VYPR

rpm package

suse/kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS

Vulnerabilities (2,318)

  • CVE-2021-47202Apr 10, 2024
    affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

    In the Linux kernel, the following vulnerability has been resolved: thermal: Fix NULL pointer dereferences in of_thermal_ functions of_parse_thermal_zones() parses the thermal-zones node and registers a thermal_zone device for each subnode. However, if a thermal zone is consumi

  • CVE-2024-26808Apr 4, 2024
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic

  • CVE-2024-26804Apr 4, 2024
    affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1

    In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr

  • CVE-2024-26758Apr 3, 2024
    affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1

    In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't

  • CVE-2024-26661Apr 2, 2024
    affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg

  • CVE-2024-26643MedMar 21, 2024
    affected < 5.14.21-150500.55.116.1fixed 5.14.21-150500.55.116.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it

  • CVE-2024-26634Mar 18, 2024
    affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix removing a namespace with conflicting altnames Mark reports a BUG() when a net namespace is removed. kernel BUG at net/core/dev.c:11520! Physical interfaces moved outside of init_net get "refunde

  • CVE-2023-52572Mar 2, 2024
    affected < 5.14.21-150500.55.97.1fixed 5.14.21-150500.55.97.1

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifs_demultiplex_thread() There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/

  • CVE-2024-26584Feb 21, 2024
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES

  • CVE-2024-26583Feb 21, 2024
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch

  • CVE-2024-26581Feb 20, 2024
    affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not

  • CVE-2023-52433Feb 20, 2024
    affected < 5.14.21-150500.55.136.1fixed 5.14.21-150500.55.136.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path mig

  • CVE-2024-24860Feb 5, 2024
    affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

    A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

  • CVE-2023-39197Jan 23, 2024
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.

  • CVE-2022-2602Jan 8, 2024
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    io_uring UAF, Unix SCM garbage collection

  • CVE-2022-2586KEVJan 8, 2024
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.

  • CVE-2022-2585Jan 8, 2024
    affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1

    It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

  • CVE-2023-1192Nov 1, 2023
    affected < 5.14.21-150500.55.97.1fixed 5.14.21-150500.55.97.1

    A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access

  • CVE-2023-42753Sep 25, 2023
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss

  • CVE-2023-3772Jul 25, 2023
    affected < 5.14.21-150500.55.124.1fixed 5.14.21-150500.55.124.1

    A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s