rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-50135 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, therefore nvme_pci_update_nr_queues() should avoid racing against it, otherwise we cou | ||
| CVE-2024-50133 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: LoongArch: Don't crash in stack_top() for tasks without vDSO Not all tasks have a vDSO mapped, for example kthreads never do. If such a task ever ends up calling stack_top(), it will derefence the NULL vdso poi | ||
| CVE-2024-50132 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing/probes: Fix MAX_TRACE_ARGS limit handling When creating a trace_probe we would set nr_args prior to truncating the arguments to MAX_TRACE_ARGS. However, we would only initialize arguments up to the limi | ||
| CVE-2024-50130 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read of size 8 at addr ffff8880106fe400 by task repro/72= bpf_nf_link_release+0xda/0x | ||
| CVE-2024-50129 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: pse-pd: Fix out of bound for loop Adjust the loop limit to prevent out-of-bounds access when iterating over PI structures. The loop should not reach the index pcdev->nr_lines since we allocate exactly pcde | ||
| CVE-2024-50128 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as | ||
| CVE-2024-50126 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm6 | ||
| CVE-2024-50125 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list. | ||
| CVE-2024-50124 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list. | ||
| CVE-2024-50123 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPF_LINK_TYPE invocation for sockmap There is an out-of-bounds read in bpf_link_show_fdinfo() for the sockmap link fd. Fix it by adding the missing BPF_LINK_TYPE invocation for sockmap link | ||
| CVE-2024-50122 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe fu | ||
| CVE-2024-50119 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix warning when destroy 'cifs_io_request_pool' There's a issue as follows: WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 free_large_kmalloc+0xac/0xe0 RIP: 0010:free_large_kmalloc+0xac/0xe0 Call Trace: <T | ||
| CVE-2024-50118 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: reject ro->rw reconfiguration if there are hard ro requirements [BUG] Syzbot reports the following crash: BTRFS info (device loop0 state MCS): disabling free space tree BTRFS info (device loop0 stat | ||
| CVE-2024-50117 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ``` ? show_regs (arch/x86/kernel/dumpst | ||
| CVE-2024-50116 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of buffer delay flag Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in | ||
| CVE-2024-50115 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc | ||
| CVE-2024-50114 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvm_put_kvm+0x300/ | ||
| CVE-2024-50113 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: firewire: core: fix invalid port index for parent device In a commit 24b7f8e5cd65 ("firewire: core: use helper functions for self ID sequence"), the enumeration over self ID sequence was refactored with some he | ||
| CVE-2024-50112 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESS_MASKING in most cases Linear Address Masking (LAM) has a weakness related to transient execution as described in the SLAM paper[1]. Unless Linear Address Space Separation (LASS) is enab | ||
| CVE-2024-50111 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled context such as user mode, in this case do_ale() may call get_user() which may cause |
- CVE-2024-50135Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, therefore nvme_pci_update_nr_queues() should avoid racing against it, otherwise we cou
- CVE-2024-50133Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Don't crash in stack_top() for tasks without vDSO Not all tasks have a vDSO mapped, for example kthreads never do. If such a task ever ends up calling stack_top(), it will derefence the NULL vdso poi
- CVE-2024-50132Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: Fix MAX_TRACE_ARGS limit handling When creating a trace_probe we would set nr_args prior to truncating the arguments to MAX_TRACE_ARGS. However, we would only initialize arguments up to the limi
- CVE-2024-50130Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read of size 8 at addr ffff8880106fe400 by task repro/72= bpf_nf_link_release+0xda/0x
- CVE-2024-50129Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: net: pse-pd: Fix out of bound for loop Adjust the loop limit to prevent out-of-bounds access when iterating over PI structures. The loop should not reach the index pcdev->nr_lines since we allocate exactly pcde
- CVE-2024-50128Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as
- CVE-2024-50126Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm6
- CVE-2024-50125Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list.
- CVE-2024-50124Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list.
- CVE-2024-50123Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPF_LINK_TYPE invocation for sockmap There is an out-of-bounds read in bpf_link_show_fdinfo() for the sockmap link fd. Fix it by adding the missing BPF_LINK_TYPE invocation for sockmap link
- CVE-2024-50122Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe fu
- CVE-2024-50119Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix warning when destroy 'cifs_io_request_pool' There's a issue as follows: WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 free_large_kmalloc+0xac/0xe0 RIP: 0010:free_large_kmalloc+0xac/0xe0 Call Trace: <T
- CVE-2024-50118Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject ro->rw reconfiguration if there are hard ro requirements [BUG] Syzbot reports the following crash: BTRFS info (device loop0 state MCS): disabling free space tree BTRFS info (device loop0 stat
- CVE-2024-50117Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ``` ? show_regs (arch/x86/kernel/dumpst
- CVE-2024-50116Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of buffer delay flag Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in
- CVE-2024-50115Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc
- CVE-2024-50114Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvm_put_kvm+0x300/
- CVE-2024-50113Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: firewire: core: fix invalid port index for parent device In a commit 24b7f8e5cd65 ("firewire: core: use helper functions for self ID sequence"), the enumeration over self ID sequence was refactored with some he
- CVE-2024-50112Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESS_MASKING in most cases Linear Address Masking (LAM) has a weakness related to transient execution as described in the SLAM paper[1]. Unless Linear Address Space Separation (LASS) is enab
- CVE-2024-50111Nov 5, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled context such as user mode, in this case do_ale() may call get_user() which may cause
Page 41 of 72