CVE-2021-47412 block: don't call rq_qos_ops->done_bio if the bio isn't tracked

In the Linux kernel, the following vulnerability has been resolved: block: don't call rqqosops-donebio if the bio isn't tracked rqqos framework is only applied on request based driver, so: 1 rqqosdonebio needn't to be called for bio based driver 2 rqqosdonebio needn't to be called for bio which...

CVE-2021-47412

CVE-2021-47412 (Linux kernel) : The vulnerability arises when a bio is not tracked and the rq_qos_ops->done_bio call is inappropriately invoked, risking a kernel panic. The fix stops calling done_bio for bios that aren’t tracked (and for bio-based drivers where rq_qos_done_bio() isn’t needed)....

CVE-2021-47412

In the Linux kernel, the following vulnerability has been resolved: block: don't call rqqosops-donebio if the bio isn't tracked rqqos framework is only applied on request based driver, so: 1 rqqosdonebio needn't to be called for bio based driver 2 rqqosdonebio needn't to be called for bio which...

CVE-2021-47344

In the Linux kernel, the following vulnerability has been resolved: media: zr364xx: fix memory leak in zr364xxstartreadpipe syzbot reported memory leak in zr364xx driver. The problem was in non-freed urb in case of usbsubmiturb fail. backtrace: kmalloc include/linux/slab.h:561 inline...

CVE-2021-47275 bcache: avoid oversized read request in cache missing code path

In the Linux kernel, the following vulnerability has been resolved: bcache: avoid oversized read request in cache missing code path In the cache missing code path of cached device, if a proper location from the internal B+ tree is matched for a cache miss range, function cacheddevcachemiss will b...

CVE-2021-47272 usb: dwc3: gadget: Bail from dwc3_gadget_exit() if dwc->gadget is NULL

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...

CVE-2021-47266 RDMA/ipoib: Fix warning caused by destroying non-initial netns

In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 "RDMA/ipoib: Set rtnllinkops for ipoib interfaces", if the IPoIB device is moved to non-initial netns, destroying that netns lets the...

CVE-2021-47266

CVE-2021-47266 affects the Linux kernel’s RDMA/IPOIB path. After a change that sets rtnl_link_ops for ipoib interfaces, moving an IPoIB device to a non-initial netns can cause the device to disappear when the owning netns is deleted, due to default_device_exit() skipping interfaces with rtnl_link...

CVE-2021-47266 RDMA/ipoib: Fix warning caused by destroying non-initial netns

In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 "RDMA/ipoib: Set rtnllinkops for ipoib interfaces", if the IPoIB device is moved to non-initial netns, destroying that netns lets the...

CVE-2021-47261 IB/mlx5: Fix initializing CQ fragments buffer

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function initcqfragbuf can be called to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during CQ resize operation. However, the...

CVE-2021-47261 IB/mlx5: Fix initializing CQ fragments buffer

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function initcqfragbuf can be called to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during CQ resize operation. However, the...

CVE-2021-47256 mm/memory-failure: make sure wait for page writeback in memory_failure

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: make sure wait for page writeback in memoryfailure Our syzkaller trigger the "BUGON!listempty&inode-iwblist" in clearinode: kernel BUG at fs/inode.c:519! Internal error: Oops - BUG: 0 1 SMP Modules linked in:...

CVE-2021-47250 net: ipv4: fix memory leak in netlbl_cipsov4_add_std

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlblcipsov4addstd Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 size 64: comm "syz-executor842", pid 360, jiffies 4294824824 age 22.546s hex dump first 32 bytes: 00...

CVE-2021-47229 PCI: aardvark: Fix kernel panic during PIO transfer

In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIOSTART register when previous transfer has not yet completed which is indicated by value 1 in PIOSTART causes an...

CVE-2021-47229 PCI: aardvark: Fix kernel panic during PIO transfer

In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIOSTART register when previous transfer has not yet completed which is indicated by value 1 in PIOSTART causes an...

CVE-2021-47229

In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIOSTART register when previous transfer has not yet completed which is indicated by value 1 in PIOSTART causes an...

CVE-2021-47229

CVE-2021-47229 concerns the Linux kernel PCI aardvark driver. A kernel panic could occur when a new PIO transfer is started before the previous one finished; the kernel will issue an External Abort/SSeror interrupt leading to a reboot. The root cause analysis noted a previously added Trusted Firm...

CVE-2021-47220

...

SUSE CVE-2024-35785

In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix kernel panic caused by incorrect error handling The error path while failing to register devices on the TEE bus has a bug leading to kernel panic as follows: 15.398930 Unable to handle kernel paging request at...

SUSE CVE-2024-35837

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...