rpm package
suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (4,559)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26937 | Med | 5.5 | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request t | |
| CVE-2024-26935 | Med | 5.5 | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a | |
| CVE-2024-26934 | Hig | 7.8 | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interface_authorized_store() function is the only one which acquires a device l | |
| CVE-2024-27019 | — | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in _ | ||
| CVE-2024-27016 | — | < 5.14.21-150500.13.67.3 | 5.14.21-150500.13.67.3 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Validate it once before the flowtable lookup, then use a helper function to access p | ||
| CVE-2024-27015 | — | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mism | ||
| CVE-2024-27014 | — | < 5.14.21-150500.13.52.1 | 5.14.21-150500.13.52.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end if | ||
| CVE-2024-27011 | — | < 5.14.21-150500.13.67.3 | 5.14.21-150500.13.67.3 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abor | ||
| CVE-2024-27010 | — | < 5.14.21-150500.13.67.3 | 5.14.21-150500.13.67.3 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [..... | ||
| CVE-2024-27008 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or) | ||
| CVE-2024-27001 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking implemented, some things can fall through the cracks. Depending on the hardware model, URBs can have either bulk or in | ||
| CVE-2024-27000 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the B | ||
| CVE-2024-26999 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial/pmac_zilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but it turns out that you get a crash anyway if you're | ||
| CVE-2024-26997 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow. | ||
| CVE-2024-26996 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, eth_stop() is called. At this piont, accidentally if usb t | ||
| CVE-2024-26994 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crash on very long word In case a console is set up really large and contains a really long word (> 256 characters), we have to stop before the length of the word buffer. | ||
| CVE-2024-26989 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save() On arm64 machines, swsusp_save() faults if it attempts to access MEMBLOCK_NOMAP memory ranges. This can be reproduced in QEMU using UEFI when boot | ||
| CVE-2024-26984 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, ad | ||
| CVE-2024-26981 | — | < 5.14.21-150500.13.52.1 | 5.14.21-150500.13.52.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix OOB in nilfs_set_de_type The size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is defined as "S_IFMT >> S_SHIFT", but the nilfs_set_de_type() function, which uses this array, specifie | ||
| CVE-2024-26977 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: pci_iounmap(): Fix MMIO mapping leak The #ifdef ARCH_HAS_GENERIC_IOPORT_MAP accidentally also guards iounmap(), which means MMIO mappings are leaked. Move the guard so we call iounmap() for MMIO mappings. |
- affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request t
- affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a
- affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interface_authorized_store() function is the only one which acquires a device l
- CVE-2024-27019May 1, 2024affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in _
- CVE-2024-27016May 1, 2024affected < 5.14.21-150500.13.67.3fixed 5.14.21-150500.13.67.3
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Validate it once before the flowtable lookup, then use a helper function to access p
- CVE-2024-27015May 1, 2024affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mism
- CVE-2024-27014May 1, 2024affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end if
- CVE-2024-27011May 1, 2024affected < 5.14.21-150500.13.67.3fixed 5.14.21-150500.13.67.3
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abor
- CVE-2024-27010May 1, 2024affected < 5.14.21-150500.13.67.3fixed 5.14.21-150500.13.67.3
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [.....
- CVE-2024-27008May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or)
- CVE-2024-27001May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking implemented, some things can fall through the cracks. Depending on the hardware model, URBs can have either bulk or in
- CVE-2024-27000May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the B
- CVE-2024-26999May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: serial/pmac_zilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but it turns out that you get a crash anyway if you're
- CVE-2024-26997May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow.
- CVE-2024-26996May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, eth_stop() is called. At this piont, accidentally if usb t
- CVE-2024-26994May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crash on very long word In case a console is set up really large and contains a really long word (> 256 characters), we have to stop before the length of the word buffer.
- CVE-2024-26989May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save() On arm64 machines, swsusp_save() faults if it attempts to access MEMBLOCK_NOMAP memory ranges. This can be reproduced in QEMU using UEFI when boot
- CVE-2024-26984May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, ad
- CVE-2024-26981May 1, 2024affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix OOB in nilfs_set_de_type The size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is defined as "S_IFMT >> S_SHIFT", but the nilfs_set_de_type() function, which uses this array, specifie
- CVE-2024-26977May 1, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: pci_iounmap(): Fix MMIO mapping leak The #ifdef ARCH_HAS_GENERIC_IOPORT_MAP accidentally also guards iounmap(), which means MMIO mappings are leaked. Move the guard so we call iounmap() for MMIO mappings.
Page 201 of 228