rpm package
suse/kernel-syms-rt&distro=SUSE Linux Enterprise Real Time 12 SP5
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5
Vulnerabilities (1,429)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47609 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tr | ||
| CVE-2021-47606 | — | < 4.12.14-10.197.1 | 4.12.14-10.197.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0 | ||
| CVE-2021-47603 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditd_thread() could get blocked attempting to send audit records to the usersp | ||
| CVE-2021-47602 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header. Syzbot repor | ||
| CVE-2021-47600 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec(). | ||
| CVE-2021-47599 | — | < 4.12.14-10.197.1 | 4.12.14-10.197.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: use latest_dev in btrfs_show_devname The test case btrfs/238 reports the warning below: WARNING: CPU: 3 PID: 481 at fs/btrfs/super.c:2509 btrfs_show_devname+0x104/0x1e8 [btrfs] CPU: 2 PID: 1 Comm: sys | ||
| CVE-2021-47597 | — | < 4.12.14-10.197.1 | 4.12.14-10.197.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of i | ||
| CVE-2021-47589 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in `igbvf_probe` In `igbvf_probe`, if register_netdev() fails, the program will go to label err_hw_init, and then to label err_ioremap. In free_netdev() which is just below label err_iore | ||
| CVE-2021-47588 | — | < 4.12.14-10.197.1 | 4.12.14-10.197.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already called by register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() r | ||
| CVE-2021-47587 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a g | ||
| CVE-2021-47582 | — | < 4.12.14-10.197.1 | 4.12.14-10.197.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Make do_proc_control() and do_proc_bulk() killable The USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke usb_start_wait_urb(), which contains an uninterruptible wait with a user-specified timeout valu | ||
| CVE-2021-47580 | — | < 4.12.14-10.197.1 | 4.12.14-10.197.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger va | ||
| CVE-2021-47576 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() In resp_mode_select() sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40 | ||
| CVE-2024-38598 | Med | 5.5 | < 4.12.14-10.194.1 | 4.12.14-10.194.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU | |
| CVE-2024-38596 | Med | 4.7 | < 4.12.14-10.203.1 | 4.12.14-10.203.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. In one data path, the write function unix_release_sock() atomically writes to sk->sk_shutdo | |
| CVE-2024-38579 | Med | 5.5 | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key | |
| CVE-2024-38578 | Hig | 7.8 | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for t | |
| CVE-2024-38567 | Med | 5.5 | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a sp | |
| CVE-2024-38565 | Med | 5.5 | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: enable proper endpoint verification Syzkaller reports [1] hitting a warning about an endpoint in use not having an expected type to it. Fix the issue by checking for the existence of all proper e | |
| CVE-2024-38560 | Hig | 7.1 | < 4.12.14-10.197.1 | 4.12.14-10.197.1 | Jun 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that |
- CVE-2021-47609Jun 19, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tr
- CVE-2021-47606Jun 19, 2024affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0
- CVE-2021-47603Jun 19, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditd_thread() could get blocked attempting to send audit records to the usersp
- CVE-2021-47602Jun 19, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header. Syzbot repor
- CVE-2021-47600Jun 19, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec().
- CVE-2021-47599Jun 19, 2024affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: use latest_dev in btrfs_show_devname The test case btrfs/238 reports the warning below: WARNING: CPU: 3 PID: 481 at fs/btrfs/super.c:2509 btrfs_show_devname+0x104/0x1e8 [btrfs] CPU: 2 PID: 1 Comm: sys
- CVE-2021-47597Jun 19, 2024affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploited by unpriv users. After analysis it turned out UDP was not initializing r->idiag_expires. Other users of i
- CVE-2021-47589Jun 19, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in `igbvf_probe` In `igbvf_probe`, if register_netdev() fails, the program will go to label err_hw_init, and then to label err_ioremap. In free_netdev() which is just below label err_iore
- CVE-2021-47588Jun 19, 2024affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already called by register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() r
- CVE-2021-47587Jun 19, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a g
- CVE-2021-47582Jun 19, 2024affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Make do_proc_control() and do_proc_bulk() killable The USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke usb_start_wait_urb(), which contains an uninterruptible wait with a user-specified timeout valu
- CVE-2021-47580Jun 19, 2024affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger va
- CVE-2021-47576Jun 19, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() In resp_mode_select() sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40
- affected < 4.12.14-10.194.1fixed 4.12.14-10.194.1
In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU
- affected < 4.12.14-10.203.1fixed 4.12.14-10.203.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. In one data path, the write function unix_release_sock() atomically writes to sk->sk_shutdo
- affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key
- affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for t
- affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a sp
- affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: enable proper endpoint verification Syzkaller reports [1] hitting a warning about an endpoint in use not having an expected type to it. Fix the issue by checking for the existence of all proper e
- affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that
Page 15 of 72