suse/kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5

Vulnerabilities (2,310)

• CVE-2024-36933May 30, 2024
  affected < 5.14.21-150500.55.133.1fixed 5.14.21-150500.55.133.1

  In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). syzbot triggered various splats (see [0] and links) by a crafted GSO packet of VIRTIO_NET_HDR_GSO_UDP layering the following p

• CVE-2024-36915May 30, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies syzbot reported unsafe calls to copy_from_sockptr() [1] Use copy_safe_from_sockptr() instead. [1] BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset

• CVE-2021-47557May 24, 2024
  affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't peek at classes beyond 'nbands' when the number of DRR classes decreases, the round-robin active list can contain elements that have already been freed in ets_qdisc_change(). As a cons

• CVE-2021-47517May 24, 2024
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations co

• CVE-2023-52874May 21, 2024
  affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

  In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be clea

• CVE-2024-35840May 17, 2024
  affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

  In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mp

• CVE-2024-27397HigMay 14, 2024
  affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate

• CVE-2024-26935MedMay 1, 2024
  affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a

• CVE-2024-26943May 1, 2024
  affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1

  In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: handle kcalloc() allocation failure The kcalloc() in nouveau_dmem_evict_chunk() will return null if the physical memory has run out. As a result, if we dereference src_pfns, dst_pfns or dma_addrs,

• CVE-2024-26924Apr 24, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: add_elem("00000000") timeout 100 ms ... ad

• CVE-2024-26886Apr 17, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may cause a deadlock as shown bellow, so instead of using sock_sock this uses sk_receive_queue.lock on bt_sock_ioctl to avoid the UAF:

• CVE-2024-26832Apr 17, 2024
  affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

  In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not inva

• CVE-2021-47202Apr 10, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: thermal: Fix NULL pointer dereferences in of_thermal_ functions of_parse_thermal_zones() parses the thermal-zones node and registers a thermal_zone device for each subnode. However, if a thermal zone is consumi

• CVE-2024-26808Apr 4, 2024
  affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic

• CVE-2024-26804Apr 4, 2024
  affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

  In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr

• CVE-2024-26758Apr 3, 2024
  affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1

  In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't

• CVE-2024-26661Apr 2, 2024
  affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg

• CVE-2024-26643MedMar 21, 2024
  affected < 5.14.21-150500.55.116.1fixed 5.14.21-150500.55.116.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it

• CVE-2024-26634Mar 18, 2024
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: net: fix removing a namespace with conflicting altnames Mark reports a BUG() when a net namespace is removed. kernel BUG at net/core/dev.c:11520! Physical interfaces moved outside of init_net get "refunde

• CVE-2023-52572Mar 2, 2024
  affected < 5.14.21-150500.55.97.1fixed 5.14.21-150500.55.97.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifs_demultiplex_thread() There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/