rpm package
suse/kernel-syms-rt&distro=SUSE Linux Enterprise Real Time 12 SP5
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5
Vulnerabilities (1,429)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-47378 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cm_id before destroy qp to avoid to get cma event after qp was destroyed, which may lead to use after free. In RDMA co | ||
| CVE-2021-47375 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blk_trace access after removing by sysfs There is an use-after-free problem triggered by following process: P1(sda) P2(sdb) echo 0 > /sys/block/sdb/trace/enable blk_trace_ | ||
| CVE-2021-47373 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix potential VPE leak on error In its_vpe_irq_domain_alloc, when its_vpe_init() returns an error, there is an off-by-one in the number of VPEs to be freed. Fix it by simply passing the num | ||
| CVE-2021-47372 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use after free on rmmod plat_dev->dev->platform_data is released by platform_device_unregister(), use of pclk and hclk is a use-after-free. Since device unregister won't need a clk device we adju | ||
| CVE-2021-47369 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix NULL deref in qeth_clear_working_pool_list() When qeth_set_online() calls qeth_clear_working_pool_list() to roll back after an error exit from qeth_hardsetup_card(), we are at risk of accessing c | ||
| CVE-2021-47362 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Update intermediate power state for SI Update the current state as boot state during dpm initialization. During the subsequent initialization, set_power_state gets called to transition to the final | ||
| CVE-2021-47361 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mcb: fix error handling in mcb_alloc_bus() There are two bugs: 1) If ida_simple_get() fails then this code calls put_device(carrier) but we haven't yet called get_device(carrier) and probably that leads t | ||
| CVE-2021-47357 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fix possible use-after-free in ia_module_exit() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler | ||
| CVE-2021-47356 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may stil | ||
| CVE-2021-47355 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fix possible use-after-free in nicstar_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handl | ||
| CVE-2021-47354 | — | < 4.12.14-10.191.1 | 4.12.14-10.191.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/sched: Avoid data corruptions Wait for all dependencies of a job to complete before killing it to avoid data corruptions. | ||
| CVE-2021-47353 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the v | ||
| CVE-2021-47352 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid data corruption or loss. | ||
| CVE-2021-47347 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function wl1251_cmd_scan calls memcpy without checking the length. Harden by checking the length is within the maximum allowed size. | ||
| CVE-2021-47345 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix rdma_resolve_route() memory leak Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id". This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_ | ||
| CVE-2021-47344 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: zr364xx: fix memory leak in zr364xx_start_readpipe syzbot reported memory leak in zr364xx driver. The problem was in non-freed urb in case of usb_submit_urb() fail. backtrace: [] kma | ||
| CVE-2021-47343 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign new_root only when removal succeeds remove_raw() in dm_btree_remove() may fail due to IO read error (e.g. read the content of origin block fails during shadowing), and the value of shado | ||
| CVE-2021-47341 | — | < 4.12.14-10.200.1 | 4.12.14-10.200.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio BUG: KASAN: use-after-free in kvm_vm_ioctl_unregister_coalesced_mmio+0x7c/0x1ec arch/arm64/kvm/../../../virt/kvm/coalesced_mmio.c:183 | ||
| CVE-2021-47337 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 ("scsi: core: Fix error handling of scsi_host_alloc()") changed the allocation logic to call put_device() to perform | ||
| CVE-2021-47334 | — | < 4.12.14-10.188.1 | 4.12.14-10.188.1 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasm_init_one In ibmasm_init_one, it calls ibmasm_init_remote_input_dev(). Inside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are allocated by input_al |
- CVE-2021-47378May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cm_id before destroy qp to avoid to get cma event after qp was destroyed, which may lead to use after free. In RDMA co
- CVE-2021-47375May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blk_trace access after removing by sysfs There is an use-after-free problem triggered by following process: P1(sda) P2(sdb) echo 0 > /sys/block/sdb/trace/enable blk_trace_
- CVE-2021-47373May 21, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix potential VPE leak on error In its_vpe_irq_domain_alloc, when its_vpe_init() returns an error, there is an off-by-one in the number of VPEs to be freed. Fix it by simply passing the num
- CVE-2021-47372May 21, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use after free on rmmod plat_dev->dev->platform_data is released by platform_device_unregister(), use of pclk and hclk is a use-after-free. Since device unregister won't need a clk device we adju
- CVE-2021-47369May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix NULL deref in qeth_clear_working_pool_list() When qeth_set_online() calls qeth_clear_working_pool_list() to roll back after an error exit from qeth_hardsetup_card(), we are at risk of accessing c
- CVE-2021-47362May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Update intermediate power state for SI Update the current state as boot state during dpm initialization. During the subsequent initialization, set_power_state gets called to transition to the final
- CVE-2021-47361May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: mcb: fix error handling in mcb_alloc_bus() There are two bugs: 1) If ida_simple_get() fails then this code calls put_device(carrier) but we haven't yet called get_device(carrier) and probably that leads t
- CVE-2021-47357May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fix possible use-after-free in ia_module_exit() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler
- CVE-2021-47356May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may stil
- CVE-2021-47355May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fix possible use-after-free in nicstar_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handl
- CVE-2021-47354May 21, 2024affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Avoid data corruptions Wait for all dependencies of a job to complete before killing it to avoid data corruptions.
- CVE-2021-47353May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the v
- CVE-2021-47352May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid data corruption or loss.
- CVE-2021-47347May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function wl1251_cmd_scan calls memcpy without checking the length. Harden by checking the length is within the maximum allowed size.
- CVE-2021-47345May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix rdma_resolve_route() memory leak Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id". This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_
- CVE-2021-47344May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: media: zr364xx: fix memory leak in zr364xx_start_readpipe syzbot reported memory leak in zr364xx driver. The problem was in non-freed urb in case of usb_submit_urb() fail. backtrace: [] kma
- CVE-2021-47343May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign new_root only when removal succeeds remove_raw() in dm_btree_remove() may fail due to IO read error (e.g. read the content of origin block fails during shadowing), and the value of shado
- CVE-2021-47341May 21, 2024affected < 4.12.14-10.200.1fixed 4.12.14-10.200.1
In the Linux kernel, the following vulnerability has been resolved: KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio BUG: KASAN: use-after-free in kvm_vm_ioctl_unregister_coalesced_mmio+0x7c/0x1ec arch/arm64/kvm/../../../virt/kvm/coalesced_mmio.c:183
- CVE-2021-47337May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 ("scsi: core: Fix error handling of scsi_host_alloc()") changed the allocation logic to call put_device() to perform
- CVE-2021-47334May 21, 2024affected < 4.12.14-10.188.1fixed 4.12.14-10.188.1
In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasm_init_one In ibmasm_init_one, it calls ibmasm_init_remote_input_dev(). Inside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are allocated by input_al
Page 23 of 72