VYPR

rpm package

suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.1

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Vulnerabilities (1,237)

  • CVE-2021-47595Jun 19, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7

  • CVE-2021-47589Jun 19, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in `igbvf_probe` In `igbvf_probe`, if register_netdev() fails, the program will go to label err_hw_init, and then to label err_ioremap. In free_netdev() which is just below label err_iore

  • CVE-2021-47583Jun 19, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutex_init() location Syzbot reported, that mxl111sf_ctrl_msg() uses uninitialized mutex. The problem was in wrong mutex_init() location. Previous mutex_init(&state->msg_lock) call was

  • CVE-2021-47580Jun 19, 2024
    affected < 5.3.18-150300.178.1fixed 5.3.18-150300.178.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger va

  • CVE-2021-47576Jun 19, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() In resp_mode_select() sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40

  • CVE-2024-38560HigJun 19, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that

  • CVE-2024-38559MedJun 19, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure t

  • CVE-2024-38545Jun 19, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix UAF for cq async event The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF. Use the xa_loc

  • CVE-2024-38541Jun 19, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not

  • CVE-2024-36978HigJun 19, 2024
    affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1

    In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw

  • CVE-2024-36974HigJun 18, 2024
    affected < 5.3.18-150300.178.1fixed 5.3.18-150300.178.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the k

  • CVE-2024-36971KEVJun 10, 2024
    affected < 5.3.18-150300.191.1fixed 5.3.18-150300.191.1

    In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_ca

  • CVE-2024-36964Jun 3, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s

  • CVE-2024-36940HigMay 30, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freei

  • CVE-2024-36904HigMay 30, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat

  • CVE-2024-36894MedMay 30, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() callback to dequeue pending USB requests submitted to the UDC. There is a scenario

  • CVE-2023-52881May 29, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The

  • CVE-2023-52880May 24, 2024
    affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1

    In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADM

  • CVE-2021-47571May 24, 2024
    affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1

    In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that.

  • CVE-2021-47565May 24, 2024
    affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sas_target object is freed but its sdev object

Page 37 of 62