rpm package
suse/kernel-default-base&distro=SUSE Manager Proxy 4.3
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Proxy%204.3
Vulnerabilities (1,907)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48788 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in o | ||
| CVE-2022-48787 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which the | ||
| CVE-2022-48786 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsock_connect() expects that the socket could already be in the TCP_ESTABLISHED state when the connecting task wakes up with a si | ||
| CVE-2021-47624 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. When the 3rd argument buf doesn't match with "offline", "online" or "remove", | ||
| CVE-2021-47622 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_handler() - ufshcd_eh_host | ||
| CVE-2022-48784 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix race in netlink owner interface destruction My previous fix here to fix the deadlock left a race where the exact same deadlock (see the original commit referenced below) can still happen if cfg802 | ||
| CVE-2022-48783 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus). | ||
| CVE-2022-48780 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies | ||
| CVE-2022-48778 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped. | ||
| CVE-2022-48777 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty) the kernel panics in the cleanup function as the name entry is NULL. Rework the | ||
| CVE-2022-48776 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix missing free for pparts in cleanup Mtdpart doesn't free pparts when a cleanup function is declared. Add missing free for pparts in cleanup function for smem to fix the leak. | ||
| CVE-2022-48775 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, ko | ||
| CVE-2022-48774 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in pt_core_init() In order to free resources correctly in the error handling path of pt_core_init(), 2 goto's have to be switched. Otherwise, some resources will le | ||
| CVE-2022-48773 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries f | ||
| CVE-2023-52886 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 dr | ||
| CVE-2023-52885 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis | ||
| CVE-2024-40994 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in max_vclocks_store On 32bit systems, the "4 * max" multiply can overflow. Use kcalloc() to do the allocation to prevent this. | ||
| CVE-2024-40989 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't have any dangling pointer to that region stored in a vcpu. | ||
| CVE-2024-40956 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through the list and deleting the entry in the iteration process. The descriptor is freed | ||
| CVE-2024-40954 | — | < 5.14.21-150400.24.128.1.150400.24.62.1 | 5.14.21-150400.24.128.1.150400.24.62.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching an fentry probe to __sock_release() and the probe calling the bpf_get_socket_ |
- CVE-2022-48788Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in o
- CVE-2022-48787Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which the
- CVE-2022-48786Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsock_connect() expects that the socket could already be in the TCP_ESTABLISHED state when the connecting task wakes up with a si
- CVE-2021-47624Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. When the 3rd argument buf doesn't match with "offline", "online" or "remove",
- CVE-2021-47622Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_handler() - ufshcd_eh_host
- CVE-2022-48784Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix race in netlink owner interface destruction My previous fix here to fix the deadlock left a race where the exact same deadlock (see the original commit referenced below) can still happen if cfg802
- CVE-2022-48783Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus).
- CVE-2022-48780Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies
- CVE-2022-48778Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped.
- CVE-2022-48777Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty) the kernel panics in the cleanup function as the name entry is NULL. Rework the
- CVE-2022-48776Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix missing free for pparts in cleanup Mtdpart doesn't free pparts when a cleanup function is declared. Add missing free for pparts in cleanup function for smem to fix the leak.
- CVE-2022-48775Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, ko
- CVE-2022-48774Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in pt_core_init() In order to free resources correctly in the error handling path of pt_core_init(), 2 goto's have to be switched. Otherwise, some resources will le
- CVE-2022-48773Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries f
- CVE-2023-52886Jul 16, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 dr
- CVE-2023-52885Jul 14, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis
- CVE-2024-40994Jul 12, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in max_vclocks_store On 32bit systems, the "4 * max" multiply can overflow. Use kcalloc() to do the allocation to prevent this.
- CVE-2024-40989Jul 12, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't have any dangling pointer to that region stored in a vcpu.
- CVE-2024-40956Jul 12, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through the list and deleting the entry in the iteration process. The descriptor is freed
- CVE-2024-40954Jul 12, 2024affected < 5.14.21-150400.24.128.1.150400.24.62.1fixed 5.14.21-150400.24.128.1.150400.24.62.1
In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: * attaching an fentry probe to __sock_release() and the probe calling the bpf_get_socket_
Page 60 of 96