rpm package
suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP5
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5
Vulnerabilities (2,442)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48790 | Hig | 7.0 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queue_rq, in .submit_async_event drivers may not check the ctrl readiness for AER submission. This may lead to a use-after-free condit | |
| CVE-2022-48789 | Hig | 7.8 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport error_recovery work While nvme_tcp_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in ord | |
| CVE-2022-48788 | Hig | 7.8 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in o | |
| CVE-2022-48787 | Hig | 7.8 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which the | |
| CVE-2022-48786 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsock_connect() expects that the socket could already be in the TCP_ESTABLISHED state when the connecting task wakes up with a si | |
| CVE-2022-48785 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() Some time ago 8965779d2c0e ("ipv6,mcast: always hold idev->lock before mca_lock") switched ipv6_get_lladdr() to __ipv6_get_lladdr(), which is rcu-unsafe ve | |
| CVE-2022-48784 | Med | 4.7 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix race in netlink owner interface destruction My previous fix here to fix the deadlock left a race where the exact same deadlock (see the original commit referenced below) can still happen if cfg802 | |
| CVE-2022-48783 | Hig | 7.8 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus). | |
| CVE-2022-48780 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies | |
| CVE-2022-48778 | Hig | 7.8 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped. | |
| CVE-2022-48777 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty) the kernel panics in the cleanup function as the name entry is NULL. Rework the | |
| CVE-2022-48776 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix missing free for pparts in cleanup Mtdpart doesn't free pparts when a cleanup function is declared. Add missing free for pparts in cleanup function for smem to fix the leak. | |
| CVE-2022-48775 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, ko | |
| CVE-2022-48774 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in pt_core_init() In order to free resources correctly in the error handling path of pt_core_init(), 2 goto's have to be switched. Otherwise, some resources will le | |
| CVE-2022-48773 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries f | |
| CVE-2021-47624 | Hig | 7.1 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. When the 3rd argument buf doesn't match with "offline", "online" or "remove", | |
| CVE-2021-47623 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/fixmap: Fix VM debug warning on unmap Unmapping a fixmap entry is done by calling __set_fixmap() with FIXMAP_PAGE_CLEAR as flags. Today, powerpc __set_fixmap() calls map_kernel_page(). map_kernel_page | |
| CVE-2021-47622 | Med | 5.5 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_handler() - ufshcd_eh_host | |
| CVE-2023-52886 | Med | 6.4 | < 5.14.21-150500.13.64.1 | 5.14.21-150500.13.64.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 dr | |
| CVE-2024-41007 | Low | 3.3 | < 5.14.21-150500.13.67.1 | 5.14.21-150500.13.67.1 | Jul 15, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero, tcp_retransmit_timer() can retransmit a packet every two jiffies (2 ms for HZ=1 |
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queue_rq, in .submit_async_event drivers may not check the ctrl readiness for AER submission. This may lead to a use-after-free condit
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport error_recovery work While nvme_tcp_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in ord
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in o
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which the
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsock_connect() expects that the socket could already be in the TCP_ESTABLISHED state when the connecting task wakes up with a si
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() Some time ago 8965779d2c0e ("ipv6,mcast: always hold idev->lock before mca_lock") switched ipv6_get_lladdr() to __ipv6_get_lladdr(), which is rcu-unsafe ve
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix race in netlink owner interface destruction My previous fix here to fix the deadlock left a race where the exact same deadlock (see the original commit referenced below) can still happen if cfg802
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: fix use after free in gswip_remove() of_node_put(priv->ds->slave_mii_bus->dev.of_node) should be done before mdiobus_free(priv->ds->slave_mii_bus).
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of clcsock will be saved and replaced during the fallback. But if the fallback happens more than once, then the copies
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped.
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty) the kernel panics in the cleanup function as the name entry is NULL. Rework the
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix missing free for pparts in cleanup Mtdpart doesn't free pparts when a cleanup function is declared. Add missing free for pparts in cleanup function for smem to fix the leak.
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, ko
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: Fix the error handling path in pt_core_init() In order to free resources correctly in the error handling path of pt_core_init(), 2 goto's have to be switched. Otherwise, some resources will le
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create If there are failures then we must not leave the non-NULL pointers with the error value, otherwise `rpcrdma_ep_destroy` gets confused and tries f
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. When the 3rd argument buf doesn't match with "offline", "online" or "remove",
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/fixmap: Fix VM debug warning on unmap Unmapping a fixmap entry is done by calling __set_fixmap() with FIXMAP_PAGE_CLEAR as flags. Today, powerpc __set_fixmap() calls map_kernel_page(). map_kernel_page
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_handler() - ufshcd_eh_host
- affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 dr
- affected < 5.14.21-150500.13.67.1fixed 5.14.21-150500.13.67.1
In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to zero, tcp_retransmit_timer() can retransmit a packet every two jiffies (2 ms for HZ=1
Page 43 of 123