rpm package

suse/kernel-syms-rt&distro=SUSE Linux Enterprise Real Time 12 SP5

pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Vulnerabilities (1,429)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-47165		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unabl
CVE-2021-47162		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: tipc: skb_linearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's frag_list if the frag_list already has skbs from elsewhere, such as this skb was created by pskb_co
CVE-2021-47161		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the error handling path of the probe function, as already done in the rem
CVE-2021-47159		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix a crash if ->get_sset_count() fails If ds->ops->get_sset_count() fails then it "count" is a negative error code such as -EOPNOTSUPP. Because "i" is an unsigned int, the negative error code is typ
CVE-2021-47153		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunate
CVE-2021-47150		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the memory
CVE-2021-47149		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: net: fujitsu: fix potential null-ptr-deref In fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer deref. To fix this, check the return value of ioremap and return -1 to the caller in case of failu
CVE-2021-47146		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mld_newpack() mld_newpack() doesn't allow to allocate high order page, only order-0 allocation is allowed. If headroom size is too large, a kernel panic could occur in skb_put(). Test command
CVE-2021-47145		—	< 4.12.14-10.194.1	4.12.14-10.194.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON in link_to_fixup_dir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 [#1] SMP NOPTI CPU: 1 PID: 7836 Comm:
CVE-2021-47143		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: net/smc: remove device from smcd_dev_list after failed device_add() If the device_add() for a smcd_dev fails, there's no cleanup step that rolls back the earlier list_add(). The device subsequently gets freed,
CVE-2021-47142		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a use-after-free looks like we forget to set ttm->sg to NULL. Hit panic below [ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG
CVE-2021-47141		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: gve: Add NULL pointer checks when freeing irqs. When freeing notification blocks, we index priv->msix_vectors. If we failed to allocate priv->msix_vectors (see abort_with_msix_vectors) this could lead to a NULL
CVE-2021-47138		—	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 25, 2024	In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these i
CVE-2024-26642	Med	5.5	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 21, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.
CVE-2023-52620	Low	2.5	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 21, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters.
CVE-2023-52614	Hig	7.8	< 4.12.14-10.182.1	4.12.14-10.182.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer overflow in trans_stat_show(). Convert simple snprintf to the more secure scnprintf with size of PAGE_SIZE. Add condition checking if we are exc
CVE-2024-26641		—	< 4.12.14-10.191.1	4.12.14-10.191.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() syzbot found __ip6_tnl_rcv() could access unitiliazed data [1]. Call pskb_inet_may_pull() to fix this, and initialize ipv6h variable after this cal
CVE-2023-52619		—	< 4.12.14-10.197.1	4.12.14-10.197.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become an odd number. The address of the zone will becom
CVE-2024-26636		—	< 4.12.14-10.194.1	4.12.14-10.194.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header [1] Lik
CVE-2024-26635		—	< 4.12.14-10.194.1	4.12.14-10.194.1	Mar 18, 2024	In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the b

CVE-2021-47165Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unabl
CVE-2021-47162Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: tipc: skb_linearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's frag_list if the frag_list already has skbs from elsewhere, such as this skb was created by pskb_co
CVE-2021-47161Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the error handling path of the probe function, as already done in the rem
CVE-2021-47159Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix a crash if ->get_sset_count() fails If ds->ops->get_sset_count() fails then it "count" is a negative error code such as -EOPNOTSUPP. Because "i" is an unsigned int, the negative error code is typ
CVE-2021-47153Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunate
CVE-2021-47150Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the memory
CVE-2021-47149Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: net: fujitsu: fix potential null-ptr-deref In fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer deref. To fix this, check the return value of ioremap and return -1 to the caller in case of failu
CVE-2021-47146Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mld_newpack() mld_newpack() doesn't allow to allocate high order page, only order-0 allocation is allowed. If headroom size is too large, a kernel panic could occur in skb_put(). Test command
CVE-2021-47145Mar 25, 2024
affected < 4.12.14-10.194.1fixed 4.12.14-10.194.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON in link_to_fixup_dir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 [#1] SMP NOPTI CPU: 1 PID: 7836 Comm:
CVE-2021-47143Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: remove device from smcd_dev_list after failed device_add() If the device_add() for a smcd_dev fails, there's no cleanup step that rolls back the earlier list_add(). The device subsequently gets freed,
CVE-2021-47142Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a use-after-free looks like we forget to set ttm->sg to NULL. Hit panic below [ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG
CVE-2021-47141Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: gve: Add NULL pointer checks when freeing irqs. When freeing notification blocks, we index priv->msix_vectors. If we failed to allocate priv->msix_vectors (see abort_with_msix_vectors) this could lead to a NULL
CVE-2021-47138Mar 25, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these i
CVE-2024-26642MedMar 21, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.
CVE-2023-52620LowMar 21, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters.
CVE-2023-52614HigMar 18, 2024
affected < 4.12.14-10.182.1fixed 4.12.14-10.182.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer overflow in trans_stat_show(). Convert simple snprintf to the more secure scnprintf with size of PAGE_SIZE. Add condition checking if we are exc
CVE-2024-26641Mar 18, 2024
affected < 4.12.14-10.191.1fixed 4.12.14-10.191.1
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() syzbot found __ip6_tnl_rcv() could access unitiliazed data [1]. Call pskb_inet_may_pull() to fix this, and initialize ipv6h variable after this cal
CVE-2023-52619Mar 18, 2024
affected < 4.12.14-10.197.1fixed 4.12.14-10.197.1
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become an odd number. The address of the zone will becom
CVE-2024-26636Mar 18, 2024
affected < 4.12.14-10.194.1fixed 4.12.14-10.194.1
In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header [1] Lik
CVE-2024-26635Mar 18, 2024
affected < 4.12.14-10.194.1fixed 4.12.14-10.194.1
In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the b

Page 38 of 72