VYPR

rpm package

suse/kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.5

pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Vulnerabilities (4,559)

  • CVE-2024-26816MedApr 10, 2024
    affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

    In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is us

  • CVE-2024-27437MedApr 5, 2024
    affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in request_irq() and subsequently dis

  • CVE-2024-26812MedApr 5, 2024
    affected < 5.14.21-150500.13.67.3fixed 5.14.21-150500.13.67.3

    In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but still allows eventfds to be signaled with a NULL c

  • CVE-2024-26814Apr 5, 2024
    affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The

  • CVE-2024-26813Apr 5, 2024
    affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SET_IRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allo

  • CVE-2024-26808Apr 4, 2024
    affected < 5.14.21-150500.13.67.3fixed 5.14.21-150500.13.67.3

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic

  • CVE-2024-26787MedApr 4, 2024
    affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

    In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fix DMA API overlapping mappings warning Turning on CONFIG_DMA_API_DEBUG_SG results in the following warning: DMA-API: mmci-pl18x 48220000.mmc: cacheline tracking EEXIST, overlapping mappings

  • CVE-2024-26807Apr 4, 2024
    affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

    In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously c

  • CVE-2024-26805Apr 4, 2024
    affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

    In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported the following uninit-value access issue [1]: netlink_to_full_skb() creates a new `skb` and puts the `skb->data` passed as a 1st ar

  • CVE-2024-26804Apr 4, 2024
    affected < 5.14.21-150500.13.73.1fixed 5.14.21-150500.13.73.1

    In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr

  • CVE-2024-26802Apr 4, 2024
    affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

    In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function destroy_workqueue() does

  • CVE-2024-26801Apr 4, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism would free the hci_dev an

  • CVE-2024-26800Apr 4, 2024
    affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

    In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns -EBUSY, tls_do_decryption will wait until all async decryptions have completed.

  • CVE-2024-26798Apr 4, 2024
    affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

    In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcon_do_set_font() Commit a5a923038d70 (fbdev: fbcon: Properly revert changes when vc_resize() failed) started restoring old font data upon failure (of vc_resize()).

  • CVE-2024-26793Apr 4, 2024
    affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

    In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The gtp_link_ops operations structure for the subsystem must be registered after registering the gtp_net_ops pernet operations structure. Syzkaller h

  • CVE-2024-26792Apr 4, 2024
    affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case there's an error committing the transaction. The second

  • CVE-2024-26791Apr 4, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bou

  • CVE-2024-26790Apr 4, 2024
    affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip (ls1028a) errata: The SoC may hang on 16 byte unaligned read transactions by QDMA. Unaligned read transactions initiated by QDMA m

  • CVE-2024-26788Apr 4, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: init irq after reg initialization Initialize the qDMA irqs after the registers are configured so that interrupts that may have been pending from a primary kernel don't get processed by the

  • CVE-2024-26783Apr 4, 2024
    affected < 5.14.21-150500.13.52.1fixed 5.14.21-150500.13.52.1

    In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the followi

Page 210 of 228