VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server 15 SP3-LTSS

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Vulnerabilities (1,483)

  • CVE-2021-47181Apr 10, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.

  • CVE-2024-26816MedApr 10, 2024
    affected < 5.3.18-150300.59.161.1fixed 5.3.18-150300.59.161.1

    In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is us

  • CVE-2024-26800Apr 4, 2024
    affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1

    In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns -EBUSY, tls_do_decryption will wait until all async decryptions have completed.

  • CVE-2024-26744Apr 3, 2024
    affected < 5.3.18-150300.59.161.1fixed 5.3.18-150300.59.161.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support specifying the srpt_service_guid parameter Make loading ib_srpt with this parameter set work. The current behavior is that setting that parameter while loading the ib_srpt kernel module trigg

  • CVE-2024-26739Apr 3, 2024
    affected < 5.3.18-150300.59.161.1fixed 5.3.18-150300.59.161.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcod

  • CVE-2024-26733Apr 3, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr

  • CVE-2024-26704Apr 3, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat

  • CVE-2024-26689Apr 3, 2024
    affected < 5.3.18-150300.59.161.1fixed 5.3.18-150300.59.161.1

    In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in encode_cap_msg(), "use after free" error was caught by KASAN at this line - 'ceph_buffer_get(arg->xattr_buf);'. This implies before the ref

  • CVE-2024-26688Apr 3, 2024
    affected < 5.3.18-150300.59.161.1fixed 5.3.18-150300.59.161.1

    In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super When configuring a hugetlb filesystem via the fsconfig() syscall, there is a possible NULL dereference in hugetlbfs_fill_super() caused by assigni

  • CVE-2023-52628Mar 28, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c

  • CVE-2021-47180Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nci_allocate_device nfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev. Fix this by freeing hci_dev in nci_free_device. BUG: memory leak unreferenced object 0xfff

  • CVE-2021-47179Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() Commit de144ff4234f changes _pnfs_return_layout() to call pnfs_mark_matching_lsegs_return() passing NULL as the struct pnfs_layout_rang

  • CVE-2021-47177Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in alloc_iommu() iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent errors.

  • CVE-2021-47176Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: s390/dasd: add missing discipline function Fix crash with illegal operation exception in dasd_device_tasklet. Commit b72949328869 ("s390/dasd: Prepare for additional path event handling") renamed the verify_pat

  • CVE-2021-47175Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall

  • CVE-2021-47174Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version Arturo reported this backtrace: [709732.358791] WARNING: CPU: 3 PID: 456 at arch/x86/kernel/fpu/core.c:128 kernel_fpu_be

  • CVE-2021-47173Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced

  • CVE-2021-47172Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug

  • CVE-2021-47171Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [] kmall

  • CVE-2021-47170Mar 25, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large.

Page 52 of 75