rpm package
suse/kernel-source-rt&distro=SUSE Real Time Module 15 SP5
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5
Vulnerabilities (2,442)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47529 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Fix memory leaks in error handling path Should an error occur (invalid TLV len or memory allocation failure), the memory already allocated in 'reduce_power_data' should be freed before returning, other | ||
| CVE-2021-47528 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init() In cdnsp_endpoint_init(), cdnsp_ring_alloc() is assigned to pep->ring and there is a dereference of it in cdnsp_endpoint_init(), which could l | ||
| CVE-2021-47526 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: Fix NULL pointer dereference in ->remove() drvdata has to be set in _probe() - otherwise platform_get_drvdata() causes null pointer dereference BUG in _remove(). | ||
| CVE-2021-47525 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix use-after-free and memleak on unbind Deregister the port when unbinding the driver to prevent it from being used after releasing the driver data and leaking memory allocated by serial core | ||
| CVE-2021-47524 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix minor-number leak on probe errors Make sure to release the allocated minor number before returning on probe errors. | ||
| CVE-2021-47523 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr This buffer is currently allocated in hfi1_init(): if (reinit) ret = init_after_reset(dd); else ret = loadtime_init(dd); if (ret) goto done; /* allocate | ||
| CVE-2021-47522 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through uhid, there is a chance we don't have output reports and so report_field is null. | ||
| CVE-2021-47521 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in ems_pcmcia_add_card() If the last channel is not available then "dev" is freed. Fortunately, we can just use "pdev->irq" instead. Also we should check if at least one chann | ||
| CVE-2021-47520 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call n | ||
| CVE-2021-47518 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done The done() netlink callback nfc_genl_dump_ses_done() should check if received argument is non-NULL, because its allocation could fail earlier in d | ||
| CVE-2021-47517 | — | < 5.14.21-150500.13.67.3 | 5.14.21-150500.13.67.3 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations co | ||
| CVE-2021-47516 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfp: Fix memory leak in nfp_cpp_area_cache_add() In line 800 (#1), nfp_cpp_area_alloc() allocates and initializes a CPP area structure. But in line 807 (#2), when the cache is allocated failed, this CPP area st | ||
| CVE-2021-47515 | — | < 5.14.21-150500.13.61.1 | 5.14.21-150500.13.61.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: seg6: fix the iif in the IPv6 socket control block When an IPv4 packet is received, the ip_rcv_core(...) sets the receiving interface index into the IPv4 socket control block (v5.16-rc4, net/ipv4/ip_input.c lin | ||
| CVE-2021-47514 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcou | ||
| CVE-2021-47513 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering Avoid a memory leak if there is not a CPU port defined. Addresses-Coverity-ID: 1492897 ("Resource leak") Addresses-Coverity-ID: 1492899 ("Resource | ||
| CVE-2021-47512 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: prevent dismantle issue For some reason, fq_pie_destroy() did not copy working code from pie_destroy() and other qdiscs, thus causing elusive bug. Before calling del_timer_sync(&q->adapt_tim | ||
| CVE-2021-47511 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes only the positive values and handle them with size_ | ||
| CVE-2021-47510 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix re-dirty process of tree-log nodes There is a report of a transaction abort of -EAGAIN with the following script. #!/bin/sh for d in sda sdb; do mkfs.btrfs -d single -m single -f /dev | ||
| CVE-2021-47509 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Limit the period size to 16MB Set the practical limit to the period size (the fragment shift in OSS) instead of a full 31bit; a too large value could lead to the exhaust of memory as we allocate | ||
| CVE-2021-47508 | — | < 5.14.21-150500.13.58.1 | 5.14.21-150500.13.58.1 | May 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: free exchange changeset on failures Fstests runs on my VMs have show several kmemleak reports like the following. unreferenced object 0xffff88811ae59080 (size 64): comm "xfs_io", pid 12124, jiffie |
- CVE-2021-47529May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Fix memory leaks in error handling path Should an error occur (invalid TLV len or memory allocation failure), the memory already allocated in 'reduce_power_data' should be freed before returning, other
- CVE-2021-47528May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init() In cdnsp_endpoint_init(), cdnsp_ring_alloc() is assigned to pep->ring and there is a dereference of it in cdnsp_endpoint_init(), which could l
- CVE-2021-47526May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: Fix NULL pointer dereference in ->remove() drvdata has to be set in _probe() - otherwise platform_get_drvdata() causes null pointer dereference BUG in _remove().
- CVE-2021-47525May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix use-after-free and memleak on unbind Deregister the port when unbinding the driver to prevent it from being used after releasing the driver data and leaking memory allocated by serial core
- CVE-2021-47524May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix minor-number leak on probe errors Make sure to release the allocated minor number before returning on probe errors.
- CVE-2021-47523May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr This buffer is currently allocated in hfi1_init(): if (reinit) ret = init_after_reset(dd); else ret = loadtime_init(dd); if (ret) goto done; /* allocate
- CVE-2021-47522May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through uhid, there is a chance we don't have output reports and so report_field is null.
- CVE-2021-47521May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in ems_pcmcia_add_card() If the last channel is not available then "dev" is freed. Fortunately, we can just use "pdev->irq" instead. Also we should check if at least one chann
- CVE-2021-47520May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call n
- CVE-2021-47518May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done The done() netlink callback nfc_genl_dump_ses_done() should check if received argument is non-NULL, because its allocation could fail earlier in d
- CVE-2021-47517May 24, 2024affected < 5.14.21-150500.13.67.3fixed 5.14.21-150500.13.67.3
In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations co
- CVE-2021-47516May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: nfp: Fix memory leak in nfp_cpp_area_cache_add() In line 800 (#1), nfp_cpp_area_alloc() allocates and initializes a CPP area structure. But in line 807 (#2), when the cache is allocated failed, this CPP area st
- CVE-2021-47515May 24, 2024affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1
In the Linux kernel, the following vulnerability has been resolved: seg6: fix the iif in the IPv6 socket control block When an IPv4 packet is received, the ip_rcv_core(...) sets the receiving interface index into the IPv4 socket control block (v5.16-rc4, net/ipv4/ip_input.c lin
- CVE-2021-47514May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcou
- CVE-2021-47513May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering Avoid a memory leak if there is not a CPU port defined. Addresses-Coverity-ID: 1492897 ("Resource leak") Addresses-Coverity-ID: 1492899 ("Resource
- CVE-2021-47512May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: prevent dismantle issue For some reason, fq_pie_destroy() did not copy working code from pie_destroy() and other qdiscs, thus causing elusive bug. Before calling del_timer_sync(&q->adapt_tim
- CVE-2021-47511May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes only the positive values and handle them with size_
- CVE-2021-47510May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix re-dirty process of tree-log nodes There is a report of a transaction abort of -EAGAIN with the following script. #!/bin/sh for d in sda sdb; do mkfs.btrfs -d single -m single -f /dev
- CVE-2021-47509May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Limit the period size to 16MB Set the practical limit to the period size (the fragment shift in OSS) instead of a full 31bit; a too large value could lead to the exhaust of memory as we allocate
- CVE-2021-47508May 24, 2024affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: free exchange changeset on failures Fstests runs on my VMs have show several kmemleak reports like the following. unreferenced object 0xffff88811ae59080 (size 64): comm "xfs_io", pid 12124, jiffie
Page 63 of 123