VYPR

rpm package

suse/kernel-syms&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Vulnerabilities (263)

  • CVE-2021-47323May 21, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer ha

  • CVE-2021-47321May 21, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer ha

  • CVE-2024-35937May 19, 2024
    affected < 3.0.101-108.168.1fixed 3.0.101-108.168.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make

  • CVE-2024-35863May 19, 2024
    affected < 3.0.101-108.177.1fixed 3.0.101-108.177.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

  • CVE-2021-34981May 7, 2024
    affected < 3.0.101-108.138.1fixed 3.0.101-108.138.1

    Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target s

  • CVE-2024-27043May 1, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio

  • CVE-2024-26930May 1, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan reported potential risk of double free of the pointer ha->vp_map. ha->vp_map was freed in qla2x00_mem_alloc(), and again freed in function

  • CVE-2024-26923MedApr 25, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM

  • CVE-2024-26898HigApr 17, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel.

  • CVE-2021-47219Apr 10, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() The following issue was observed running syzkaller: BUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline] BUG: KASAN: slab

  • CVE-2024-26733Apr 3, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr

  • CVE-2021-47110Mar 15, 2024
    affected < 3.0.101-108.204.1fixed 3.0.101-108.204.1

    In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machine_shutdown() hook and this only happens for boot CPU. We need to disable it for all CPUs to guard against memory corrup

  • CVE-2023-28746MedMar 14, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2023-52591Mar 6, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change reiserfs rename code to avoid touching renamed directory if

  • CVE-2023-52590Mar 6, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change ocfs2 rename code to avoid touching renamed directory if its p

  • CVE-2021-47104Mar 4, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() The wrong goto label was used for the error case and missed cleanup of the pkt allocation. Addresses-Coverity-ID: 1493352 ("Resource leak")

  • CVE-2023-52475Feb 29, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete syzbot has found a use-after-free bug [1] in the powermate driver. This happens when the device is disconnected, which leads to a memory free f

  • CVE-2023-51779HigFeb 29, 2024
    affected < 3.0.101-108.150.1fixed 3.0.101-108.150.1

    bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.

  • CVE-2021-46932Feb 27, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may hap

  • CVE-2021-46905Feb 25, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unco

Page 7 of 14