rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (2,256)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-53176 | — | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: During unmount, ensure all cached dir instances drop their dentry The unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can race with various cached directory operations, which ultimately re | ||
| CVE-2024-53174 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cache_show The function `c_show` was called with protection from RCU. This only ensures that `cp` will not be freed. Therefore, the reference count for `cp` can drop | ||
| CVE-2024-53173 | — | < 5.14.21-150500.55.97.1 | 5.14.21-150500.55.97.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs | ||
| CVE-2024-53171 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit After an insertion in TNC, the tree might split and cause a node to change its `znode->parent`. A further deletion of other nodes in the tree (w | ||
| CVE-2024-53169 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: fix kernel crash while shutting down controller The nvme keep-alive operation, which executes at a periodic interval, could potentially sneak in while shutting down a fabric controller. This may l | ||
| CVE-2024-53168 | — | < 5.14.21-150500.55.110.1 | 5.14.21-150500.55.110.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID | ||
| CVE-2024-53164 | — | < 5.14.21-150500.55.116.1 | 5.14.21-150500.55.116.1 | Dec 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when t | ||
| CVE-2024-53151 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: svcrdma: Address an integer overflow Dan Carpenter reports: > Commit 78147ca8b4a9 ("svcrdma: Add a "parsed chunk list" data > structure") from Jun 22, 2020 (linux-next), leads to the following > Smatch static c | ||
| CVE-2024-53148 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: comedi: Flush partial mappings in error case If some remap_pfn_range() calls succeeded before one failed, we still have buffer pages mapped into the userspace page tables when we drop the buffer reference with | ||
| CVE-2024-53144 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always requ | ||
| CVE-2024-53141 | — | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Dec 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f | ||
| CVE-2024-53138 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix incorrect page refcounting The kTLS tx handling code is using a mix of get_page() and page_ref_inc() APIs to increment the page reference. But on the release path (mlx5e_ktls_tx_handle_resy | ||
| CVE-2024-53135 | — | < 5.14.21-150500.55.97.1 | 5.14.21-150500.55.97.1 | Dec 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROK | ||
| CVE-2024-53129 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: Fix a dereferenced before check warning The 'state' can't be NULL, we should check crtc_state. Fix warning: drivers/gpu/drm/rockchip/rockchip_drm_vop.c:1096 vop_plane_atomic_async_check() wa | ||
| CVE-2024-53127 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf ("mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K") increased the max_req_size, even for 4K pages, causing | ||
| CVE-2024-53125 | — | < 5.14.21-150500.55.113.1 | 5.14.21-150500.55.113.1 | Dec 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: sync_linked_regs() must preserve subreg_def Range propagation must not affect subreg_def marks, otherwise the following example is rewritten by verifier incorrectly when BPF_F_TEST_RND_HI32 flag is set: | ||
| CVE-2024-53124 | Med | 4.7 | < 5.14.21-150500.55.100.1 | 5.14.21-150500.55.100.1 | Dec 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules | |
| CVE-2024-53121 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and | ||
| CVE-2024-53112 | — | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_tra | ||
| CVE-2024-53104 | — | KEV | < 5.14.21-150500.55.94.1 | 5.14.21-150500.55.94.1 | Dec 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra |
- CVE-2024-53176Dec 27, 2024affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: smb: During unmount, ensure all cached dir instances drop their dentry The unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can race with various cached directory operations, which ultimately re
- CVE-2024-53174Dec 27, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cache_show The function `c_show` was called with protection from RCU. This only ensures that `cp` will not be freed. Therefore, the reference count for `cp` can drop
- CVE-2024-53173Dec 27, 2024affected < 5.14.21-150500.55.97.1fixed 5.14.21-150500.55.97.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs
- CVE-2024-53171Dec 27, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit After an insertion in TNC, the tree might split and cause a node to change its `znode->parent`. A further deletion of other nodes in the tree (w
- CVE-2024-53169Dec 27, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: fix kernel crash while shutting down controller The nvme keep-alive operation, which executes at a periodic interval, could potentially sneak in while shutting down a fabric controller. This may l
- CVE-2024-53168Dec 27, 2024affected < 5.14.21-150500.55.110.1fixed 5.14.21-150500.55.110.1
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID
- CVE-2024-53164Dec 27, 2024affected < 5.14.21-150500.55.116.1fixed 5.14.21-150500.55.116.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when t
- CVE-2024-53151Dec 24, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: svcrdma: Address an integer overflow Dan Carpenter reports: > Commit 78147ca8b4a9 ("svcrdma: Add a "parsed chunk list" data > structure") from Jun 22, 2020 (linux-next), leads to the following > Smatch static c
- CVE-2024-53148Dec 24, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: comedi: Flush partial mappings in error case If some remap_pfn_range() calls succeeded before one failed, we still have buffer pages mapped into the userspace page tables when we drop the buffer reference with
- CVE-2024-53144Dec 17, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always requ
- CVE-2024-53141Dec 6, 2024affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f
- CVE-2024-53138Dec 4, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix incorrect page refcounting The kTLS tx handling code is using a mix of get_page() and page_ref_inc() APIs to increment the page reference. But on the release path (mlx5e_ktls_tx_handle_resy
- CVE-2024-53135Dec 4, 2024affected < 5.14.21-150500.55.97.1fixed 5.14.21-150500.55.97.1
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROK
- CVE-2024-53129Dec 4, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: Fix a dereferenced before check warning The 'state' can't be NULL, we should check crtc_state. Fix warning: drivers/gpu/drm/rockchip/rockchip_drm_vop.c:1096 vop_plane_atomic_async_check() wa
- CVE-2024-53127Dec 4, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf ("mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K") increased the max_req_size, even for 4K pages, causing
- CVE-2024-53125Dec 4, 2024affected < 5.14.21-150500.55.113.1fixed 5.14.21-150500.55.113.1
In the Linux kernel, the following vulnerability has been resolved: bpf: sync_linked_regs() must preserve subreg_def Range propagation must not affect subreg_def marks, otherwise the following example is rewritten by verifier incorrectly when BPF_F_TEST_RND_HI32 flag is set:
- affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1
In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules
- CVE-2024-53121Dec 2, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and
- CVE-2024-53112Dec 2, 2024affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_tra
- affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra
Page 108 of 113