suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5

Vulnerabilities (4,559)

• CVE-2024-53127Dec 4, 2024
  affected < 5.14.21-150500.13.85.1fixed 5.14.21-150500.13.85.1

  In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf ("mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K") increased the max_req_size, even for 4K pages, causing

• CVE-2024-53125Dec 4, 2024
  affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: sync_linked_regs() must preserve subreg_def Range propagation must not affect subreg_def marks, otherwise the following example is rewritten by verifier incorrectly when BPF_F_TEST_RND_HI32 flag is set:

• CVE-2024-53124MedDec 2, 2024
  affected < 5.14.21-150500.13.91.1fixed 5.14.21-150500.13.91.1

  In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules

• CVE-2024-53122Dec 2, 2024
  affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1

  In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing rec

• CVE-2024-53121Dec 2, 2024
  affected < 5.14.21-150500.13.85.1fixed 5.14.21-150500.13.85.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and

• CVE-2024-53120Dec 2, 2024
  affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add() callback returns error, zone_rule->attr is used uninitiated. Fix it to use attr which h

• CVE-2024-53119Dec 2, 2024
  affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1

  In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix accept_queue memory leak As the final stages of socket destruction may be delayed, it is possible that virtio_transport_recv_listen() will be called after the accept_queue has been flushed, bu

• CVE-2024-53114Dec 2, 2024
  affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1

  In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is reported to be a cause of a rando

• CVE-2024-53113Dec 2, 2024
  affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1

  In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof We triggered a NULL pointer dereference for ac.preferred_zoneref->zone in alloc_pages_bulk_noprof() when the task is migrated between cpusets. When c

• CVE-2024-53112Dec 2, 2024
  affected < 5.14.21-150500.13.85.1fixed 5.14.21-150500.13.85.1

  In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_tra

• CVE-2024-53110Dec 2, 2024
  affected < 5.14.21-150500.13.79.1fixed 5.14.21-150500.13.79.1

  In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmtdev_get_classes() may iterate multiple times and visit undefined memory.

• CVE-2024-53104KEVDec 2, 2024
  affected < 5.14.21-150500.13.79.1fixed 5.14.21-150500.13.79.1

  In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

• CVE-2024-53103Dec 2, 2024
  affected < 5.14.21-150500.13.85.1fixed 5.14.21-150500.13.85.1

  In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This i

• CVE-2023-52922Nov 28, 2024
  affected < 5.14.21-150500.13.79.1fixed 5.14.21-150500.13.79.1

  In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153

• CVE-2024-53101MedNov 25, 2024
  affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1

  In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initiali

• CVE-2024-8805Nov 22, 2024
  affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1

  BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific

• CVE-2024-53095Nov 21, 2024
  affected < 5.14.21-150500.13.85.1fixed 5.14.21-150500.13.85.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. [0] The workload runs on Kubernetes, and some pods mount CIFS s

• CVE-2024-53093Nov 21, 2024
  affected < 5.14.21-150500.13.106.1fixed 5.14.21-150500.13.106.1

  In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work context. If a path error occurs here, the IO will wait until a path becomes availa

• CVE-2024-53090Nov 21, 2024
  affected < 5.14.21-150500.13.82.1fixed 5.14.21-150500.13.82.1

  In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst holding the ->notify_lock, but it tries to take a ref on the afs_call struct in

• CVE-2024-53059HigNov 19, 2024
  affected < 5.14.21-150500.13.79.1fixed 5.14.21-150500.13.79.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() 1. The size of the response packet is not validated. 2. The response buffer is not freed. Resolve these issues by switching to iwl_mvm_s