rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,617)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52606 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. The size of those operations however is determined separate | ||
| CVE-2023-52604 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2867:6 index 196694 is out of range for type 's8[1365]' (aka 's | ||
| CVE-2023-52603 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the following issue: oop0: detected capacity change from 0 to 32768 UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dtree.c:1971:9 index -2 is | ||
| CVE-2023-52602 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds Read in dtSearch Currently while searching for current page in the sorted entry table of the page there is a out of bound access. Added a bound check to fix the error. Dave: Set ret | ||
| CVE-2023-52601 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbAdjTree Currently there is a bound check missing in the dbAdjTree while accessing the dmt_stree. To add the required check added the bool is_ctl which is required to dete | ||
| CVE-2023-52600 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, the object ipimap that has been released may be accessed in diFreeSpecial(). Asynchronous ipimap release occurs when rcu_core() calls | ||
| CVE-2023-52599 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diNewExt [Syz report] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_imap.c:2360:2 index -878706688 is out of range for type 'struct iagctl[128]' CPU: 1 PID: 5065 Comm: syz | ||
| CVE-2023-52598 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the floating point control (fpc) register of a traced process is modified with the ptrace interface the new value is tested for validity b | ||
| CVE-2023-52597 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix setting of fpc register kvm_arch_vcpu_ioctl_set_fpu() allows to set the floating point control (fpc) register of a guest cpu. The new value is tested for validity by temporarily loading it into t | ||
| CVE-2023-52595 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: restart beacon queue when hardware reset When a hardware reset is triggered, all registers are reset, so all queues are forced to stop in hardware interface. However, mac80211 will not automatical | ||
| CVE-2023-52594 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Fix an array-index-out-of-bounds read in ath9k_htc_txstatus(). The bug occurs when txs->cnt, data from a URB provided by a USB d | ||
| CVE-2023-52593 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Since 'ieee80211_beacon_get()' can return NULL, 'wfx_set_mfp_ap()' should check the return value before examining skb data. So convert the la | ||
| CVE-2023-52591 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change reiserfs rename code to avoid touching renamed directory if | ||
| CVE-2023-52590 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change ocfs2 rename code to avoid touching renamed directory if its p | ||
| CVE-2023-52589 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ disable race issue In rkisp1_isp_stop() and rkisp1_csi_disable() the driver masks the interrupts and then apparently assumes that the interrupt handler won't be running, and proceeds in t | ||
| CVE-2023-52587 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the `priv->lock` while iterating the `priv->multicast_list` in `ipoib_mcast_join_task()` opens a window for `ipoib_mcast_dev_flush()` to remove the items while in the | ||
| CVE-2023-52586 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add mutex lock in control vblank irq Add a mutex lock to control vblank irq to synchronize vblank enable/disable operations happening from different threads to prevent race conditions while registe | ||
| CVE-2023-52585 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183 amdgpu | ||
| CVE-2023-52583 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: ceph: fix deadlock or deadcode of misusing dget() The lock order is incorrect between denty and its parent, we should always make sure that the parent get the lock first. But since this deadcode is never used | ||
| CVE-2022-48630 | — | < 5.14.21-150500.55.59.1.150500.6.25.7 | 5.14.21-150500.55.59.1.150500.6.25.7 | Mar 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'ma |
- CVE-2023-52606Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. The size of those operations however is determined separate
- CVE-2023-52604Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2867:6 index 196694 is out of range for type 's8[1365]' (aka 's
- CVE-2023-52603Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the following issue: oop0: detected capacity change from 0 to 32768 UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dtree.c:1971:9 index -2 is
- CVE-2023-52602Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds Read in dtSearch Currently while searching for current page in the sorted entry table of the page there is a out of bound access. Added a bound check to fix the error. Dave: Set ret
- CVE-2023-52601Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbAdjTree Currently there is a bound check missing in the dbAdjTree while accessing the dmt_stree. To add the required check added the bool is_ctl which is required to dete
- CVE-2023-52600Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, the object ipimap that has been released may be accessed in diFreeSpecial(). Asynchronous ipimap release occurs when rcu_core() calls
- CVE-2023-52599Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diNewExt [Syz report] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_imap.c:2360:2 index -878706688 is out of range for type 'struct iagctl[128]' CPU: 1 PID: 5065 Comm: syz
- CVE-2023-52598Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the floating point control (fpc) register of a traced process is modified with the ptrace interface the new value is tested for validity b
- CVE-2023-52597Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix setting of fpc register kvm_arch_vcpu_ioctl_set_fpu() allows to set the floating point control (fpc) register of a guest cpu. The new value is tested for validity by temporarily loading it into t
- CVE-2023-52595Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: restart beacon queue when hardware reset When a hardware reset is triggered, all registers are reset, so all queues are forced to stop in hardware interface. However, mac80211 will not automatical
- CVE-2023-52594Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() Fix an array-index-out-of-bounds read in ath9k_htc_txstatus(). The bug occurs when txs->cnt, data from a URB provided by a USB d
- CVE-2023-52593Mar 6, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() Since 'ieee80211_beacon_get()' can return NULL, 'wfx_set_mfp_ap()' should check the return value before examining skb data. So convert the la
- CVE-2023-52591Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change reiserfs rename code to avoid touching renamed directory if
- CVE-2023-52590Mar 6, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change ocfs2 rename code to avoid touching renamed directory if its p
- CVE-2023-52589Mar 6, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ disable race issue In rkisp1_isp_stop() and rkisp1_csi_disable() the driver masks the interrupts and then apparently assumes that the interrupt handler won't be running, and proceeds in t
- CVE-2023-52587Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the `priv->lock` while iterating the `priv->multicast_list` in `ipoib_mcast_join_task()` opens a window for `ipoib_mcast_dev_flush()` to remove the items while in the
- CVE-2023-52586Mar 6, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add mutex lock in control vblank irq Add a mutex lock to control vblank irq to synchronize vblank enable/disable operations happening from different threads to prevent race conditions while registe
- CVE-2023-52585Mar 6, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183 amdgpu
- CVE-2023-52583Mar 6, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: ceph: fix deadlock or deadcode of misusing dget() The lock order is incorrect between denty and its parent, we should always make sure that the parent get the lock first. But since this deadcode is never used
- CVE-2022-48630Mar 5, 2024affected < 5.14.21-150500.55.59.1.150500.6.25.7fixed 5.14.21-150500.55.59.1.150500.6.25.7
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'ma
Page 216 of 231