VYPR

rpm package

suse/kernel-xen&distro=SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE

Vulnerabilities (263)

  • CVE-2024-40902Jul 12, 2024
    affected < 3.0.101-108.165.1fixed 3.0.101-108.165.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. But when that xattr size is bigger than t

  • CVE-2023-52340Jul 5, 2024
    affected < 3.0.101-108.153.1fixed 3.0.101-108.153.1

    The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

  • CVE-2016-20022HigJun 27, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the supplier.

  • CVE-2021-4439Jun 20, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The cmtp_add_connection() would add a cmtp session to a controller and run a kernel thread to process cmtp. __module_get(THIS_MODULE); session->ta

  • CVE-2021-47600Jun 19, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec().

  • CVE-2021-47589Jun 19, 2024
    affected < 3.0.101-108.168.1fixed 3.0.101-108.168.1

    In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in `igbvf_probe` In `igbvf_probe`, if register_netdev() fails, the program will go to label err_hw_init, and then to label err_ioremap. In free_netdev() which is just below label err_iore

  • CVE-2021-47580Jun 19, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the values get sign extended and the larger va

  • CVE-2024-38599HigJun 19, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the x

  • CVE-2024-38538Jun 19, 2024
    affected < 3.0.101-108.165.1fixed 3.0.101-108.165.1

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's xmit path by sending a short (less than ETH_HLEN bytes) skb. To fix it check if we

  • CVE-2024-36964Jun 3, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent s

  • CVE-2023-52881May 29, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The

  • CVE-2023-52880May 24, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADM

  • CVE-2021-47520May 24, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call n

  • CVE-2021-47511May 24, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes only the positive values and handle them with size_

  • CVE-2021-47485May 22, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields Overflowing either addrlimit or bytes_togo can allow userspace to trigger a buffer overflow of kernel memory. Check for overflows in all t

  • CVE-2023-52752May 21, 2024
    affected < 3.0.101-108.159.1fixed 3.0.101-108.159.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show() to avoid use-after-free in @

  • CVE-2021-47391May 21, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests The FSM can run in a circle allowing rdma_resolve_ip() to be called twice on the same id_priv. While this cannot happen without going thr

  • CVE-2021-47383May 21, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct containing only the fields xres, yres, and bi

  • CVE-2021-47347May 21, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function wl1251_cmd_scan calls memcpy without checking the length. Harden by checking the length is within the maximum allowed size.

  • CVE-2021-47324May 21, 2024
    affected < 3.0.101-108.156.1fixed 3.0.101-108.156.1

    In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdt_startup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may s

Page 6 of 14