suse/kernel-rt&distro=SUSE Linux Enterprise Micro 5.3

Vulnerabilities (2,986)

• CVE-2024-58014HigFeb 27, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN() instead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.

• CVE-2025-21791Feb 27, 2025
  affected < 5.14.21-150400.15.118.1fixed 5.14.21-150400.15.118.1

  In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdev_l3_out() l3mdev_l3_out() can be called without RCU being held: raw_sendmsg() ip_push_pending_frames() ip_send_skb() ip_local_out() __ip_local_out() l3mdev_ip_ou

• CVE-2025-21785Feb 27, 2025
  affected < 5.14.21-150400.15.118.1fixed 5.14.21-150400.15.118.1

  In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate

• CVE-2025-21780Feb 27, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set

• CVE-2025-21726HigFeb 27, 2025
  affected < 5.14.21-150400.15.118.1fixed 5.14.21-150400.15.118.1

  In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorder_work Although the previous patch can avoid ps and ps UAF for _do_serial, it can not avoid potential UAF issue for reorder_work. This issue can happen just as below: crypto_request

• CVE-2024-57996MedFeb 27, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixe

• CVE-2025-21738Feb 27, 2025
  affected < 5.14.21-150400.15.145.1fixed 5.14.21-150400.15.145.1

  In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA com

• CVE-2025-21732Feb 27, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error This patch addresses a race condition for an ODP MR that can result in a CQE with an error on the UMR QP. During the __mlx5_ib_dereg_mr() flow,

• CVE-2025-21718Feb 27, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN

• CVE-2025-21714Feb 27, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using __xa_cmpxchg() to make sure this is the only time we are destroying this specific mr. Without this ch

• CVE-2024-57999Feb 27, 2025
  affected < 5.14.21-150400.15.124.1fixed 5.14.21-150400.15.124.1

  In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW Power Hypervisor can possibily allocate MMIO window intersecting with Dynamic DMA Window (DDW) range, which is over 32-bit addressing. These MMI

• CVE-2022-49158MedFeb 26, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix warning message due to adisc being flushed Fix warning message due to adisc being flushed. Linux kernel triggered a warning message where a different error code type is not matching up with

• CVE-2022-49135MedFeb 26, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix memory leak [why] Resource release is needed on the error handling path to prevent memory leak. [how] Fix this by adding kfree on the error handling path.

• CVE-2022-49731Feb 26, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() In an unlikely (and probably wrong?) case that the 'ppi' parameter of ata_host_alloc_pinfo() points to an array starting with a NULL pointer, t

• CVE-2022-49729Feb 26, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred Similar to the handling of play_deferred in commit 19cfe912c37b ("Bluetooth: btusb: Fix memory leak in play_deferred"), we thought a patch might be needed

• CVE-2022-49726Feb 26, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use

• CVE-2022-49725Feb 26, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setup_tx_descriptors After PF reset and ethtool -t there was call trace in dmesg sometimes leading to panic. When there was some time, around 5 seconds, between reset and test there were

• CVE-2022-49724Feb 26, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: tty: goldfish: Fix free_irq() on remove Pass the correct dev_id to free_irq() to fix this splat when the driver is unbound: WARNING: CPU: 0 PID: 30 at kernel/irq/manage.c:1895 free_irq Trying to free already

• CVE-2022-49723Feb 26, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix error_state_read ptr + offset use Fix our pointer offset usage in error_state_read when there is no i915_gpu_coredump but buf offset is non-zero. This fixes a kernel page fault can happen w

• CVE-2022-49722Feb 26, 2025
  affected < 5.14.21-150400.15.115.1fixed 5.14.21-150400.15.115.1

  In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory corruption in VF driver Disable VF's RX/TX queues, when it's disabled. VF can have queues enabled, when it requests a reset. If PF driver assumes that VF is disabled, while VF still has queues c