rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (1,394)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47241 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ethtool: strset: fix message length calculation Outer nest for ETHTOOL_A_STRSET_STRINGSETS is not accounted for. This may result in ETHTOOL_MSG_STRSET_GET producing a warning like: calculated message paylo | ||
| CVE-2021-47240 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix OOB Read in qrtr_endpoint_post Syzbot reported slab-out-of-bounds Read in qrtr_endpoint_post. The problem was in wrong _size_ type: if (len != ALIGN(size, 4) + hdrlen) goto err; If size from | ||
| CVE-2021-47239 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind") fails to clean up the work scheduled in smsc75xx_reset-> smsc75xx_set_multicast, whi | ||
| CVE-2021-47237 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: hamradio: fix memory leak in mkiss_close My local syzbot instance hit memory leak in mkiss_open()[1]. The problem was in missing free_netdev() in mkiss_close(). In mkiss_open() netdevice is allocated and | ||
| CVE-2021-47236 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it | ||
| CVE-2021-47235 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ec_bhf_remove static void ec_bhf_remove(struct pci_dev *dev) { ... struct ec_bhf_priv *priv = netdev_priv(net_dev); unregister_netdev(net_dev); free_netdev(net | ||
| CVE-2021-47231 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: fix memory leak in mcba_usb Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS Analyzer Tool. The problem was in unfreed usb_coherent. In mcba_usb_start() 20 coherent buffers | ||
| CVE-2021-47230 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Immediately reset the MMU context when the SMM flag is cleared Immediately reset the MMU context when the vCPU's SMM flag is cleared so that the SMM flag in the MMU role is always synchronized with th | ||
| CVE-2021-47229 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIO_START register when previous transfer has not yet completed (which is indicated by value 1 in PIO | ||
| CVE-2021-47228 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. In order for this memory to not be re-used by the kernel after ExitBootServices(), | ||
| CVE-2021-47227 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Prevent state corruption in __fpu__restore_sig() The non-compacted slowpath uses __copy_from_user() and copies the entire user buffer into the kernel buffer, verbatim. This means that the kernel buffe | ||
| CVE-2024-35950 | Med | 5.5 | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo | |
| CVE-2024-35949 | — | < 5.3.18-150300.202.1 | 5.3.18-150300.202.1 | May 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if | ||
| CVE-2024-35895 | Med | 5.5 | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be in | |
| CVE-2024-35914 | — | < 5.3.18-150300.172.1 | 5.3.18-150300.172.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no common ancestor") added an error bail out path. However this path does not drop th | ||
| CVE-2024-35878 | — | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which would cause a kernel oops in vsnprintf() since it only allows passing a NULL ptr | ||
| CVE-2024-35864 | — | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35863 | — | < 5.3.18-150300.202.1 | 5.3.18-150300.202.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35862 | — | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. | ||
| CVE-2024-35861 | — | < 5.3.18-150300.175.1 | 5.3.18-150300.175.1 | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. |
- CVE-2021-47241May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: ethtool: strset: fix message length calculation Outer nest for ETHTOOL_A_STRSET_STRINGSETS is not accounted for. This may result in ETHTOOL_MSG_STRSET_GET producing a warning like: calculated message paylo
- CVE-2021-47240May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix OOB Read in qrtr_endpoint_post Syzbot reported slab-out-of-bounds Read in qrtr_endpoint_post. The problem was in wrong _size_ type: if (len != ALIGN(size, 4) + hdrlen) goto err; If size from
- CVE-2021-47239May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind") fails to clean up the work scheduled in smsc75xx_reset-> smsc75xx_set_multicast, whi
- CVE-2021-47237May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: net: hamradio: fix memory leak in mkiss_close My local syzbot instance hit memory leak in mkiss_open()[1]. The problem was in missing free_netdev() in mkiss_close(). In mkiss_open() netdevice is allocated and
- CVE-2021-47236May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it
- CVE-2021-47235May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ec_bhf_remove static void ec_bhf_remove(struct pci_dev *dev) { ... struct ec_bhf_priv *priv = netdev_priv(net_dev); unregister_netdev(net_dev); free_netdev(net
- CVE-2021-47231May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: fix memory leak in mcba_usb Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS Analyzer Tool. The problem was in unfreed usb_coherent. In mcba_usb_start() 20 coherent buffers
- CVE-2021-47230May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Immediately reset the MMU context when the SMM flag is cleared Immediately reset the MMU context when the vCPU's SMM flag is cleared so that the SMM flag in the MMU role is always synchronized with th
- CVE-2021-47229May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIO_START register when previous transfer has not yet completed (which is indicated by value 1 in PIO
- CVE-2021-47228May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. In order for this memory to not be re-used by the kernel after ExitBootServices(),
- CVE-2021-47227May 21, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Prevent state corruption in __fpu__restore_sig() The non-compacted slowpath uses __copy_from_user() and copies the entire user buffer into the kernel buffer, verbatim. This means that the kernel buffe
- affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend mo
- CVE-2024-35949May 20, 2024affected < 5.3.18-150300.202.1fixed 5.3.18-150300.202.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We previously would call btrfs_check_leaf() if we had the check integrity code enabled, which meant that we could only run the extended leaf checks if
- affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be in
- CVE-2024-35914May 19, 2024affected < 5.3.18-150300.172.1fixed 5.3.18-150300.172.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix error cleanup path in nfsd_rename() Commit a8b0026847b8 ("rename(): avoid a deadlock in the case of parents having no common ancestor") added an error bail out path. However this path does not drop th
- CVE-2024-35878May 19, 2024affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf() In of_modalias(), we can get passed the str and len parameters which would cause a kernel oops in vsnprintf() since it only allows passing a NULL ptr
- CVE-2024-35864May 19, 2024affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35863May 19, 2024affected < 5.3.18-150300.202.1fixed 5.3.18-150300.202.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35862May 19, 2024affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
- CVE-2024-35861May 19, 2024affected < 5.3.18-150300.175.1fixed 5.3.18-150300.175.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
Page 53 of 70