suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5

Vulnerabilities (4,559)

• CVE-2024-27043May 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio

• CVE-2024-27041May 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix NULL checks for adev->dm.dc in amdgpu_dm_fini() Since 'adev->dm.dc' in amdgpu_dm_fini() might turn out to be NULL before the call to dc_enable_dmub_notifications(), check beforehand to ensu

• CVE-2024-27039May 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: clk: hisilicon: hi3559a: Fix an erroneous devm_kfree() 'p_clk' is an array allocated just before the for loop for all clk that need to be registered. It is incremented at each loop iteration. If a clk_register

• CVE-2024-27037May 1, 2024
  affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

  In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc() in zynq_clk_setup() will return null if the physical memory has run out. As a result, if we use snprintf() to write data to th

• CVE-2024-27030May 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two C

• CVE-2024-27028May 1, 2024
  affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

  In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spi_transfer can be a NULL pointer, so the interrupt handler may end up writing to the invalid memory and cause crashes. Add a che

• CVE-2023-52650May 1, 2024
  affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

  In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for of_find_device_by_node Add check for the return value of of_find_device_by_node() and return the error if it fails in order to avoid NULL pointer dereference.

• CVE-2024-27020HigMay 1, 2024
  affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

  In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions li

• CVE-2024-27013MedMay 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. Whe

• CVE-2024-27004MedMay 1, 2024
  affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

  In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disable_unused Doug reported [1] the following hung task: INFO: task swapper/0:1 blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40e

• CVE-2024-26993MedMay 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfs_break_active_protection() The sysfs_break_active_protection() routine has an obvious reference leak in its error path. If the call to kernfs_find_and_get() fails then kn

• CVE-2024-26988HigMay 1, 2024
  affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

  In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fix potential static_command_line memory overflow We allocate memory of size 'xlen + strlen(boot_command_line) + 1' for static_command_line, but the strings copied into static_command_line are extr

• CVE-2024-26982HigMay 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fill_meta_index(). That out of bounds access is ultimately caused because the inode has an in

• CVE-2024-26974HigMay 1, 2024
  affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

  In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery During the PCI AER system's error recovery process, the kernel driver may encounter a race condition with freeing the reset_data structure's memory. If t

• CVE-2024-26973MedMay 1, 2024
  affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

  In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must

• CVE-2024-26961HigMay 1, 2024
  affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

  In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154_llsec_key_del mac802154_llsec_key_del() can free resources of a key directly without following the RCU rules for waiting before the end of a grace period.

• CVE-2024-26960MedMay 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previously a theoretical window where swapoff() could run and teardown a swap_info_struct while a call to free_swap_and_cache() was runni

• CVE-2024-26958HigMay 1, 2024
  affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

  In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at

• CVE-2024-26951HigMay 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list wit

• CVE-2024-26950MedMay 1, 2024
  affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

  In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer->device being dereferenced. It's actually easier and faster performance-wise to instead get