Details
-
Improvement
-
Resolution: Won't Fix
-
Minor
-
Lustre 2.16.0, Lustre 2.15.5
-
None
-
3
-
9223372036854775807
Description
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security
bugfixes.
The following security bugs were fixed:
- CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
- CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-
acpi (bsc#1220478). - CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use
get_user_pages_unlocked() (bsc#1220443). - CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump()
(bsc#1220482). - CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
- CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq()
(bsc#1220486). - CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
- CVE-2021-46934: Fixed a bug by validating user data in compat ioctl
(bsc#1220469). - CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
- CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
- CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek:
(bsc#1220917). - CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
- CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path
(bsc#1220959). - CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core
(bsc#1220978). - CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
- CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
- CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi
(bsc#1220981). - CVE-2021-47097: Fixed stack out of bound access in
elantech_change_report_id() (bsc#1220982). - CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations
hwmon: (lm90) (bsc#1220983). - CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are
cloned (bsc#1220955). - CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
- CVE-2021-47102: Fixed incorrect structure access In line: upper =
info->upper_dev in net/marvell/prestera (bsc#1221009). - CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts()
(bsc#1220960). - CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
- CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
- CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in
drm/mediatek (bsc#1220986). - CVE-2022-4744: Fixed double-free that could lead to DoS or privilege
escalation in TUN/TAP device driver functionality (bsc#1209635). - CVE-2022-48626: Fixed a potential use-after-free on remove path moxart
(bsc#1220366). - CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer
(bsc#1220845). - CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848).
- CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
- CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in
crypto: qcom-rng (bsc#1220990). - CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to
potentially crash the system (bsc#1209657). - CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514). - CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem
that could lead to potential information disclosure or a denial of service
(bsc#1215221). - CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround
(bsc#1220251). - CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology()
(bsc#1220237). - CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337).
- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU
length (bsc#1220320). - CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer
(bsc#1220325). - CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
- CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register
(bsc#1220433). - CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table
(bsc#1220411). - CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec
user SDMA requests (bsc#1220445). - CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI
during vsyscall (bsc#1220703). - CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors
(bsc#1220790). - CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520
(bsc#1220887). - CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors
(bsc#1220735). - CVE-2023-52484: Fixed a soft lockup triggered by
arm_smmu_mm_invalidate_range (bsc#1220797). - CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
- CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration
function __dma_async_device_channel_register() (bsc#1221276). - CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274).
- CVE-2023-52494: Fixed missing alignment check for event ring read pointer in
bus/mhi/host (bsc#1221273). - CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
- CVE-2023-52500: Fixed information leaking when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). - CVE-2023-52501: Fixed possible memory corruption in ring-buffer
(bsc#1220885). - CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (bsc#1220831). - CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a
5-level paging machine (bsc#1221553). - CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
- CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid()
(bsc#1221015). - CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1220836). - CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
- CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
- CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
- CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO
drain in spi/sun6i (bsc#1221055). - CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056).
- CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc
(bsc#1220920). - CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi
(bsc#1220921). - CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf
(bsc#1220926). - CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet()
(bsc#1220840). - CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg()
(bsc#1220843). - CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
- CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211
(bsc#1220930). - CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931).
- CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
- CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend
(bsc#1220933). - CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson
(bsc#1220937). - CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux()
(bsc#1220938). - CVE-2023-52566: Fixed potential use after free in
nilfs_gccache_submit_read_data() (bsc#1220940). - CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ
polling (irq = 0) (bsc#1220839). - CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to
insert delayed dir index item (bsc#1220918). - CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off
(bsc#1220871). - CVE-2023-52576: Fixed potential use after free in memblock_isolate_range()
(bsc#1220872). - CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph
(bsc#1221058). - CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via
directory renaming (bsc#1221044). - CVE-2023-52594: Fixed potential array-index-out-of-bounds read in
ath9k_htc_txstatus() (bsc#1221045). - CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
- CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace
(bsc#1221060). - CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs
(bsc#1221062). - CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071).
- CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs
(bsc#1221068). - CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs
(bsc#1221070). - CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot()
(bsc#1221066). - CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree()
(bsc#1221067). - CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
- CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib
(bsc#1221069). - CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add
kasprintf() (bsc#1221061). - CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi
(bsc#1221375). - CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp
(bsc#1221616). - CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
- CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove
(bsc#1221613). - CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd
number in pstore/ram (bsc#1221618). - CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
- CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
- CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd
(bsc#1222274). - CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939
(bsc#1222291). - CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed
(bsc#1222300). - CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts
(bsc#1218562). - CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec
(bsc#1217987). - CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request
(bsc#1217988). - CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete
(bsc#1217989). - CVE-2023-7042: Fixed a null-pointer-dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). - CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in
net/netfilter/nf_conntrack_netlink.c (bsc#1218479). - CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super
function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). - CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170). - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1219169). - CVE-2024-25739: Fixed possible crash in create_empty_lvol() in
drivers/mtd/ubi/vtbl.c (bsc#1219834). - CVE-2024-25742: Fixed insufficient validation during #VC instruction
emulation in x86/sev (bsc#1221725). - CVE-2024-25743: Fixed insufficient validation during #VC instruction
emulation in x86/sev (bsc#1221725). - CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate()
(bsc#1220365). - CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2
(bsc#1220340). - CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
- CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736).
- CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences
(bsc#1221291). - CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks
(bsc#1221293). - CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap
(bsc#1221298). - CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090).
- CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in
nfsd (bsc#1221379). - CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter
nf_tables (bsc#1221830). - CVE-2024-26645: Fixed missing visibility when inserting an element into
tracing_map (bsc#1222056). - CVE-2024-26646: Fixed potential memory corruption when resuming from suspend
or hibernation in thermal/intel/hfi (bsc#1222070). - CVE-2024-26651: Fixed possible oops via malicious devices in sr9800
(bsc#1221337). - CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
- CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun
events in xhci (bsc#1222317). - CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in
hwmon coretemp (bsc#1222355). - CVE-2024-26667: Fixed null pointer reference in
dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). - CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in
kernel arm64 (bsc#1222356). - CVE-2024-26695: Fixed null pointer dereference in
__sev_platform_shutdown_locked in crypto ccp (bsc#1222373). - CVE-2024-26717: Fixed null pointer dereference on failed power up in HID
i2c-hid-of (bsc#1222360).
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2024-April/018444.html