rpm package
opensuse/kernel-source&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6
Vulnerabilities (4,148)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26611 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens: [1136314.192256] | ||
| CVE-2023-52489 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA | ||
| CVE-2023-52472 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Feb 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in | ||
| CVE-2024-26601 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Feb 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on cod | ||
| CVE-2024-26596 | Med | 5.5 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the sy | |
| CVE-2023-52458 | Med | 5.5 | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If th | |
| CVE-2024-26590 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Feb 22, 2024 | In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initiali | ||
| CVE-2024-26482 | — | < 6.4.0-150600.23.14.2 | 6.4.0-150600.23.14.2 | Feb 22, 2024 | An HTML injection vulnerability exists in the Edit Content Layout module of Kirby CMS v4.1.0. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is backend sanitization such that the reporter's | ||
| CVE-2024-26584 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES | ||
| CVE-2023-52435 | — | < 6.4.0-150600.23.17.1 | 6.4.0-150600.23.17.1 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the kernel in skb_segment() [1] GSO_BY_FRAGS is a forbidden value, but unfortunately the following computation in skb_segment() can | ||
| CVE-2023-52434 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Feb 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). This fixes following oops when accessing invalid create cont | ||
| CVE-2024-25739 | Med | 5.5 | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Feb 12, 2024 | create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. | |
| CVE-2024-25741 | — | < 6.4.0-150600.23.17.1 | 6.4.0-150600.23.17.1 | Feb 12, 2024 | printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact. | ||
| CVE-2024-24861 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Feb 5, 2024 | A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue. | ||
| CVE-2024-22099 | Med | 6.3 | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Jan 25, 2024 | NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2. | |
| CVE-2024-23848 | Med | 5.5 | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Jan 23, 2024 | In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. | |
| CVE-2023-39197 | — | < 6.4.0-150600.23.73.1 | 6.4.0-150600.23.73.1 | Jan 23, 2024 | An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. | ||
| CVE-2024-0639 | — | < 6.4.0-150600.23.7.2 | 6.4.0-150600.23.7.2 | Jan 17, 2024 | A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. | ||
| CVE-2023-6270 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Jan 4, 2024 | A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob | ||
| CVE-2023-51780 | — | < 6.4.0-150600.23.17.1 | 6.4.0-150600.23.17.1 | Dec 25, 2023 | An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. |
- CVE-2024-26611Feb 29, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens: [1136314.192256]
- CVE-2023-52489Feb 29, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA
- CVE-2023-52472Feb 25, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in
- CVE-2024-26601Feb 24, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redundant mb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based on cod
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the sy
- affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If th
- CVE-2024-26590Feb 22, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initiali
- CVE-2024-26482Feb 22, 2024affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2
An HTML injection vulnerability exists in the Edit Content Layout module of Kirby CMS v4.1.0. NOTE: the vendor disputes the significance of this report because some HTML formatting (such as with an H1 element) is allowed, but there is backend sanitization such that the reporter's
- CVE-2024-26584Feb 21, 2024affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
- CVE-2023-52435Feb 20, 2024affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1
In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the kernel in skb_segment() [1] GSO_BY_FRAGS is a forbidden value, but unfortunately the following computation in skb_segment() can
- CVE-2023-52434Feb 20, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). This fixes following oops when accessing invalid create cont
- affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
- CVE-2024-25741Feb 12, 2024affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1
printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact.
- CVE-2024-24861Feb 5, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.
- affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.
- affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.
- CVE-2023-39197Jan 23, 2024affected < 6.4.0-150600.23.73.1fixed 6.4.0-150600.23.73.1
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
- CVE-2024-0639Jan 17, 2024affected < 6.4.0-150600.23.7.2fixed 6.4.0-150600.23.7.2
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.
- CVE-2023-6270Jan 4, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` glob
- CVE-2023-51780Dec 25, 2023affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1
An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.
Page 207 of 208