suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5

Vulnerabilities (4,559)

• CVE-2021-47584Jun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: iocost: Fix divide-by-zero on donation from low hweight cgroup The donation calculation logic assumes that the donor has non-zero after-donation hweight, so the lowest active hweight a donating cgroup can have

• CVE-2021-47583Jun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutex_init() location Syzbot reported, that mxl111sf_ctrl_msg() uses uninitialized mutex. The problem was in wrong mutex_init() location. Previous mutex_init(&state->msg_lock) call was

• CVE-2021-47582Jun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: USB: core: Make do_proc_control() and do_proc_bulk() killable The USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke usb_start_wait_urb(), which contains an uninterruptible wait with a user-specified timeout valu

• CVE-2021-47580Jun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger va

• CVE-2021-47578Jun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Don't call kcalloc() if size arg is zero If the size arg to kcalloc() is zero, it returns ZERO_SIZE_PTR. Because of that, for a following NULL pointer check to work on the returned pointer, k

• CVE-2021-47577Jun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: io-wq: check for wq exit after adding new worker task_work We check IO_WQ_BIT_EXIT before attempting to create a new worker, and wq exit cancels pending work if we have any. But it's possible to have a race bet

• CVE-2021-47576Jun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() In resp_mode_select() sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40

• CVE-2024-38615MedJun 19, 2024
  affected < 5.14.21-150500.13.79.1fixed 5.14.21-150500.13.79.1

  In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional The exit() callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn't pre

• CVE-2024-38599HigJun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the x

• CVE-2024-38598MedJun 19, 2024
  affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

  In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU

• CVE-2024-38596MedJun 19, 2024
  affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1

  In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. In one data path, the write function unix_release_sock() atomically writes to sk->sk_shutdo

• CVE-2024-38589MedJun 19, 2024
  affected < 5.14.21-150500.13.79.1fixed 5.14.21-150500.13.79.1

  In the Linux kernel, the following vulnerability has been resolved: netrom: fix possible dead-lock in nr_rt_ioctl() syzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1] Make sure we always acquire nr_node_list_lock before nr_node_lock(nr_node) [1] WARNING: po

• CVE-2024-38587MedJun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof() vs ARRAY_SIZE() bug The "buf" pointer is an array of u16 values. This code should be using ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512), otherwise it can the still got o

• CVE-2024-38579MedJun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key

• CVE-2024-38578HigJun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for t

• CVE-2024-38567MedJun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a sp

• CVE-2024-38565MedJun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: enable proper endpoint verification Syzkaller reports [1] hitting a warning about an endpoint in use not having an expected type to it. Fix the issue by checking for the existence of all proper e

• CVE-2024-38560HigJun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that

• CVE-2024-38559MedJun 19, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure t

• CVE-2024-38558MedJun 19, 2024
  affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

  In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. - OVS_PACKET_ATTR_PACKET - Binary pack