VYPR

rpm package

suse/kernel-syms-rt&distro=SUSE Real Time Module 15 SP5

pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5

Vulnerabilities (2,442)

  • CVE-2023-52812May 21, 2024
    affected < 5.14.21-150500.13.64.1fixed 5.14.21-150500.13.64.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In SR-IOV environment, the value of pcie_table->num_of_link_levels will be 0, and num_of_levels - 1 will cause array index out of bounds

  • CVE-2023-52811May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the cod

  • CVE-2023-52810May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative db_l2nbperpage l2nbperpage is log2(number of blks per page), and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur

  • CVE-2023-52809May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() fc_lport_ptp_setup() did not check the return value of fc_rport_create() which can return NULL and would cause a NULL pointer derefere

  • CVE-2023-52808May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfs_remove_recursive() is called, after which debug

  • CVE-2023-52807May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs The hns3 driver define an array of string to show the coalesce info, but if the kernel adds a new mode or a new state, out-of

  • CVE-2023-52806May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP drivers assign streams exclusively of HOST or LINK type, nothing blocks a user to attempt to assign a COUPLED stream. As supplied su

  • CVE-2023-52805May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of the iag while allocating new inodes to avoid fragmentation problem. Added the check which is required.

  • CVE-2023-52804May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for db_maxag and db_agpref Both db_maxag and db_agpref are used as the index of the db_agfree array, but there is currently no validity check for db_maxag and db_agpref, which can lea

  • CVE-2023-52803May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpc_remove_pipedir() workqueue,which takes care about pipefs superblock locking. In some special sc

  • CVE-2023-52800May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. Mark th

  • CVE-2023-52799May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbFindLeaf Currently while searching for dmtree_t for sufficient free blocks there is an array out of bounds while getting element in tp->dm_stree. To add the required chec

  • CVE-2023-52798May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section

  • CVE-2023-52796May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlan_process_v6_outbound() by moving the flowi6 struct used for

  • CVE-2023-52795May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix use after free in vhost_vdpa_probe() The put_device() calls vhost_vdpa_release_dev() which calls ida_simple_remove() and frees "v". So this call to ida_simple_remove() is a use after free and a

  • CVE-2023-52791May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !preemptible Since bae1d3a05a8b, i2c transfers are non-atomic if preemption is disabled. However, non-atomic i2c transfers require preemption (e.g. in wait_for_completion() w

  • CVE-2023-52789May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: tty: vcc: Add check for kstrdup() in vcc_probe() Add check for the return value of kstrdup() and return the error, if it fails in order to avoid NULL pointer dereference.

  • CVE-2023-52788May 21, 2024
    affected < 5.14.21-150500.13.58.1fixed 5.14.21-150500.13.58.1

    In the Linux kernel, the following vulnerability has been resolved: i915/perf: Fix NULL deref bugs with drm_dbg() calls When i915 perf interface is not available dereferencing it will lead to NULL dereferences. As returning -ENOTSUPP is pretty clear return when perf interface

  • CVE-2023-52787May 21, 2024
    affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for bio_integrity_prep() blk_integrity_unregister() can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed

  • CVE-2023-52784May 21, 2024
    affected < 5.14.21-150500.13.61.1fixed 5.14.21-150500.13.61.1

    In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bond_setup_by_slave() Commit 9eed321cde22 ("net: lapbether: only support ethernet devices") has been able to keep syzbot away from net/lapb, until today. In the following splat [1],

Page 70 of 123