VYPR

rpm package

suse/kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3

pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3

Vulnerabilities (1,468)

  • CVE-2021-46956Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: virtiofs: fix memory leak in virtio_fs_probe() When accidentally passing twice the same tag to qemu, kmemleak ended up reporting a memory leak in virtiofs. Also, looking at the log I saw the following error (t

  • CVE-2021-46955Feb 27, 2024
    affected < 5.3.18-150300.59.161.1fixed 5.3.18-150300.59.161.1

    In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN

  • CVE-2021-46953Feb 27, 2024
    affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2

    In the Linux kernel, the following vulnerability has been resolved: ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure When failing the driver probe because of invalid firmware properties, the GTDT driver unmaps the interrupt that it mapped earlier. However

  • CVE-2021-46951Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpm_read_log_efi is called multiple times, which happens when one loads and unloads a TPM2 driver multiple times, then the global variable efi_tp

  • CVE-2021-46950Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being

  • CVE-2021-46944Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix memory leak in imu_fmt We are losing the reference to an allocated memory if try. Change the order of the check to avoid that.

  • CVE-2021-46943Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix set_fmt error handling If there in an error during a set_fmt, do not overwrite the previous sizes with the invalid config. Without this patch, v4l2-compliance ends up allocating

  • CVE-2021-46939Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following back

  • CVE-2021-46938Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails When loading a device-mapper table for a request-based mapped device, and the allocation/initialization of the blk_mq_tag_set for th

  • CVE-2020-36777Feb 27, 2024
    affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2

    In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: Fix memory leak in dvb_media_device_free() dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn` before setting it to NULL, as documented in include/media/media-device.h: "The m

  • CVE-2021-46934Feb 27, 2024
    affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2

    In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i

  • CVE-2021-46933Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. ffs_data_clear is indirectly called from both ffs_fs_kill_sb and ffs_ep0_release, so it ends up being called twice when userland closes ep0 and then unmou

  • CVE-2021-46932Feb 27, 2024
    affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2

    In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may hap

  • CVE-2021-46931Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5e_tx_reporter_dump_sq() casts its void * argument to struct mlx5e_txqsq *, but in TX-timeout-recovery flow the argument is actually o

  • CVE-2021-46930Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix list_head check warning This is caused by uninitialization of list_head. BUG: KASAN: use-after-free in __list_del_entry_valid+0x34/0xe4 Call trace: dump_backtrace+0x0/0x298 show_stack+0x24/0x34

  • CVE-2021-46929Feb 27, 2024
    affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2

    In the Linux kernel, the following vulnerability has been resolved: sctp: use call_rcu to free endpoint This patch is to delay the endpoint free by calling call_rcu() to fix another use-after-free issue in sctp_sock_dump(): BUG: KASAN: use-after-free in __lock_acquire+0x36d9

  • CVE-2021-46924Feb 27, 2024
    affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2

    In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca: Fix memory leak in device probe and remove 'phy->pending_skb' is alloced when device probe, but forgot to free in the error handling path and remove path, this cause memory leak as follows: unre

  • CVE-2021-46922Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix TPM reservation for seal/unseal The original patch 8c657a0590de ("KEYS: trusted: Reserve TPM for seal and unseal operations") was correct on the mailing list: https://lore.kernel.org/linux-i

  • CVE-2021-46921Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can acquire the lock without holding wait_lock. The writer side loops checking the va

  • CVE-2021-46920Feb 27, 2024
    affected < 5.3.18-150300.59.158.1fixed 5.3.18-150300.59.158.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the

Page 59 of 74