VYPR

rpm package

suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.2

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Vulnerabilities (1,394)

  • CVE-2021-46905Feb 25, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unco

  • CVE-2021-46904Feb 25, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the n

  • CVE-2023-52470Feb 25, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.

  • CVE-2023-52469Feb 25, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t

  • CVE-2024-26602Feb 24, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize

  • CVE-2024-26600Feb 24, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This can happen on an idle Et

  • CVE-2024-26595Feb 23, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer

  • CVE-2023-52463Feb 23, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as

  • CVE-2023-52454Feb 23, 2024
    affected < 5.3.18-150300.166.1fixed 5.3.18-150300.166.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel

  • CVE-2024-26593Feb 23, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to t

  • CVE-2023-52451Feb 22, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array dlpar_memory_remove_by_index() may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC inde

  • CVE-2023-52449Feb 22, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi->desc’ in gluebi_read

  • CVE-2023-52448Feb 22, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump Syzkaller has reported a NULL pointer dereference when accessing rgd->rd_rgl in gfs2_rgrp_dump(). This can happen when creating rgd->rd_gl fails in r

  • CVE-2023-52445Feb 22, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on t

  • CVE-2024-26589Feb 22, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So th

  • CVE-2024-26586Feb 22, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group contains a list of ACLs. In turn,

  • CVE-2023-52443Feb 22, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}" a string

  • CVE-2024-26585Feb 21, 2024
    affected < 5.3.18-150300.161.1fixed 5.3.18-150300.161.1

    In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling

  • CVE-2024-26584Feb 21, 2024
    affected < 5.3.18-150300.178.1fixed 5.3.18-150300.178.1

    In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES

  • CVE-2024-26583Feb 21, 2024
    affected < 5.3.18-150300.178.1fixed 5.3.18-150300.178.1

    In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one which called recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete() so any code past that point risks touch

Page 66 of 70