rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,559)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48715 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and r | ||
| CVE-2022-48714 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Use VM_MAP instead of VM_ALLOC for ringbuf After commit 2fd3fb0be1d1 ("kasan, vmalloc: unpoison VM_ALLOC pages after mapping"), non-VM_ALLOC mappings will be marked as accessible in __get_vm_area_node() wh | ||
| CVE-2022-48713 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf->single before calling pt_buffer_region_size in a place where a missing check can cause a kernel crash. Fixes a bug intr | ||
| CVE-2022-48712 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix error handling in ext4_fc_record_modified_inode() Current code does not fully takes care of krealloc() error case, which could lead to silent memory corruption or a kernel bug. This patch fixes that. | ||
| CVE-2022-48711 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of the network topology. T | ||
| CVE-2021-47620 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of while num_reports loop, and would fill journal with false positives. Added check to beginning of loop p | ||
| CVE-2021-47619 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking f | ||
| CVE-2021-47618 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, bef | ||
| CVE-2021-47617 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after | ||
| CVE-2024-38619 | Med | 5.5 | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alauda_info will remain 0 if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and a | |
| CVE-2021-47616 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxe_queue_cleanup On error handling path in rxe_qp_from_init() qp->sq.queue is freed and then rxe_create_qp() will drop last reference to this object. qp clean up function will try t | ||
| CVE-2021-47614 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of | ||
| CVE-2021-47612 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000 | ||
| CVE-2021-47611 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify that the extended element ID is present. | ||
| CVE-2021-47610 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null ptr access msm_ioctl_gem_submit() Fix the below null pointer dereference in msm_ioctl_gem_submit(): 26545.260705: Call trace: 26545.263223: kref_put+0x1c/0x60 26545.266452: msm_ioc | ||
| CVE-2021-47609 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tr | ||
| CVE-2021-47608 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic fetch The change in commit 37086bfdc737 ("bpf: Propagate stack bounds to registers in atomics w/ BPF_FETCH") around check_mem_access() handling is buggy since this woul | ||
| CVE-2021-47607 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val] | ||
| CVE-2021-47606 | — | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0 | ||
| CVE-2021-47605 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vduse_dev_ioctl() The "config.offset" comes from the user. There needs to a check to prevent it being out of bounds. The "config.offset" and "dev->config_size" variables are bo |
- CVE-2022-48715Jun 20, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and r
- CVE-2022-48714Jun 20, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Use VM_MAP instead of VM_ALLOC for ringbuf After commit 2fd3fb0be1d1 ("kasan, vmalloc: unpoison VM_ALLOC pages after mapping"), non-VM_ALLOC mappings will be marked as accessible in __get_vm_area_node() wh
- CVE-2022-48713Jun 20, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf->single before calling pt_buffer_region_size in a place where a missing check can cause a kernel crash. Fixes a bug intr
- CVE-2022-48712Jun 20, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix error handling in ext4_fc_record_modified_inode() Current code does not fully takes care of krealloc() error case, which could lead to silent memory corruption or a kernel bug. This patch fixes that.
- CVE-2022-48711Jun 20, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of the network topology. T
- CVE-2021-47620Jun 20, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of while num_reports loop, and would fill journal with false positives. Added check to beginning of loop p
- CVE-2021-47619Jun 20, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking f
- CVE-2021-47618Jun 20, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, bef
- CVE-2021-47617Jun 20, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after
- affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alauda_info will remain 0 if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and a
- CVE-2021-47616Jun 19, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxe_queue_cleanup On error handling path in rxe_qp_from_init() qp->sq.queue is freed and then rxe_create_qp() will drop last reference to this object. qp clean up function will try t
- CVE-2021-47614Jun 19, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in add_pble_prm When irdma_hmc_sd_one fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of
- CVE-2021-47612Jun 19, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000
- CVE-2021-47611Jun 19, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify that the extended element ID is present.
- CVE-2021-47610Jun 19, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null ptr access msm_ioctl_gem_submit() Fix the below null pointer dereference in msm_ioctl_gem_submit(): 26545.260705: Call trace: 26545.263223: kref_put+0x1c/0x60 26545.266452: msm_ioc
- CVE-2021-47609Jun 19, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tr
- CVE-2021-47608Jun 19, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic fetch The change in commit 37086bfdc737 ("bpf: Propagate stack bounds to registers in atomics w/ BPF_FETCH") around check_mem_access() handling is buggy since this woul
- CVE-2021-47607Jun 19, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg The implementation of BPF_CMPXCHG on a high level has the following parameters: .-[old-val] .-[new-val]
- CVE-2021-47606Jun 19, 2024affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0
- CVE-2021-47605Jun 19, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vduse_dev_ioctl() The "config.offset" comes from the user. There needs to a check to prevent it being out of bounds. The "config.offset" and "dev->config_size" variables are bo
Page 164 of 228