG: KASAN: use-after-free in ftrace_location+0x90/0x120 Read of size 8 at addr ffff888141d40010 by task insmod/424 CPU

• CVE-2024-38586Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring b

• CVE-2024-38583Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of timer for log writer thread Patch series "nilfs2: fix log writer related issues". This bug fix series covers three nilfs2 log writer-related issues, including a timer use-after-fr

• CVE-2024-38582Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential hang in nilfs_detach_log_writer() Syzbot has reported a potential hang in nilfs_detach_log_writer() called during nilfs2 unmount. Analysis revealed that this is because nilfs_segctor_sync

• CVE-2024-38581Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue Delete fence fallback timer to fix the ramdom use-after-free issue. v2: move to amdgpu_mes.c

• CVE-2024-38580Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: epoll: be better about file lifetimes epoll can call out to vfs_poll() with a file pointer that may race with the last 'fput()'. That would make f_count go down to zero, and while the ep->mtx locking means that

• CVE-2024-38577Jun 19, 2024
  affected < 5.14.21-150500.55.88.1.150500.6.39.4fixed 5.14.21-150500.55.88.1.150500.6.39.4

  In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow There is a possibility of buffer overflow in show_rcu_tasks_trace_gp_kthread() if counters, passed to sprintf() are huge. Counter numbers, needed f

• CVE-2024-38573Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference cppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from different places with various parameters. So cpufreq_cpu_get() can return null as

• CVE-2024-38571Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/tsens: Fix null pointer dereference compute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c) as compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to null pointe

• CVE-2024-38570Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace, DLM will unlock those locks automatically. Commit fb6791d100d1b started exploi

• CVE-2024-38568Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd [1], but the driver does not check whether the array index is out

• CVE-2024-38564Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE bpf_prog_attach uses attach_type_to_prog_type to enforce proper attach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses bpf_prog_g

• CVE-2024-38557Jun 19, 2024
  affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Reload only IB representors upon lag disable/enable On lag disable, the bond IB device along with all of its representors are destroyed, and then the slaves' representors get reloaded. In case the sl