rpm package
suse/kernel-livepatch-SLE15-SP3_Update_43&distro=SUSE Linux Enterprise Live Patching 15 SP3
pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_43&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
Vulnerabilities (192)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47180 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nci_allocate_device nfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev. Fix this by freeing hci_dev in nci_free_device. BUG: memory leak unreferenced object 0xfff | ||
| CVE-2021-47179 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() Commit de144ff4234f changes _pnfs_return_layout() to call pnfs_mark_matching_lsegs_return() passing NULL as the struct pnfs_layout_rang | ||
| CVE-2021-47177 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in alloc_iommu() iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent errors. | ||
| CVE-2021-47176 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/dasd: add missing discipline function Fix crash with illegal operation exception in dasd_device_tasklet. Commit b72949328869 ("s390/dasd: Prepare for additional path event handling") renamed the verify_pat | ||
| CVE-2021-47175 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall | ||
| CVE-2021-47174 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version Arturo reported this backtrace: [709732.358791] WARNING: CPU: 3 PID: 456 at arch/x86/kernel/fpu/core.c:128 kernel_fpu_be | ||
| CVE-2021-47173 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced | ||
| CVE-2021-47172 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug | ||
| CVE-2021-47171 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [] kmall | ||
| CVE-2021-47170 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. | ||
| CVE-2021-47169 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if th | ||
| CVE-2021-47168 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because that's the size of the ->dat | ||
| CVE-2021-47167 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oopsable condition in __nfs_pageio_add_request() Ensure that nfs_pageio_error_cleanup() resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also change th | ||
| CVE-2021-47166 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list. | ||
| CVE-2021-47165 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unabl | ||
| CVE-2021-47164 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is witho | ||
| CVE-2021-47161 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the error handling path of the probe function, as already done in the rem | ||
| CVE-2021-47160 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: fix VLAN traffic leaks PCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but was not reset when it is disabled, which may cause traffic leaks: ip link add br0 type bridge v | ||
| CVE-2021-47153 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunate | ||
| CVE-2021-47150 | — | < 1-150300.7.3.5 | 1-150300.7.3.5 | Mar 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the memory |
- CVE-2021-47180Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nci_allocate_device nfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev. Fix this by freeing hci_dev in nci_free_device. BUG: memory leak unreferenced object 0xfff
- CVE-2021-47179Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() Commit de144ff4234f changes _pnfs_return_layout() to call pnfs_mark_matching_lsegs_return() passing NULL as the struct pnfs_layout_rang
- CVE-2021-47177Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in alloc_iommu() iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent errors.
- CVE-2021-47176Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: add missing discipline function Fix crash with illegal operation exception in dasd_device_tasklet. Commit b72949328869 ("s390/dasd: Prepare for additional path event handling") renamed the verify_pat
- CVE-2021-47175Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall
- CVE-2021-47174Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version Arturo reported this backtrace: [709732.358791] WARNING: CPU: 3 PID: 456 at arch/x86/kernel/fpu/core.c:128 kernel_fpu_be
- CVE-2021-47173Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced
- CVE-2021-47172Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug
- CVE-2021-47171Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [] kmall
- CVE-2021-47170Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large.
- CVE-2021-47169Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if th
- CVE-2021-47168Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because that's the size of the ->dat
- CVE-2021-47167Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oopsable condition in __nfs_pageio_add_request() Ensure that nfs_pageio_error_cleanup() resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also change th
- CVE-2021-47166Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list.
- CVE-2021-47165Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unabl
- CVE-2021-47164Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is witho
- CVE-2021-47161Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the error handling path of the probe function, as already done in the rem
- CVE-2021-47160Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: fix VLAN traffic leaks PCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but was not reset when it is disabled, which may cause traffic leaks: ip link add br0 type bridge v
- CVE-2021-47153Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunate
- CVE-2021-47150Mar 25, 2024affected < 1-150300.7.3.5fixed 1-150300.7.3.5
In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the memory
Page 3 of 10