suse/kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

Vulnerabilities (2,830)

• CVE-2021-47099Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: veth: ensure skb entering GRO are not cloned. After commit d3256efd8e8b ("veth: allow enabling NAPI even without XDP"), if GRO is enabled on a veth device and TSO is disabled on the peer device, TCP skbs will g

• CVE-2021-47098Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of temperature calculations") addressed a number of underflow situation

• CVE-2021-47097Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantech_change_report_id() The array param[] in elantech_change_report_id() must be at least 3 bytes, because elantech_read_reg_params() is calling ps2_comman

• CVE-2021-47096Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized user_pversion The user_pversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation.

• CVE-2021-47095Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: initialize ssif_info->client early During probe ssif_info->client is dereferenced in error path. However, it is set when some of the error checking has already been done. This causes following kerne

• CVE-2021-47094Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Don't advance iterator after restart due to yielding After dropping mmu_lock in the TDP MMU, restart the iterator during tdp_iter_next() and do not advance the iterator. Advancing the iterator re

• CVE-2021-47093Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel_pmc_core: fix memleak on registration failure In case device registration fails during module initialisation, the platform device structure needs to be freed using platform_device_put() to p

• CVE-2021-47091Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: mac80211: fix locking in ieee80211_start_ap error path We need to hold the local->mtx to release the channel context, as even encoded by the lockdep_assert_held() there. Fix it.

• CVE-2021-47087Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix incorrect page free bug Pointer to the allocated pages (struct page *page) has already progressed towards the end of allocation. It is incorrect to perform __free_pages(page, order) using this p

• CVE-2021-47083Mar 4, 2024
  affected < 5.14.21-150400.24.111.1fixed 5.14.21-150400.24.111.1

  In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: fix global-out-of-bounds issue When eint virtual eint number is greater than gpio number, it maybe produce 'desc[eint_n]' size globle-out-of-bounds issue.

• CVE-2021-47082Mar 4, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: tun: avoid double free in tun_free_netdev Avoid double free in tun_free_netdev() by moving the dev->tstats and tun->security allocs to a new ndo_init routine (tun_net_init()) that will be called by register_net

• CVE-2024-26622Mar 4, 2024
  affected < 5.14.21-150400.24.111.1fixed 5.14.21-150400.24.111.1

  In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested, we need to fetch head->write_buf after head->io_sem is held. Ot

• CVE-2023-52582Mar 2, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: netfs: Only call folio_start_fscache() one time for each folio If a network filesystem using netfs implements a clamp_length() function, it can set subrequest lengths smaller than a page size. When we loop thr

• CVE-2023-52576Mar 2, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer() The code calling ima_free_kexec_buffer() runs long after the memblock allocator has already been torn down, potentially resulting in a u

• CVE-2023-52574Mar 2, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: team: fix null-ptr-deref when team device type is changed Get a null-ptr-deref bug as follows with reproducer [1]. BUG: kernel NULL pointer dereference, address: 0000000000000228 ... RIP: 0010:vlan_dev_hard_he

• CVE-2023-52572Mar 2, 2024
  affected < 5.14.21-150400.24.153.1fixed 5.14.21-150400.24.153.1

  In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifs_demultiplex_thread() There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/

• CVE-2023-52569Mar 2, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG() after failure to insert delayed dir index item Instead of calling BUG() when we fail to insert a delayed dir index item into the delayed node's tree, we can just release all the resources we

• CVE-2023-52567Mar 2, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: serial: 8250_port: Check IRQ data before use In case the leaf driver wants to use IRQ polling (irq = 0) and IIR register shows that an interrupt happened in the 8250 hardware the IRQ data can be NULL. In such a

• CVE-2023-52566Mar 2, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() In nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the reference count of bh when the call to nilfs_dat_translate() fails.

• CVE-2023-52564Mar 2, 2024
  affected < 5.14.21-150400.24.116.1fixed 5.14.21-150400.24.116.1

  In the Linux kernel, the following vulnerability has been resolved: Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" This reverts commit 9b9c8195f3f0d74a826077fc1c01b9ee74907239. The commit above is reverted as it did not solve the original issue. gsm_cleanup_mux() tries to fr