suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5

Vulnerabilities (4,617)

• CVE-2024-26775Apr 3, 2024
  affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1

  In the Linux kernel, the following vulnerability has been resolved: aoe: avoid potential deadlock at set_capacity Move set_capacity() outside of the section procected by (&d->lock). To avoid possible interrupt unsafe locking scenario: CPU0 CPU1

• CVE-2024-26773Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a

• CVE-2024-26772Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating block

• CVE-2024-26771Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Add some null pointer checks to the edma_probe devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by che

• CVE-2024-26769Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmet_wq nested. Avoid this by deadlock by deferring the put work in

• CVE-2024-26767Apr 3, 2024
  affected < 5.14.21-150500.55.83.1.150500.6.37.1fixed 5.14.21-150500.55.83.1.150500.6.37.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check

• CVE-2024-26766Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes easily reproducible by `

• CVE-2024-26764Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:

• CVE-2024-26763Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified [1]. So, fix this proble

• CVE-2024-26760Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fix bio_put() for error case As of commit 066ff571011d ("block: turn bio_kmalloc into a simple kmalloc wrapper"), a bio allocated by bio_kmalloc() must be freed by bio_uninit() and kfree().

• CVE-2024-26759Apr 3, 2024
  affected < 5.14.21-150500.55.83.1.150500.6.37.1fixed 5.14.21-150500.55.83.1.150500.6.37.1

  In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0)

• CVE-2024-26758Apr 3, 2024
  affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1

  In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't

• CVE-2024-26754Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() The gtp_net_ops pernet operations structure for the subsystem must be registered before registering the generic netlink family. Syzkaller hit '

• CVE-2024-26751Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: ARM: ep93xx: Add terminator to gpiod_lookup_table Without the terminator, if a con_id is passed to gpio_find() that does not exist in the lookup table the function will not stop looping correctly, and eventuall

• CVE-2024-26749Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() ... cdns3_gadget_ep_free_request(&priv_ep->endpoint, &priv_req->request); list_del_init(&priv_req->list); ... 'priv_req' actually fr

• CVE-2024-26748Apr 3, 2024
  affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1

  In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->complete) { 830 spin_unlock(&priv_dev->lock); 831 usb_gadget_giveback_request(&priv_ep->endpoint, 832

• CVE-2024-26747Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: usb: roles: fix NULL pointer issue when put module's reference In current design, usb role class driver will get usb_role_switch parent's module reference after the user get usb_role_switch device and put the r

• CVE-2024-26744Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support specifying the srpt_service_guid parameter Make loading ib_srpt with this parameter set work. The current behavior is that setting that parameter while loading the ib_srpt kernel module trigg

• CVE-2024-26743Apr 3, 2024
  affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2

  In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedr_create_user_qp error flow Avoid the following warning by making sure to free the allocated resources in case that qedr_init_user_queue() fail. -----------[ cut here ]----------- WARNING: CP

• CVE-2024-26742Apr 3, 2024
  affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disable_managed_interrupts Correct blk-mq registration issue with module parameter disable_managed_interrupts enabled. When we turn off the default PCI_IRQ_AFFINITY flag, the driver needs t