VYPR

rpm package

suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.3

pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Vulnerabilities (2,986)

  • CVE-2021-46926Feb 27, 2024
    affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: harden detection of controller The existing code currently sets a pointer to an ACPI handle before checking that it's actually a SoundWire controller. This can lead to issues where th

  • CVE-2021-46925Feb 27, 2024
    affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A crash occurs when smc_cdc_tx_handler() tries to access smc_sock but smc_release() has already freed it. [ 4570.695099] BUG: unable to handle page fault fo

  • CVE-2021-46924Feb 27, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in the error handling path and remove path, this cause memory leak as follows: unre

  • CVE-2021-46923Feb 27, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: fs/mount_setattr: always cleanup mount_kattr Make sure that finish_mount_kattr() is called after mount_kattr was succesfully built in both the success and failure case to prevent leaking any references we took

  • CVE-2023-52474Feb 26, 2024
    affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1

    In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests hfi1 user SDMA request processing has two bugs that can cause data corruption for user SDMA requests that have multiple payload iovecs whe

  • CVE-2019-25162Feb 26, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde

  • CVE-2022-48626Feb 25, 2024
    affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1

    In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and

  • CVE-2023-52470Feb 25, 2024
    affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.

  • CVE-2023-52469Feb 25, 2024
    affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1

    In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t

  • CVE-2023-52467Feb 25, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

  • CVE-2024-26603Feb 24, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buffer was taken from fx_sw->xstate_size. fx_sw->xstate_size can be changed from user

  • CVE-2024-26602Feb 24, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize

  • CVE-2024-26601Feb 24, 2024
    affected < 5.14.21-150400.15.79.1fixed 5.14.21-150400.15.79.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on cod

  • CVE-2024-26600Feb 24, 2024
    affected < 5.14.21-150400.15.76.1fixed 5.14.21-150400.15.76.1

    In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This can happen on an idle Et

  • CVE-2024-26598Feb 23, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DI

  • CVE-2024-26595Feb 23, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer

  • CVE-2023-52464Feb 23, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx

  • CVE-2023-52463Feb 23, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as

  • CVE-2023-52457Feb 23, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback return

  • CVE-2023-52456Feb 23, 2024
    affected < 5.14.21-150400.15.71.1fixed 5.14.21-150400.15.71.1

    In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. When the TTY port is closed in th

Page 136 of 150