rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (1,394)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47001 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd (and thus enabling more RPC Calls to be sent) /before/ rpcrdma_post_recvs() can post enough Receive WRs to receive the | ||
| CVE-2021-47000 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode leak on getattr error in __fh_to_dentry | ||
| CVE-2021-46998 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit In enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside enic_queue_wq_skb, if some error happens, the skb will be freed by dev_kfree_skb(skb | ||
| CVE-2021-46992 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid overflows in nft_hash_buckets() Number of buckets being stored in 32bit variables, we have to ensure that no overflows occur in nft_hash_buckets() syzbot injected a size == 0x4000000 | ||
| CVE-2021-46991 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix use-after-free in i40e_client_subtask() Currently the call to i40e_client_del_instance frees the object pf->cinst, however pf->cinst->lan_info is being accessed after the free. Fix this by adding the | ||
| CVE-2021-46990 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix crashes when toggling entry flush barrier The entry flush mitigation can be enabled/disabled at runtime via a debugfs file (entry_flush), which causes the kernel to patch itself to enable/disab | ||
| CVE-2021-46989 | — | < 5.3.18-150300.161.1 | 5.3.18-150300.161.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevent corruption in shrinking truncate I believe there are some issues introduced by commit 31651c607151 ("hfsplus: avoid deadlock on file truncation") HFS+ has extent records which always contains | ||
| CVE-2021-46988 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUG_ON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmem_mfill_atomic_pte(). We successfully acco | ||
| CVE-2021-46984 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets the ctx and hctx for the current CPU and passes the hctx to ->bio_merge(). kyber_bio_merge() then gets the ctx for the current CPU | ||
| CVE-2021-46983 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry counter exceeded error is received. This leads to nvmet_rdma_error_comp which tri | ||
| CVE-2021-46981 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flush_workqueue Open /dev/nbdX first, the config_refs will be 1 and the pointers in nbd_device are still null. Disconnect /dev/nbdX, then reference a null recv_workq. The protection by | ||
| CVE-2021-46980 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 commit 4dbc6a4ef06d ("usb: typec: ucsi: save power data objects in PD mode") introduced retrieval of the PDOs when connected to a PD-capable s | ||
| CVE-2021-46976 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix crash in auto_retire The retire logic uses the 2 lower bits of the pointer to the retire function to store flags. However, the auto_retire function is not guaranteed to be aligned to a multiple of | ||
| CVE-2020-36784 | — | < 5.3.18-150300.161.1 | 5.3.18-150300.161.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions cdns_i2c_master_xfer and cdns_reg_slave. However, pm_runtime_get_ | ||
| CVE-2020-36783 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions img_i2c_xfer and img_i2c_init. However, pm_runtime_get_sync will | ||
| CVE-2020-36782 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in lpi2c_imx_master_enable. However, pm_runtime_get_sync will increment the | ||
| CVE-2020-36781 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix reference leak when pm_runtime_get_sync fails In i2c_imx_xfer() and i2c_imx_remove(), the pm reference count is not expected to be incremented on return. However, pm_runtime_get_sync will increme | ||
| CVE-2020-36780 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in sprd_i2c_master_xfer() and sprd_i2c_remove(). However, pm_runtime_get_sync wil | ||
| CVE-2021-46974 | — | < 5.3.18-150300.161.1 | 5.3.18-150300.161.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the off_reg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vi | ||
| CVE-2021-46971 | — | < 5.3.18-150300.166.1 | 5.3.18-150300.166.1 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional security_locked_down() call Currently, the lockdown state is queried unconditionally, even though its result is used only if the PERF_SAMPLE_REGS_INTR bit is set in attr.sample_type |
- CVE-2021-47001Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd (and thus enabling more RPC Calls to be sent) /before/ rpcrdma_post_recvs() can post enough Receive WRs to receive the
- CVE-2021-47000Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode leak on getattr error in __fh_to_dentry
- CVE-2021-46998Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit In enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside enic_queue_wq_skb, if some error happens, the skb will be freed by dev_kfree_skb(skb
- CVE-2021-46992Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid overflows in nft_hash_buckets() Number of buckets being stored in 32bit variables, we have to ensure that no overflows occur in nft_hash_buckets() syzbot injected a size == 0x4000000
- CVE-2021-46991Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix use-after-free in i40e_client_subtask() Currently the call to i40e_client_del_instance frees the object pf->cinst, however pf->cinst->lan_info is being accessed after the free. Fix this by adding the
- CVE-2021-46990Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix crashes when toggling entry flush barrier The entry flush mitigation can be enabled/disabled at runtime via a debugfs file (entry_flush), which causes the kernel to patch itself to enable/disab
- CVE-2021-46989Feb 28, 2024affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1
In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevent corruption in shrinking truncate I believe there are some issues introduced by commit 31651c607151 ("hfsplus: avoid deadlock on file truncation") HFS+ has extent records which always contains
- CVE-2021-46988Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUG_ON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmem_mfill_atomic_pte(). We successfully acco
- CVE-2021-46984Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets the ctx and hctx for the current CPU and passes the hctx to ->bio_merge(). kyber_bio_merge() then gets the ctx for the current CPU
- CVE-2021-46983Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry counter exceeded error is received. This leads to nvmet_rdma_error_comp which tri
- CVE-2021-46981Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flush_workqueue Open /dev/nbdX first, the config_refs will be 1 and the pointers in nbd_device are still null. Disconnect /dev/nbdX, then reference a null recv_workq. The protection by
- CVE-2021-46980Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 commit 4dbc6a4ef06d ("usb: typec: ucsi: save power data objects in PD mode") introduced retrieval of the PDOs when connected to a PD-capable s
- CVE-2021-46976Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix crash in auto_retire The retire logic uses the 2 lower bits of the pointer to the retire function to store flags. However, the auto_retire function is not guaranteed to be aligned to a multiple of
- CVE-2020-36784Feb 28, 2024affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1
In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions cdns_i2c_master_xfer and cdns_reg_slave. However, pm_runtime_get_
- CVE-2020-36783Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions img_i2c_xfer and img_i2c_init. However, pm_runtime_get_sync will
- CVE-2020-36782Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in lpi2c_imx_master_enable. However, pm_runtime_get_sync will increment the
- CVE-2020-36781Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix reference leak when pm_runtime_get_sync fails In i2c_imx_xfer() and i2c_imx_remove(), the pm reference count is not expected to be incremented on return. However, pm_runtime_get_sync will increme
- CVE-2020-36780Feb 28, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in sprd_i2c_master_xfer() and sprd_i2c_remove(). However, pm_runtime_get_sync wil
- CVE-2021-46974Feb 27, 2024affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the off_reg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vi
- CVE-2021-46971Feb 27, 2024affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional security_locked_down() call Currently, the lockdown state is queried unconditionally, even though its result is used only if the PERF_SAMPLE_REGS_INTR bit is set in attr.sample_type
Page 63 of 70