rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.1
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1
Vulnerabilities (1,237)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-35895 | Med | 5.5 | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be in | |
| CVE-2024-35914 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no common ancestor") added an error bail out path. However this path does not drop th | ||
| CVE-2024-35878 | — | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which would cause a kernel oops in vsnprintf() since it only allows passing a NULL ptr | ||
| CVE-2024-35864 | — | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35863 | — | < 5.3.18-150300.202.1 | 5.3.18-150300.202.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35862 | — | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35861 | — | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2023-52686 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. | ||
| CVE-2024-35811 | Med | 5.5 | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following | |
| CVE-2024-35789 | Hig | 7.8 | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can c | |
| CVE-2024-27413 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeof(void) on 32-bit architectures is not enough for a 64-bit phys_addr_t: drivers/firmware/efi/capsule-loader.c: In | ||
| CVE-2024-27397 | Hig | 7.0 | < 5.3.18-150300.214.1 | 5.3.18-150300.214.1 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate | |
| CVE-2024-27398 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection | ||
| CVE-2023-52655 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeof(u64) the value passed to skb_trim() as length will wrap around ending up as some very large value. T | ||
| CVE-2023-52654 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn't work exactly right and races with unix_stream_read_gener | ||
| CVE-2022-48704 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not b | ||
| CVE-2022-48695 | — | < 5.3.18-150300.169.1 | 5.3.18-150300.169.1 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c | ||
| CVE-2022-48702 | — | < 5.3.18-150300.169.1 | 5.3.18-150300.169.1 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_a | ||
| CVE-2022-48701 | — | < 5.3.18-150300.169.1 | 5.3.18-150300.169.1 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-boun | ||
| CVE-2022-48693 | — | < 5.3.18-150300.169.1 | 5.3.18-150300.169.1 | May 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs In brcmstb_pm_probe(), there are two kinds of leak bugs: (1) we need to add of_node_put() when for_each__matching_node() breaks (2) we need to add |
- affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be in
- CVE-2024-35914May 19, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no common ancestor") added an error bail out path. However this path does not drop th
- CVE-2024-35878May 19, 2024affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which would cause a kernel oops in vsnprintf() since it only allows passing a NULL ptr
- CVE-2024-35864May 19, 2024affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35863May 19, 2024affected < 5.3.18-150300.202.1fixed 5.3.18-150300.202.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35862May 19, 2024affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35861May 19, 2024affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2023-52686May 17, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
- affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following
- affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can c
- CVE-2024-27413May 17, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeof(void) on 32-bit architectures is not enough for a 64-bit phys_addr_t: drivers/firmware/efi/capsule-loader.c: In
- affected < 5.3.18-150300.214.1fixed 5.3.18-150300.214.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate
- CVE-2024-27398May 13, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge whether the sco disconnection
- CVE-2023-52655May 13, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeof(u64) the value passed to skb_trim() as length will wrap around ending up as some very large value. T
- CVE-2023-52654May 9, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn't work exactly right and races with unix_stream_read_gener
- CVE-2022-48704May 3, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lockup work queue may not b
- CVE-2022-48695May 3, 2024affected < 5.3.18-150300.169.1fixed 5.3.18-150300.169.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcount_t: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c
- CVE-2022-48702May 3, 2024affected < 5.3.18-150300.169.1fixed 5.3.18-150300.169.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_a
- CVE-2022-48701May 3, 2024affected < 5.3.18-150300.169.1fixed 5.3.18-150300.169.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-boun
- CVE-2022-48693May 3, 2024affected < 5.3.18-150300.169.1fixed 5.3.18-150300.169.1
In the Linux kernel, the following vulnerability has been resolved: soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs In brcmstb_pm_probe(), there are two kinds of leak bugs: (1) we need to add of_node_put() when for_each__matching_node() breaks (2) we need to add
Page 46 of 62