rpm package

suse/kernel-rt_debug&distro=SUSE Linux Enterprise Real Time 12 SP5

pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Vulnerabilities (1,429)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-47250		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlbl_cipsov4_add_std Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) h
CVE-2021-47249		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: rds: fix memory leak in rds_recvmsg Syzbot reported memory leak in rds. The problem was in unputted refcount in case of error. int rds_recvmsg(struct socket sock, struct msghdr msg, size_t size, int m
CVE-2021-47248		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close() and udp_abort() Kaustubh reported and diagnosed a panic in udp_lib_lookup(). The root cause is udp_abort() racing with close(). Both racing functions acquire the socket lock, but u
CVE-2021-47246		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix page reclaim for dead peer hairpin When adding a hairpin flow, a firmware-side send queue is created for the peer net device, which claims some host memory pages for its internal ring buffer. If
CVE-2021-47245		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: Fix out of bounds when parsing TCP options The TCP option parser in synproxy (synproxy_parse_options) could read one byte out of bounds. When the length is 1, the execution flow gets into t
CVE-2021-47239		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind") fails to clean up the work scheduled in smsc75xx_reset-> smsc75xx_set_multicast, whi
CVE-2021-47238		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in ip_mc_add1_src BUG: memory leak unreferenced object 0xffff888101bc4c00 (size 32): comm "syz-executor527", pid 360, jiffies 4294807421 (age 19.329s) hex dump (first 32 bytes):
CVE-2021-47237		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: hamradio: fix memory leak in mkiss_close My local syzbot instance hit memory leak in mkiss_open()[1]. The problem was in missing free_netdev() in mkiss_close(). In mkiss_open() netdevice is allocated and
CVE-2021-47236		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it
CVE-2021-47235		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ec_bhf_remove static void ec_bhf_remove(struct pci_dev dev) { ... struct ec_bhf_priv priv = netdev_priv(net_dev); unregister_netdev(net_dev); free_netdev(net
CVE-2021-47231		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: fix memory leak in mcba_usb Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS Analyzer Tool. The problem was in unfreed usb_coherent. In mcba_usb_start() 20 coherent buffers
CVE-2021-47229		—	< 4.12.14-10.188.1	4.12.14-10.188.1	May 21, 2024	In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIO_START register when previous transfer has not yet completed (which is indicated by value 1 in PIO
CVE-2024-36004	Med	5.5	< 4.12.14-10.197.1	4.12.14-10.197.1	May 20, 2024	In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in check_flush_dependency is being trigg
CVE-2024-35997	Med	5.5	< 4.12.14-10.191.1	4.12.14-10.191.1	May 20, 2024	In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C core already has its own locking
CVE-2024-35984	Med	5.5	< 4.12.14-10.188.1	4.12.14-10.188.1	May 20, 2024	In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the designware controller as target only. Target-only modes break the assumption of one transfer function always being availa
CVE-2024-35982	Med	5.5	< 4.12.14-10.188.1	4.12.14-10.188.1	May 20, 2024	In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all fragments
CVE-2024-35978	Med	5.5	< 4.12.14-10.197.1	4.12.14-10.197.1	May 20, 2024	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one.
CVE-2024-35976	Med	6.7	< 4.12.14-10.191.1	4.12.14-10.191.1	May 20, 2024	In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDP_{UMEM\|COMPLETION}_FILL_RING syzbot reported an illegal copy in xsk_setsockopt() [1] Make sure to validate setsockopt() @optlen parameter. [1] BUG: KASAN: slab-out-of-bounds
CVE-2024-35969	Med	5.5	< 4.12.14-10.188.1	4.12.14-10.188.1	May 20, 2024	In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr Although ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it still means hlist_for_each_entry_rcu can return an item that got removed f
CVE-2024-35967	Hig	7.1	< 4.12.14-10.197.1	4.12.14-10.197.1	May 20, 2024	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_sock_setsockopt() is copying data without checking user input length. BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset inc

CVE-2021-47250May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlbl_cipsov4_add_std Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) h
CVE-2021-47249May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net: rds: fix memory leak in rds_recvmsg Syzbot reported memory leak in rds. The problem was in unputted refcount in case of error. int rds_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, int m
CVE-2021-47248May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close() and udp_abort() Kaustubh reported and diagnosed a panic in udp_lib_lookup(). The root cause is udp_abort() racing with close(). Both racing functions acquire the socket lock, but u
CVE-2021-47246May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix page reclaim for dead peer hairpin When adding a hairpin flow, a firmware-side send queue is created for the peer net device, which claims some host memory pages for its internal ring buffer. If
CVE-2021-47245May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: Fix out of bounds when parsing TCP options The TCP option parser in synproxy (synproxy_parse_options) could read one byte out of bounds. When the length is 1, the execution flow gets into t
CVE-2021-47239May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind") fails to clean up the work scheduled in smsc75xx_reset-> smsc75xx_set_multicast, whi
CVE-2021-47238May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in ip_mc_add1_src BUG: memory leak unreferenced object 0xffff888101bc4c00 (size 32): comm "syz-executor527", pid 360, jiffies 4294807421 (age 19.329s) hex dump (first 32 bytes):
CVE-2021-47237May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net: hamradio: fix memory leak in mkiss_close My local syzbot instance hit memory leak in mkiss_open()[1]. The problem was in missing free_netdev() in mkiss_close(). In mkiss_open() netdevice is allocated and
CVE-2021-47236May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it
CVE-2021-47235May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ec_bhf_remove static void ec_bhf_remove(struct pci_dev *dev) { ... struct ec_bhf_priv *priv = netdev_priv(net_dev); unregister_netdev(net_dev); free_netdev(net
CVE-2021-47231May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: fix memory leak in mcba_usb Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS Analyzer Tool. The problem was in unfreed usb_coherent. In mcba_usb_start() 20 coherent buffers
CVE-2021-47229May 21, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIO_START register when previous transfer has not yet completed (which is indicated by value 1 in PIO
CVE-2024-36004MedMay 20, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in check_flush_dependency is being trigg
CVE-2024-35997MedMay 20, 2024
affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C core already has its own locking
CVE-2024-35984MedMay 20, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the designware controller as target only. Target-only modes break the assumption of one transfer function always being availa
CVE-2024-35982MedMay 20, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be resized to fit inside all fragments
CVE-2024-35978MedMay 20, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one.
CVE-2024-35976MedMay 20, 2024
affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING syzbot reported an illegal copy in xsk_setsockopt() [1] Make sure to validate setsockopt() @optlen parameter. [1] BUG: KASAN: slab-out-of-bounds
CVE-2024-35969MedMay 20, 2024
affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr Although ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it still means hlist_for_each_entry_rcu can return an item that got removed f
CVE-2024-35967HigMay 20, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_sock_setsockopt() is copying data without checking user input length. BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset inc

Page 26 of 72