rpm package
suse/kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS
Vulnerabilities (812)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47441 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type m | ||
| CVE-2021-47436 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 ("usb: musb: musb_dsps: request_irq() after initializing musb") has inverted the calls to dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() | ||
| CVE-2021-47434 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at [6:63] bits of the command ring control register (CRCR). All the control bits like command stop, abort a | ||
| CVE-2023-52871 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption Usually there is only one llcc device. But if there were a second, even a failed probe call would modify the global drv_data pointer. So check if | ||
| CVE-2023-52854 | — | < 5.3.18-150200.24.203.1.150200.9.105.1 | 5.3.18-150200.24.203.1.150200.9.105.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: padata: Fix refcnt handling in padata_free_shell() In a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead to system UAF (Use-After-Free) issues. Due to the lengthy analysis of the pcrypt_aead0 | ||
| CVE-2023-52840 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() The put_device() calls rmi_release_function() which frees "fn" so the dereference on the next line "fn->num_of_irqs" is a use after free. | ||
| CVE-2023-52752 | — | < 5.3.18-150200.24.197.1.150200.9.101.1 | 5.3.18-150200.24.197.1.150200.9.101.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @ | ||
| CVE-2023-52707 | — | < 5.3.18-150200.24.197.1.150200.9.101.1 | 5.3.18-150200.24.197.1.150200.9.101.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueu | ||
| CVE-2021-47431 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload. | ||
| CVE-2021-47425 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a re | ||
| CVE-2021-47424 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a ker | ||
| CVE-2021-47423 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/debugfs: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. | ||
| CVE-2021-47416 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported memory leak in MDIO bus interface, the problem was in wrong state logic. MDIOBUS_ALLOCATED indicates 2 states: 1. Bus is only allocated 2. Bus allocated and __mdiob | ||
| CVE-2021-47405 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: free raw_report buffers in usbhid_stop Free the unsent raw_report buffers when the device is removed. Fixes a memory leak reported by syzbot at: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d | ||
| CVE-2021-47404 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malici | ||
| CVE-2021-47402 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect fl_walk() with rcu Patch that refactored fl_walk() to use idr_for_each_entry_continue_ul() also removed rcu protection of individual filters which causes following use-after-free whe | ||
| CVE-2021-47399 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup The ixgbe driver currently generates a NULL pointer dereference with some machine (online cpus < 63). This is due to the fact that the maximum value of num | ||
| CVE-2021-47396 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our handling of the hrtimer here is wrong: If the timer fires late (e.g. due to vCPU sched | ||
| CVE-2021-47395 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap Limit max values for vht mcs and nss in ieee80211_parse_tx_radiotap routine in order to fix the following warning reported by syzbot: WARNING | ||
| CVE-2021-47393 | — | < 5.3.18-150200.24.194.1.150200.9.99.1 | 5.3.18-150200.24.194.1.150200.9.99.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sysfs. For example, setting current fan speed to 20 is used to enforce fan speed to |
- CVE-2021-47441May 22, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type m
- CVE-2021-47436May 22, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 ("usb: musb: musb_dsps: request_irq() after initializing musb") has inverted the calls to dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev()
- CVE-2021-47434May 22, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at [6:63] bits of the command ring control register (CRCR). All the control bits like command stop, abort a
- CVE-2023-52871May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption Usually there is only one llcc device. But if there were a second, even a failed probe call would modify the global drv_data pointer. So check if
- CVE-2023-52854May 21, 2024affected < 5.3.18-150200.24.203.1.150200.9.105.1fixed 5.3.18-150200.24.203.1.150200.9.105.1
In the Linux kernel, the following vulnerability has been resolved: padata: Fix refcnt handling in padata_free_shell() In a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead to system UAF (Use-After-Free) issues. Due to the lengthy analysis of the pcrypt_aead0
- CVE-2023-52840May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() The put_device() calls rmi_release_function() which frees "fn" so the dereference on the next line "fn->num_of_irqs" is a use after free.
- CVE-2023-52752May 21, 2024affected < 5.3.18-150200.24.197.1.150200.9.101.1fixed 5.3.18-150200.24.197.1.150200.9.101.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @
- CVE-2023-52707May 21, 2024affected < 5.3.18-150200.24.197.1.150200.9.101.1fixed 5.3.18-150200.24.197.1.150200.9.101.1
In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueu
- CVE-2021-47431May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload.
- CVE-2021-47425May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a re
- CVE-2021-47424May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a ker
- CVE-2021-47423May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/debugfs: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked.
- CVE-2021-47416May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported memory leak in MDIO bus interface, the problem was in wrong state logic. MDIOBUS_ALLOCATED indicates 2 states: 1. Bus is only allocated 2. Bus allocated and __mdiob
- CVE-2021-47405May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: free raw_report buffers in usbhid_stop Free the unsent raw_report buffers when the device is removed. Fixes a memory leak reported by syzbot at: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d
- CVE-2021-47404May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malici
- CVE-2021-47402May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect fl_walk() with rcu Patch that refactored fl_walk() to use idr_for_each_entry_continue_ul() also removed rcu protection of individual filters which causes following use-after-free whe
- CVE-2021-47399May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup The ixgbe driver currently generates a NULL pointer dereference with some machine (online cpus < 63). This is due to the fact that the maximum value of num
- CVE-2021-47396May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our handling of the hrtimer here is wrong: If the timer fires late (e.g. due to vCPU sched
- CVE-2021-47395May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap Limit max values for vht mcs and nss in ieee80211_parse_tx_radiotap routine in order to fix the following warning reported by syzbot: WARNING
- CVE-2021-47393May 21, 2024affected < 5.3.18-150200.24.194.1.150200.9.99.1fixed 5.3.18-150200.24.194.1.150200.9.99.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sysfs. For example, setting current fan speed to 20 is used to enforce fan speed to
Page 8 of 41