rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,617)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-36913 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned | ||
| CVE-2024-36912 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and t | ||
| CVE-2024-36911 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory | ||
| CVE-2024-36910 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting m | ||
| CVE-2024-36909 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't free ring buffers that couldn't be re-encrypted In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error i | ||
| CVE-2024-36906 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ARM: 9381/1: kasan: clear stale stack poison We found below OOB crash: [ 33.452494] ================================================================== [ 33.453513] BUG: KASAN: stack-out-of-bounds in refres | ||
| CVE-2024-36901 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_output(). Most places in IPv6 stack deal with a NULL idev just fine, but not here. | ||
| CVE-2024-36900 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So, pr | ||
| CVE-2024-36897 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx->dc_bios->integrated_info whil | ||
| CVE-2024-36896 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disable_store(): usb_hub_to_struct_hub() can return NULL if the hub that the port belongs to | ||
| CVE-2024-36893 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typec_register_partner() does not guarantee partner registration to always succeed. In the event of failure, port->partner is set to the err | ||
| CVE-2024-36890 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/slab: make __free(kfree) accept error pointers Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831x_gpio_dbg_show(). 171 char *l | ||
| CVE-2024-36889 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_nxt is properly initialized on connect Christoph reported a splat hinting at a corrupted snd_una: WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptc | ||
| CVE-2024-36886 | — | < 5.14.21-150500.55.88.1.150500.6.39.4 | 5.14.21-150500.55.88.1.150500.6.39.4 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro Zero Day Initiative reported a UAF in the tipc_buf_append() error path: BUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c | ||
| CVE-2024-36883 | — | < 5.14.21-150500.55.88.1.150500.6.39.4 | 5.14.21-150500.55.88.1.150500.6.39.4 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in ops_init net_alloc_generic is called by net_alloc, which is called without any locking. It reads max_gen_ptrs, which is changed under pernet_ops_rwsem. It is read twice, first t | ||
| CVE-2024-36880 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer. | ||
| CVE-2024-36032 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply | ||
| CVE-2023-52882 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change While PLL CPUX clock rate change when CPU is running from it works in vast majority of cases, now and then it causes instability. This leads to syste | ||
| CVE-2024-36029 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller Generic sdhci code registers LED device and uses host->runtime_suspended flag to protect access to it. The sdhci-msm driver doesn't set this flag, which ca | ||
| CVE-2024-36020 | Med | 5.5 | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using t |
- CVE-2024-36913May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned
- CVE-2024-36912May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and t
- CVE-2024-36911May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory
- CVE-2024-36910May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting m
- CVE-2024-36909May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't free ring buffers that couldn't be re-encrypted In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error i
- CVE-2024-36906May 30, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: ARM: 9381/1: kasan: clear stale stack poison We found below OOB crash: [ 33.452494] ================================================================== [ 33.453513] BUG: KASAN: stack-out-of-bounds in refres
- CVE-2024-36901May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_output(). Most places in IPv6 stack deal with a NULL idev just fine, but not here.
- CVE-2024-36900May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So, pr
- CVE-2024-36897May 30, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx->dc_bios->integrated_info whil
- CVE-2024-36896May 30, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disable_store(): usb_hub_to_struct_hub() can return NULL if the hub that the port belongs to
- CVE-2024-36893May 30, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typec_register_partner() does not guarantee partner registration to always succeed. In the event of failure, port->partner is set to the err
- CVE-2024-36890May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: mm/slab: make __free(kfree) accept error pointers Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831x_gpio_dbg_show(). 171 char *l
- CVE-2024-36889May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_nxt is properly initialized on connect Christoph reported a splat hinting at a corrupted snd_una: WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptc
- CVE-2024-36886May 30, 2024affected < 5.14.21-150500.55.88.1.150500.6.39.4fixed 5.14.21-150500.55.88.1.150500.6.39.4
In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro Zero Day Initiative reported a UAF in the tipc_buf_append() error path: BUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c
- CVE-2024-36883May 30, 2024affected < 5.14.21-150500.55.88.1.150500.6.39.4fixed 5.14.21-150500.55.88.1.150500.6.39.4
In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in ops_init net_alloc_generic is called by net_alloc, which is called without any locking. It reads max_gen_ptrs, which is changed under pernet_ops_rwsem. It is read twice, first t
- CVE-2024-36880May 30, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer.
- CVE-2024-36032May 30, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply
- CVE-2023-52882May 30, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change While PLL CPUX clock rate change when CPU is running from it works in vast majority of cases, now and then it causes instability. This leads to syste
- CVE-2024-36029May 30, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller Generic sdhci code registers LED device and uses host->runtime_suspended flag to protect access to it. The sdhci-msm driver doesn't set this flag, which ca
- affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using t
Page 171 of 231