VYPR

rpm package

suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.2

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Vulnerabilities (1,394)

  • CVE-2023-52475Feb 29, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete syzbot has found a use-after-free bug [1] in the powermate driver. This happens when the device is disconnected, which leads to a memory free f

  • CVE-2021-47051Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware() pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. Fix

  • CVE-2021-47049Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Use after free in __vmbus_open() The "open_info" variable is added to the &vmbus_connection.chn_msg_list, but the error handling frees "open_info" without removing it from the list. This wi

  • CVE-2021-47046Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix off by one in hdmi_14_process_transaction() The hdcp_i2c_offsets[] array did not have an entry for HDCP_MESSAGE_ID_WRITE_CONTENT_STREAM_TYPE so it led to an off by one read overflow. I add

  • CVE-2021-47045Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb() It is possible to call lpfc_issue_els_plogi() passing a did for which no matching ndlp is found. A call is then made to lpfc_prep_els_iocb() with

  • CVE-2021-47044Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in load_balance() Syzbot reported a handful of occurrences where an sd->nr_balance_failed can grow to much higher values than one would expect. A successful load_balance() r

  • CVE-2021-47041Feb 28, 2024
    affected < 5.3.18-150300.169.1fixed 5.3.18-150300.169.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix incorrect locking in state_change sk callback We are not changing anything in the TCP connection state so we should not take a write_lock but rather a read lock. This caused a deadlock when runn

  • CVE-2021-47038Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hci_dev->lock and socket lock Commit eab2404ba798 ("Bluetooth: Add BT_PHY socket option") added a dependency between socket lock and hci_dev->lock that could lead to deadlock.

  • CVE-2021-47035Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove WO permissions on second-level paging entries When the first level page table is used for IOVA translation, it only supports Read-Only and Read-Write permissions. The Write-Only permission is

  • CVE-2021-47034Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radix__set_pte_at(

  • CVE-2021-47026Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: destroy sysfs after removing session from active list A session can be removed dynamically by sysfs interface "remove_path" that eventually calls rtrs_clt_remove_path_from_sysfs function. The cu

  • CVE-2021-47017Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix a use after free in ath10k_htc_send_bundle In ath10k_htc_send_bundle, the bundle_skb could be freed by dev_kfree_skb_any(bundle_skb). But the bundle_skb is used later by bundle_skb->len. As skb_len

  • CVE-2021-47015Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are

  • CVE-2021-47014Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using act_ct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-acc

  • CVE-2021-47013Feb 28, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In emac_mac_tx_buf_send, it calls emac_tx_fill_tpd(..,skb,..). If some error happens in emac_tx_fill_tpd(), the skb will be freed via dev_kfree_sk

  • CVE-2021-47012Feb 28, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix a use after free in siw_alloc_mr Our code analyzer reported a UAF. In siw_alloc_mr(), it calls siw_mr_add_mem(mr,..). In the implementation of siw_mr_add_mem(), mem is assigned to mr->mem and the

  • CVE-2021-47009Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak on object td Two error return paths are neglecting to free allocated object td, causing a memory leak. Fix this by returning via the error return path that securely kfree's td. F

  • CVE-2021-47006Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook The commit 1879445dfa7b ("perf/core: Set event's default ::overflow_handler()") set a default event->overflow_handler in perf_

  • CVE-2021-47005Feb 28, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix NULL pointer dereference for ->get_features() get_features ops of pci_epc_ops may return NULL, causing NULL pointer dereference in pci_epf_test_alloc_space function. Let us add a check for pc

  • CVE-2021-47003Feb 28, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix potential null dereference on pointer status There are calls to idxd_cmd_exec that pass a null status pointer however a recent commit has added an assignment to *status that can end up with

Page 62 of 70