rpm package

suse/kernel-source&distro=SUSE Manager Proxy LTS 4.3

pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Proxy%20LTS%204.3

Vulnerabilities (542)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-21971		—	< 5.14.21-150400.24.173.1	5.14.21-150400.24.173.1	Apr 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
CVE-2025-21881		—	< 5.14.21-150400.24.173.1	5.14.21-150400.24.173.1	Mar 27, 2025	In the Linux kernel, the following vulnerability has been resolved: uprobes: Reject the shared zeropage in uprobe_write_opcode() We triggered the following crash in syzkaller tests: BUG: Bad page state in process syz.7.38 pfn:1eff3 page: refcount:0 mapcount:0 mapping:0000
CVE-2023-52927	Hig	7.8	< 5.14.21-150400.24.173.1	5.14.21-150400.24.173.1	Mar 14, 2025	In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the ex
CVE-2022-49138		—	< 5.14.21-150400.24.173.1	5.14.21-150400.24.173.1	Feb 26, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Ignore multiple conn complete events When one of the three connection complete events is received multiple times for the same handle, the device is registered multiple times which leads to
CVE-2024-57947		—	< 5.14.21-150400.24.173.1	5.14.21-150400.24.173.1	Jan 23, 2025	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea
CVE-2023-52923		—	< 5.14.21-150400.24.173.1	5.14.21-150400.24.173.1	Jan 20, 2025	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage colle
CVE-2024-53177		—	< 5.14.21-150400.24.176.1	5.14.21-150400.24.176.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to open_cached_dir error paths If open_cached_dir() encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in
CVE-2024-53164		—	< 5.14.21-150400.24.173.1	5.14.21-150400.24.173.1	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when t
CVE-2024-42265	Med	5.5	< 5.14.21-150400.24.173.1	5.14.21-150400.24.173.1	Aug 17, 2024	In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec
CVE-2024-26643	Med	5.5	< 5.14.21-150400.24.173.1	5.14.21-150400.24.173.1	Mar 21, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it
CVE-2024-26584		—	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Feb 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
CVE-2024-26583		—	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Feb 21, 2024	In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch
CVE-2023-39197		—	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Jan 23, 2024	An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
CVE-2022-2602		—	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Jan 8, 2024	io_uring UAF, Unix SCM garbage collection
CVE-2023-42753		—	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Sep 25, 2023	An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
CVE-2023-3772		—	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Jul 25, 2023	A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s
CVE-2023-31248		—	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Jul 5, 2023	Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
CVE-2023-28328		—	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Apr 19, 2023	A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially caus
CVE-2023-1380		—	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Mar 27, 2023	A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading t
CVE-2022-43945	Hig	7.5	< 5.14.21-150400.24.179.1	5.14.21-150400.24.179.1	Nov 4, 2022	The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c

CVE-2025-21971Apr 1, 2025
affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination condition when traversing up the qdisc tree to update parent backlog counters. Howe
CVE-2025-21881Mar 27, 2025
affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: uprobes: Reject the shared zeropage in uprobe_write_opcode() We triggered the following crash in syzkaller tests: BUG: Bad page state in process syz.7.38 pfn:1eff3 page: refcount:0 mapcount:0 mapping:0000
CVE-2023-52927HigMar 14, 2025
affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the ex
CVE-2022-49138Feb 26, 2025
affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Ignore multiple conn complete events When one of the three connection complete events is received multiple times for the same handle, the device is registered multiple times which leads to
CVE-2024-57947Jan 23, 2025
affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map sea
CVE-2023-52923Jan 20, 2025
affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage colle
CVE-2024-53177Dec 27, 2024
affected < 5.14.21-150400.24.176.1fixed 5.14.21-150400.24.176.1
In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to open_cached_dir error paths If open_cached_dir() encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in
CVE-2024-53164Dec 27, 2024
affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when t
CVE-2024-42265MedAug 17, 2024
affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec
CVE-2024-26643MedMar 21, 2024
affected < 5.14.21-150400.24.173.1fixed 5.14.21-150400.24.173.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it
CVE-2024-26584Feb 21, 2024
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
CVE-2024-26583Feb 21, 2024
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch
CVE-2023-39197Jan 23, 2024
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
CVE-2022-2602Jan 8, 2024
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
io_uring UAF, Unix SCM garbage collection
CVE-2023-42753Sep 25, 2023
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
CVE-2023-3772Jul 25, 2023
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s
CVE-2023-31248Jul 5, 2023
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
CVE-2023-28328Apr 19, 2023
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially caus
CVE-2023-1380Mar 27, 2023
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading t
CVE-2022-43945HigNov 4, 2022
affected < 5.14.21-150400.24.179.1fixed 5.14.21-150400.24.179.1
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client c

Page 27 of 28