rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,559)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-27053 | Cri | 9.1 | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage | |
| CVE-2024-27052 | Hig | 7.4 | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop(). | |
| CVE-2024-27047 | Med | 5.5 | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phy_get_internal_delay accessing an empty array The phy_get_internal_delay function could try to access to an empty array in the case that the driver is calling phy_get_internal_delay without defi | |
| CVE-2024-27038 | Med | 5.5 | < 5.14.21-150500.13.52.1 | 5.14.21-150500.13.52.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_core_get NULL dereference It is possible for clk_core_get to dereference a NULL in the following sequence: clk_core_get() of_clk_get_hw_from_clkspec() __of_clk_get_hw_from_provider() | |
| CVE-2024-27025 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code. | |
| CVE-2024-27024 | Hig | 7.8 | < 5.14.21-150500.13.67.3 | 5.14.21-150500.13.67.3 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection after get_mr(). | |
| CVE-2024-27388 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths. | ||
| CVE-2024-27079 | — | < 5.14.21-150500.13.67.3 | 5.14.21-150500.13.67.3 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is calle | ||
| CVE-2024-27075 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch worked around a KASAN issue in stv0367, now a similar problem showed up with clang: drivers/media/dvb-frontends/stv0367.c:1222:12 | ||
| CVE-2024-27074 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder In go7007_load_encoder, bounce(i.e. go->boot_fw), is allocated without a deallocation thereafter. After the following call chain: saa7134_go7007_init |-> g | ||
| CVE-2024-27073 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budget_av_attach When saa7146_register_device and saa7146_vv_init fails, budget_av_attach should free the resources it allocates, like the error-handling of ttpci_budget_init d | ||
| CVE-2023-52653 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error | ||
| CVE-2023-52652 | — | < 5.14.21-150500.13.52.1 | 5.14.21-150500.13.52.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: NTB: fix possible name leak in ntb_register_device() If device_register() fails in ntb_register_device(), the device name allocated by dev_set_name() should be freed. As per the comment in device_register(), ca | ||
| CVE-2022-48669 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix potential memleak in papr_get_attr() `buf` is allocated in papr_get_attr(), and krealloc() of `buf` could fail. We need to free the original `buf` in the case of failure. | ||
| CVE-2024-27062 | — | < 5.14.21-150500.13.52.1 | 5.14.21-150500.13.52.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 | ||
| CVE-2024-27056 | — | < 5.14.21-150500.13.52.1 | 5.14.21-150500.13.52.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may | ||
| CVE-2024-27054 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix double module refcount decrement Once the discipline is associated with the device, deleting the device takes care of decrementing the module's refcount. Doing it manually on this error path cau | ||
| CVE-2024-27051 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return 0 in case of error. Found by Linux Verification Center | ||
| CVE-2024-27046 | — | < 5.14.21-150500.13.52.1 | 5.14.21-150500.13.52.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical memory has run out. As a result, if we dereference the acti_netdevs, the null po | ||
| CVE-2024-27045 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' Tell snprintf() to store at most 10 bytes in the output buffer instead of 30. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display |
- affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage
- affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop().
- affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phy_get_internal_delay accessing an empty array The phy_get_internal_delay function could try to access to an empty array in the case that the driver is calling phy_get_internal_delay without defi
- affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1
In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_core_get NULL dereference It is possible for clk_core_get to dereference a NULL in the following sequence: clk_core_get() of_clk_get_hw_from_clkspec() __of_clk_get_hw_from_provider()
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code.
- affected < 5.14.21-150500.13.67.3fixed 5.14.21-150500.13.67.3
In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection after get_mr().
- CVE-2024-27388May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths.
- CVE-2024-27079May 1, 2024affected < 5.14.21-150500.13.67.3fixed 5.14.21-150500.13.67.3
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is calle
- CVE-2024-27075May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch worked around a KASAN issue in stv0367, now a similar problem showed up with clang: drivers/media/dvb-frontends/stv0367.c:1222:12
- CVE-2024-27074May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder In go7007_load_encoder, bounce(i.e. go->boot_fw), is allocated without a deallocation thereafter. After the following call chain: saa7134_go7007_init |-> g
- CVE-2024-27073May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budget_av_attach When saa7146_register_device and saa7146_vv_init fails, budget_av_attach should free the resources it allocates, like the error-handling of ttpci_budget_init d
- CVE-2023-52653May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error
- CVE-2023-52652May 1, 2024affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1
In the Linux kernel, the following vulnerability has been resolved: NTB: fix possible name leak in ntb_register_device() If device_register() fails in ntb_register_device(), the device name allocated by dev_set_name() should be freed. As per the comment in device_register(), ca
- CVE-2022-48669May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix potential memleak in papr_get_attr() `buf` is allocated in papr_get_attr(), and krealloc() of `buf` could fail. We need to free the original `buf` in the case of failure.
- CVE-2024-27062May 1, 2024affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1
In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306
- CVE-2024-27056May 1, 2024affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may
- CVE-2024-27054May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix double module refcount decrement Once the discipline is associated with the device, deleting the device takes care of decrementing the module's refcount. Doing it manually on this error path cau
- CVE-2024-27051May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return 0 in case of error. Found by Linux Verification Center
- CVE-2024-27046May 1, 2024affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical memory has run out. As a result, if we dereference the acti_netdevs, the null po
- CVE-2024-27045May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' Tell snprintf() to store at most 10 bytes in the output buffer instead of 30. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display
Page 199 of 228