rpm package
opensuse/kernel-default-base&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.5
Vulnerabilities (1,895)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-27015 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mism | ||
| CVE-2024-27014 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end if | ||
| CVE-2024-27011 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abor | ||
| CVE-2024-27010 | — | < 5.14.21-150500.55.80.2.150500.6.35.6 | 5.14.21-150500.55.80.2.150500.6.35.6 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [..... | ||
| CVE-2024-27008 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or) | ||
| CVE-2024-27001 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking implemented, some things can fall through the cracks. Depending on the hardware model, URBs can have either bulk or in | ||
| CVE-2024-27000 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the B | ||
| CVE-2024-26999 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial/pmac_zilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but it turns out that you get a crash anyway if you're | ||
| CVE-2024-26997 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow. | ||
| CVE-2024-26996 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, eth_stop() is called. At this piont, accidentally if usb t | ||
| CVE-2024-26994 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crash on very long word In case a console is set up really large and contains a really long word (> 256 characters), we have to stop before the length of the word buffer. | ||
| CVE-2024-26989 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save() On arm64 machines, swsusp_save() faults if it attempts to access MEMBLOCK_NOMAP memory ranges. This can be reproduced in QEMU using UEFI when boot | ||
| CVE-2024-26984 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, ad | ||
| CVE-2024-26981 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix OOB in nilfs_set_de_type The size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is defined as "S_IFMT >> S_SHIFT", but the nilfs_set_de_type() function, which uses this array, specifie | ||
| CVE-2024-26977 | — | < 5.14.21-150500.55.68.1.150500.6.31.1 | 5.14.21-150500.55.68.1.150500.6.31.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: pci_iounmap(): Fix MMIO mapping leak The #ifdef ARCH_HAS_GENERIC_IOPORT_MAP accidentally also guards iounmap(), which means MMIO mappings are leaked. Move the guard so we call iounmap() for MMIO mappings. | ||
| CVE-2024-26976 | — | < 5.14.21-150500.55.73.1.150500.6.33.8 | 5.14.21-150500.55.73.1.150500.6.33.8 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed | ||
| CVE-2024-26970 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in o | ||
| CVE-2024-26969 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in o | ||
| CVE-2024-26966 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in | ||
| CVE-2024-26965 | — | < 5.14.21-150500.55.62.2.150500.6.27.2 | 5.14.21-150500.55.62.2.150500.6.27.2 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in |
- CVE-2024-27015May 1, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mism
- CVE-2024-27014May 1, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end if
- CVE-2024-27011May 1, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abor
- CVE-2024-27010May 1, 2024affected < 5.14.21-150500.55.80.2.150500.6.35.6fixed 5.14.21-150500.55.80.2.150500.6.35.6
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [.....
- CVE-2024-27008May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or)
- CVE-2024-27001May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking implemented, some things can fall through the cracks. Depending on the hardware model, URBs can have either bulk or in
- CVE-2024-27000May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the B
- CVE-2024-26999May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: serial/pmac_zilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but it turns out that you get a crash anyway if you're
- CVE-2024-26997May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow.
- CVE-2024-26996May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, eth_stop() is called. At this piont, accidentally if usb t
- CVE-2024-26994May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crash on very long word In case a console is set up really large and contains a really long word (> 256 characters), we have to stop before the length of the word buffer.
- CVE-2024-26989May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save() On arm64 machines, swsusp_save() faults if it attempts to access MEMBLOCK_NOMAP memory ranges. This can be reproduced in QEMU using UEFI when boot
- CVE-2024-26984May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, ad
- CVE-2024-26981May 1, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix OOB in nilfs_set_de_type The size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is defined as "S_IFMT >> S_SHIFT", but the nilfs_set_de_type() function, which uses this array, specifie
- CVE-2024-26977May 1, 2024affected < 5.14.21-150500.55.68.1.150500.6.31.1fixed 5.14.21-150500.55.68.1.150500.6.31.1
In the Linux kernel, the following vulnerability has been resolved: pci_iounmap(): Fix MMIO mapping leak The #ifdef ARCH_HAS_GENERIC_IOPORT_MAP accidentally also guards iounmap(), which means MMIO mappings are leaked. Move the guard so we call iounmap() for MMIO mappings.
- CVE-2024-26976May 1, 2024affected < 5.14.21-150500.55.73.1.150500.6.33.8fixed 5.14.21-150500.55.73.1.150500.6.33.8
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed
- CVE-2024-26970May 1, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in o
- CVE-2024-26969May 1, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in o
- CVE-2024-26966May 1, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in
- CVE-2024-26965May 1, 2024affected < 5.14.21-150500.55.62.2.150500.6.27.2fixed 5.14.21-150500.55.62.2.150500.6.27.2
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in
Page 63 of 95