rpm package
suse/kernel-livepatch-SLE15-SP2_Update_47&distro=SUSE Linux Enterprise Live Patching 15 SP2
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_47&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2
Vulnerabilities (135)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47189 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory ordering between normal and ordered work functions Ordered work functions aren't guaranteed to be handled by the same thread which executed the normal work functions. The only way execution be | ||
| CVE-2021-47185 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one: Workqueue: events_unbound | ||
| CVE-2021-47183 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix link down processing to address NULL pointer dereference If an FC link down transition while PLOGIs are outstanding to fabric well known addresses, outstanding ABTS requests may result in a NULL | ||
| CVE-2021-47181 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. | ||
| CVE-2024-26733 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr | ||
| CVE-2024-26704 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat | ||
| CVE-2023-52628 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c | ||
| CVE-2021-47180 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nci_allocate_device nfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev. Fix this by freeing hci_dev in nci_free_device. BUG: memory leak unreferenced object 0xfff | ||
| CVE-2021-47179 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() Commit de144ff4234f changes _pnfs_return_layout() to call pnfs_mark_matching_lsegs_return() passing NULL as the struct pnfs_layout_rang | ||
| CVE-2021-47177 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in alloc_iommu() iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent errors. | ||
| CVE-2021-47173 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced | ||
| CVE-2021-47172 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug | ||
| CVE-2021-47171 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [] kmall | ||
| CVE-2021-47170 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. | ||
| CVE-2021-47169 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if th | ||
| CVE-2021-47168 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because that's the size of the ->dat | ||
| CVE-2021-47167 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oopsable condition in __nfs_pageio_add_request() Ensure that nfs_pageio_error_cleanup() resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also change th | ||
| CVE-2021-47166 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list. | ||
| CVE-2021-47165 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unabl | ||
| CVE-2021-47161 | — | < 1-150200.5.3.3 | 1-150200.5.3.3 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the error handling path of the probe function, as already done in the rem |
- CVE-2021-47189Apr 10, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory ordering between normal and ordered work functions Ordered work functions aren't guaranteed to be handled by the same thread which executed the normal work functions. The only way execution be
- CVE-2021-47185Apr 10, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one: Workqueue: events_unbound
- CVE-2021-47183Apr 10, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix link down processing to address NULL pointer dereference If an FC link down transition while PLOGIs are outstanding to fabric well known addresses, outstanding ABTS requests may result in a NULL
- CVE-2021-47181Apr 10, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.
- CVE-2024-26733Apr 3, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr
- CVE-2024-26704Apr 3, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat
- CVE-2023-52628Mar 28, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c
- CVE-2021-47180Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nci_allocate_device nfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev. Fix this by freeing hci_dev in nci_free_device. BUG: memory leak unreferenced object 0xfff
- CVE-2021-47179Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() Commit de144ff4234f changes _pnfs_return_layout() to call pnfs_mark_matching_lsegs_return() passing NULL as the struct pnfs_layout_rang
- CVE-2021-47177Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in alloc_iommu() iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent errors.
- CVE-2021-47173Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced
- CVE-2021-47172Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug
- CVE-2021-47171Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [] kmall
- CVE-2021-47170Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large.
- CVE-2021-47169Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if th
- CVE-2021-47168Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because that's the size of the ->dat
- CVE-2021-47167Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oopsable condition in __nfs_pageio_add_request() Ensure that nfs_pageio_error_cleanup() resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also change th
- CVE-2021-47166Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list.
- CVE-2021-47165Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unabl
- CVE-2021-47161Mar 25, 2024affected < 1-150200.5.3.3fixed 1-150200.5.3.3
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the error handling path of the probe function, as already done in the rem
Page 2 of 7