rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (1,394)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47498 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But blk-mq's unquiesce may come from outside events, such as elevator switch, updati | ||
| CVE-2021-47497 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells If a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic *p &= GENMASK((cell->nbits%BITS_PER_BYTE) - 1, 0); will become undefined behavi | ||
| CVE-2021-47496 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tls_err_abort() calls sk->sk_err appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory corruption in other code. For instance, | ||
| CVE-2021-47495 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket maxpacket of 0 makes no sense and oopses as we need to divide by it. Give up. V2: fixed typo in log and stylistic issues | ||
| CVE-2021-47494 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix management registrations locking The management registrations locking was broken, the list was locked for each wdev, but cfg80211_mgmt_registrations_update() iterated it without holding all the co | ||
| CVE-2021-47493 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix race between searching chunks and release journal_head from buffer_head Encountered a race between ocfs2_test_bg_bit_allocatable() and jbd2_journal_put_journal_head() resulting in the below vmcore. | ||
| CVE-2021-47485 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all t | ||
| CVE-2021-47483 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: regmap: Fix possible double-free in regcache_rbtree_exit() In regcache_rbtree_insert_to_block(), when 'present' realloc failed, the 'blk' which is supposed to assign to 'rbnode->block' will be freed, so 'rbnode | ||
| CVE-2021-47482 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was in wrong error handling in batadv_mesh_init(). Before this patch batadv_mesh_init() was calling bata | ||
| CVE-2021-47480 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to make sure that the low-level device driver module won't be unloaded before SC | ||
| CVE-2021-47478 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: isofs: Fix out of bound access for corrupted isofs image When isofs image is suitably corrupted isofs_read_inode() can read data beyond the end of buffer. Sanity-check the directory entry length before using it | ||
| CVE-2021-47473 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() Commit 8c0eb596baa5 ("[SCSI] qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()"), intended to change: bsg_j | ||
| CVE-2021-47468 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card->isac.release() function from an atomic context. Fix this by calling this function after releasing the lock. The followi | ||
| CVE-2021-47465 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() In commit 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") kvm_start_guest() became idle_kvm_start_guest(). The old code allocate | ||
| CVE-2021-47464 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: audit: fix possible null-pointer dereference in audit_filter_rules Fix possible null-pointer dereference in audit_filter_rules. audit_filter_rules() error: we previously assumed 'ctx' could be null | ||
| CVE-2021-47460 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 conversion from inline inode f | ||
| CVE-2021-47458 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an ocfs2 filesystem with either o2cb or pcmk cluster stack fails with the trace below. Probl | ||
| CVE-2021-47456 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module peek_pci, referencing 'chan' again after releasing 'dev' will cause UAF. Fix this by releasing 'dev' later. The following log reveals it: [ | ||
| CVE-2021-47451 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value Currently, when the rule related to IDLETIMER is added, idletimer_tg timer structure is initialized by kmalloc on executing idlet | ||
| CVE-2021-47445 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null pointer dereference on pointer edp The initialization of pointer dev dereferences pointer edp before edp is null checked, so there is a potential null pointer deference issue. Fix this by only |
- CVE-2021-47498May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But blk-mq's unquiesce may come from outside events, such as elevator switch, updati
- CVE-2021-47497May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells If a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic *p &= GENMASK((cell->nbits%BITS_PER_BYTE) - 1, 0); will become undefined behavi
- CVE-2021-47496May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tls_err_abort() calls sk->sk_err appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory corruption in other code. For instance,
- CVE-2021-47495May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket maxpacket of 0 makes no sense and oopses as we need to divide by it. Give up. V2: fixed typo in log and stylistic issues
- CVE-2021-47494May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix management registrations locking The management registrations locking was broken, the list was locked for each wdev, but cfg80211_mgmt_registrations_update() iterated it without holding all the co
- CVE-2021-47493May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix race between searching chunks and release journal_head from buffer_head Encountered a race between ocfs2_test_bg_bit_allocatable() and jbd2_journal_put_journal_head() resulting in the below vmcore.
- CVE-2021-47485May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all t
- CVE-2021-47483May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: regmap: Fix possible double-free in regcache_rbtree_exit() In regcache_rbtree_insert_to_block(), when 'present' realloc failed, the 'blk' which is supposed to assign to 'rbnode->block' will be freed, so 'rbnode
- CVE-2021-47482May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem was in wrong error handling in batadv_mesh_init(). Before this patch batadv_mesh_init() was calling bata
- CVE-2021-47480May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to make sure that the low-level device driver module won't be unloaded before SC
- CVE-2021-47478May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: isofs: Fix out of bound access for corrupted isofs image When isofs image is suitably corrupted isofs_read_inode() can read data beyond the end of buffer. Sanity-check the directory entry length before using it
- CVE-2021-47473May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() Commit 8c0eb596baa5 ("[SCSI] qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()"), intended to change: bsg_j
- CVE-2021-47468May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card->isac.release() function from an atomic context. Fix this by calling this function after releasing the lock. The followi
- CVE-2021-47465May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() In commit 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") kvm_start_guest() became idle_kvm_start_guest(). The old code allocate
- CVE-2021-47464May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: audit: fix possible null-pointer dereference in audit_filter_rules Fix possible null-pointer dereference in audit_filter_rules. audit_filter_rules() error: we previously assumed 'ctx' could be null
- CVE-2021-47460May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 conversion from inline inode f
- CVE-2021-47458May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an ocfs2 filesystem with either o2cb or pcmk cluster stack fails with the trace below. Probl
- CVE-2021-47456May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module peek_pci, referencing 'chan' again after releasing 'dev' will cause UAF. Fix this by releasing 'dev' later. The following log reveals it: [
- CVE-2021-47451May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value Currently, when the rule related to IDLETIMER is added, idletimer_tg timer structure is initialized by kmalloc on executing idlet
- CVE-2021-47445May 22, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null pointer dereference on pointer edp The initialization of pointer dev dereferences pointer edp before edp is null checked, so there is a potential null pointer deference issue. Fix this by only
Page 47 of 70