VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2024-50150HigNov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent an

  • CVE-2024-50148MedNov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G

  • CVE-2024-50142MedNov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7908950a ("xfrm: Validate address prefix lengths in the xfrm selector.") syzbot c

  • CVE-2024-50172Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a possible memory leak In bnxt_re_setup_chip_ctx() when bnxt_qplib_map_db_bar() fails driver is not freeing the memory allocated for "rdev->chip_ctx".

  • CVE-2024-50171Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcm_sysport_xmit() The bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb in case of dma_map_single() fails, add dev_kfree_skb() to fix it.

  • CVE-2024-50170Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix potential memory leak in bcmasp_xmit() The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb in case of mapping fails, add dev_kfree_skb() to fix it.

  • CVE-2024-50168Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: net/sun3_82586: fix potential memory leak in sun3_82586_send_packet() The sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb in case of skb->len being too long, add dev_kfree_skb() to fix it.

  • CVE-2024-50167Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: be2net: fix potential memory leak in be_xmit() The be_xmit() returns NETDEV_TX_OK without freeing skb in case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.

  • CVE-2024-50166Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: fsl/fman: Fix refcount handling of fman-related devices In mac_probe() there are multiple calls to of_find_device_by_node(), fman_bind() and fman_port_bind() which takes references to of_dev->dev. Not all refer

  • CVE-2024-50165Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve param->string when parsing mount options In bpf_parse_param(), keep the value of param->string intact so it can be freed later. Otherwise, the kmalloc area pointed to by param->string will be leak

  • CVE-2024-50164Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overloading of MEM_UNINIT's meaning Lonial reported an issue in the BPF verifier where check_mem_size_reg() has the following code: if (!tnum_is_const(reg->var_off)) /* For unprivileged va

  • CVE-2024-50163Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI bpf_redirect flags don't overlap The bpf_redirect_info is shared between the SKB and XDP redirect paths, and the two paths use the same numeric flag values in the ri->flags fiel

  • CVE-2024-50162Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened. Currently, the BPF program that was executed after a redirect via BPF_MAP_TYPE_DEVMAP* does not hav

  • CVE-2024-50161Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining info_cnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining info_cnt. The following splat will be reported when

  • CVE-2024-50160Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs8409: Fix possible NULL dereference If snd_hda_gen_add_kctl fails to allocate memory and returns NULL, then NULL pointer dereference will occur in the next line. Since dolphin_fixups function is a

  • CVE-2024-50159Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() Clang static checker(scan-build) throws below warning: | drivers/firmware/arm_scmi/driver.c:line 2915, column 2 | Attempt to fr

  • CVE-2024-50158Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix out of bound check Driver exports pacing stats only on GenP5 and P7 adapters. But while parsing the pacing stats, driver has a check for "rdev->dbr_pacing". This caused a trace when KASAN is

  • CVE-2024-50157Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop Driver waits indefinitely for the fifo occupancy to go below a threshold as soon as the pacing interrupt is received. This can cause soft lockup on

  • CVE-2024-50156Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() If the allocation in msm_disp_state_dump_regs() failed then `block->state` can be NULL. The msm_disp_state_print_regs() function _does_ have code t

  • CVE-2024-50155Nov 7, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: netdevsim: use cond_resched() in nsim_dev_trap_report_work() I am still seeing many syzbot reports hinting that syzbot might fool nsim_dev_trap_report_work() with hundreds of ports [1] Lets use cond_resched(),

Page 39 of 72