rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (1,468)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47035 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove WO permissions on second-level paging entries When the first level page table is used for IOVA translation, it only supports Read-Only and Read-Write permissions. The Write-Only permission is | ||
| CVE-2021-47034 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radix__set_pte_at( | ||
| CVE-2021-47026 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: destroy sysfs after removing session from active list A session can be removed dynamically by sysfs interface "remove_path" that eventually calls rtrs_clt_remove_path_from_sysfs function. The cu | ||
| CVE-2021-47017 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix a use after free in ath10k_htc_send_bundle In ath10k_htc_send_bundle, the bundle_skb could be freed by dev_kfree_skb_any(bundle_skb). But the bundle_skb is used later by bundle_skb->len. As skb_len | ||
| CVE-2021-47015 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are | ||
| CVE-2021-47014 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using act_ct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-acc | ||
| CVE-2021-47013 | — | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In emac_mac_tx_buf_send, it calls emac_tx_fill_tpd(..,skb,..). If some error happens in emac_tx_fill_tpd(), the skb will be freed via dev_kfree_sk | ||
| CVE-2021-47012 | — | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix a use after free in siw_alloc_mr Our code analyzer reported a UAF. In siw_alloc_mr(), it calls siw_mr_add_mem(mr,..). In the implementation of siw_mr_add_mem(), mem is assigned to mr->mem and the | ||
| CVE-2021-47009 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak on object td Two error return paths are neglecting to free allocated object td, causing a memory leak. Fix this by returning via the error return path that securely kfree's td. F | ||
| CVE-2021-47006 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook The commit 1879445dfa7b ("perf/core: Set event's default ::overflow_handler()") set a default event->overflow_handler in perf_ | ||
| CVE-2021-47005 | — | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix NULL pointer dereference for ->get_features() get_features ops of pci_epc_ops may return NULL, causing NULL pointer dereference in pci_epf_test_alloc_space function. Let us add a check for pc | ||
| CVE-2021-47003 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix potential null dereference on pointer status There are calls to idxd_cmd_exec that pass a null status pointer however a recent commit has added an assignment to *status that can end up with | ||
| CVE-2021-47001 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd (and thus enabling more RPC Calls to be sent) /before/ rpcrdma_post_recvs() can post enough Receive WRs to receive the | ||
| CVE-2021-47000 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode leak on getattr error in __fh_to_dentry | ||
| CVE-2021-46998 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit In enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside enic_queue_wq_skb, if some error happens, the skb will be freed by dev_kfree_skb(skb | ||
| CVE-2021-46992 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid overflows in nft_hash_buckets() Number of buckets being stored in 32bit variables, we have to ensure that no overflows occur in nft_hash_buckets() syzbot injected a size == 0x4000000 | ||
| CVE-2021-46991 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix use-after-free in i40e_client_subtask() Currently the call to i40e_client_del_instance frees the object pf->cinst, however pf->cinst->lan_info is being accessed after the free. Fix this by adding the | ||
| CVE-2021-46990 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix crashes when toggling entry flush barrier The entry flush mitigation can be enabled/disabled at runtime via a debugfs file (entry_flush), which causes the kernel to patch itself to enable/disab | ||
| CVE-2021-46989 | — | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevent corruption in shrinking truncate I believe there are some issues introduced by commit 31651c607151 ("hfsplus: avoid deadlock on file truncation") HFS+ has extent records which always contains | ||
| CVE-2021-46988 | — | < 5.3.18-150300.59.158.1 | 5.3.18-150300.59.158.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUG_ON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmem_mfill_atomic_pte(). We successfully acco |
- CVE-2021-47035Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove WO permissions on second-level paging entries When the first level page table is used for IOVA translation, it only supports Read-Only and Read-Write permissions. The Write-Only permission is
- CVE-2021-47034Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radix__set_pte_at(
- CVE-2021-47026Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: destroy sysfs after removing session from active list A session can be removed dynamically by sysfs interface "remove_path" that eventually calls rtrs_clt_remove_path_from_sysfs function. The cu
- CVE-2021-47017Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix a use after free in ath10k_htc_send_bundle In ath10k_htc_send_bundle, the bundle_skb could be freed by dev_kfree_skb_any(bundle_skb). But the bundle_skb is used later by bundle_skb->len. As skb_len
- CVE-2021-47015Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are
- CVE-2021-47014Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using act_ct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-acc
- CVE-2021-47013Feb 28, 2024affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In emac_mac_tx_buf_send, it calls emac_tx_fill_tpd(..,skb,..). If some error happens in emac_tx_fill_tpd(), the skb will be freed via dev_kfree_sk
- CVE-2021-47012Feb 28, 2024affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix a use after free in siw_alloc_mr Our code analyzer reported a UAF. In siw_alloc_mr(), it calls siw_mr_add_mem(mr,..). In the implementation of siw_mr_add_mem(), mem is assigned to mr->mem and the
- CVE-2021-47009Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak on object td Two error return paths are neglecting to free allocated object td, causing a memory leak. Fix this by returning via the error return path that securely kfree's td. F
- CVE-2021-47006Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook The commit 1879445dfa7b ("perf/core: Set event's default ::overflow_handler()") set a default event->overflow_handler in perf_
- CVE-2021-47005Feb 28, 2024affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix NULL pointer dereference for ->get_features() get_features ops of pci_epc_ops may return NULL, causing NULL pointer dereference in pci_epf_test_alloc_space function. Let us add a check for pc
- CVE-2021-47003Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix potential null dereference on pointer status There are calls to idxd_cmd_exec that pass a null status pointer however a recent commit has added an assignment to *status that can end up with
- CVE-2021-47001Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd (and thus enabling more RPC Calls to be sent) /before/ rpcrdma_post_recvs() can post enough Receive WRs to receive the
- CVE-2021-47000Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode leak on getattr error in __fh_to_dentry
- CVE-2021-46998Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit In enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside enic_queue_wq_skb, if some error happens, the skb will be freed by dev_kfree_skb(skb
- CVE-2021-46992Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid overflows in nft_hash_buckets() Number of buckets being stored in 32bit variables, we have to ensure that no overflows occur in nft_hash_buckets() syzbot injected a size == 0x4000000
- CVE-2021-46991Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix use-after-free in i40e_client_subtask() Currently the call to i40e_client_del_instance frees the object pf->cinst, however pf->cinst->lan_info is being accessed after the free. Fix this by adding the
- CVE-2021-46990Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix crashes when toggling entry flush barrier The entry flush mitigation can be enabled/disabled at runtime via a debugfs file (entry_flush), which causes the kernel to patch itself to enable/disab
- CVE-2021-46989Feb 28, 2024affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevent corruption in shrinking truncate I believe there are some issues introduced by commit 31651c607151 ("hfsplus: avoid deadlock on file truncation") HFS+ has extent records which always contains
- CVE-2021-46988Feb 28, 2024affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUG_ON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmem_mfill_atomic_pte(). We successfully acco
Page 57 of 74