rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-50055 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the | ||
| CVE-2024-50049 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before dereferencing se [WHAT & HOW] se is null checked previously in the same function, indicating it might be null; therefore, it must be checked when used again. This fix | ||
| CVE-2024-50048 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param { uint8_t type; struct tiocl_selection t | ||
| CVE-2024-50047 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt | ||
| CVE-2024-50043 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREE_STATEID When multiple FREE_STATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4_f | ||
| CVE-2024-50042 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice echo 0 > /sys/bus/pci/devices/$PF | ||
| CVE-2024-50041 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash This patch addresses a macvlan leak issue in the i40e driver caused by concurrent access to vsi->mac_filter_hash. The leak occurs when multiple | ||
| CVE-2024-50038 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780 [..] ebt_do_tab | ||
| CVE-2024-50037 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only cleanup deferred I/O if necessary Commit 5a498d4d06d6 ("drm/fbdev-dma: Only install deferred I/O if necessary") initializes deferred I/O only if it is used. drm_fbdev_dma_fb_destroy() howeve | ||
| CVE-2024-50036 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: do not delay dst_entries_add() in dst_release() dst_entries_add() uses per-cpu data that might be freed at netns dismantle from ip6_route_net_exit() calling dst_entries_destroy() Before ip6_route_net_exit | ||
| CVE-2024-50034 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC Eric report a panic on IPPROTO_SMC, and give the facts that when INET_PROTOSW_ICSK was set, icsk->icsk_sync_mss must be set too. Bug: Unable to handle kernel | ||
| CVE-2024-50031 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running `kmscube` with one or more performance monitors enabled via `GALLIUM_HUD`, the following kernel panic can occur: [ 55.008324] Unable to ha | ||
| CVE-2024-50030 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/xe/ct: prevent UAF in send_recv() Ensure we serialize with completion side to prevent UAF with fence going out of scope on the stack, since we have no clue if it will fire after the timeout before we can er | ||
| CVE-2024-50029 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync This checks if the ACL connection remains valid as it could be destroyed while hci_enhanced_setup_sync is pending on cmd_sync leading to the following tra | ||
| CVE-2024-50028 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: thermal: core: Reference count the zone in thermal_zone_get_by_id() There are places in the thermal netlink code where nothing prevents the thermal zone object from going away while being accessed after it has | ||
| CVE-2024-50027 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: thermal: core: Free tzp copy along with the thermal zone The object pointed to by tz->tzp may still be accessed after being freed in thermal_zone_device_unregister(), so move the freeing of it to the point afte | ||
| CVE-2024-50026 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Don't use stale scsi_pointer value A regression was introduced with commit dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") which results in an oops in wd33c93_intr() | ||
| CVE-2024-50025 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flush_work initialization out of if block After commit 379a58caa199 ("scsi: fnic: Move fnic_fnic_flush_tx() to a work queue"), it can happen that a work item is sent to an uninitialized work qu | ||
| CVE-2024-50024 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that family: Oops: Kernel access of bad area, sig: 11 [#1] ... NIP [c000000000c080 | ||
| CVE-2024-50023 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs list on unregister Commit c938ab4da0eb ("net: phy: Manual remove LEDs to ensure correct ordering") correctly fixed a problem with using devm_ but missed removing the LED ent |
- CVE-2024-50055Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the
- CVE-2024-50049Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before dereferencing se [WHAT & HOW] se is null checked previously in the same function, indicating it might be null; therefore, it must be checked when used again. This fix
- CVE-2024-50048Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param { uint8_t type; struct tiocl_selection t
- CVE-2024-50047Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt
- CVE-2024-50043Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREE_STATEID When multiple FREE_STATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4_f
- CVE-2024-50042Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice echo 0 > /sys/bus/pci/devices/$PF
- CVE-2024-50041Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash This patch addresses a macvlan leak issue in the i40e driver caused by concurrent access to vsi->mac_filter_hash. The leak occurs when multiple
- CVE-2024-50038Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780 [..] ebt_do_tab
- CVE-2024-50037Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only cleanup deferred I/O if necessary Commit 5a498d4d06d6 ("drm/fbdev-dma: Only install deferred I/O if necessary") initializes deferred I/O only if it is used. drm_fbdev_dma_fb_destroy() howeve
- CVE-2024-50036Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: net: do not delay dst_entries_add() in dst_release() dst_entries_add() uses per-cpu data that might be freed at netns dismantle from ip6_route_net_exit() calling dst_entries_destroy() Before ip6_route_net_exit
- CVE-2024-50034Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC Eric report a panic on IPPROTO_SMC, and give the facts that when INET_PROTOSW_ICSK was set, icsk->icsk_sync_mss must be set too. Bug: Unable to handle kernel
- CVE-2024-50031Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running `kmscube` with one or more performance monitors enabled via `GALLIUM_HUD`, the following kernel panic can occur: [ 55.008324] Unable to ha
- CVE-2024-50030Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/xe/ct: prevent UAF in send_recv() Ensure we serialize with completion side to prevent UAF with fence going out of scope on the stack, since we have no clue if it will fire after the timeout before we can er
- CVE-2024-50029Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync This checks if the ACL connection remains valid as it could be destroyed while hci_enhanced_setup_sync is pending on cmd_sync leading to the following tra
- CVE-2024-50028Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Reference count the zone in thermal_zone_get_by_id() There are places in the thermal netlink code where nothing prevents the thermal zone object from going away while being accessed after it has
- CVE-2024-50027Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Free tzp copy along with the thermal zone The object pointed to by tz->tzp may still be accessed after being freed in thermal_zone_device_unregister(), so move the freeing of it to the point afte
- CVE-2024-50026Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Don't use stale scsi_pointer value A regression was introduced with commit dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") which results in an oops in wd33c93_intr()
- CVE-2024-50025Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flush_work initialization out of if block After commit 379a58caa199 ("scsi: fnic: Move fnic_fnic_flush_tx() to a work queue"), it can happen that a work item is sent to an uninitialized work qu
- CVE-2024-50024Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that family: Oops: Kernel access of bad area, sig: 11 [#1] ... NIP [c000000000c080
- CVE-2024-50023Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs list on unregister Commit c938ab4da0eb ("net: phy: Manual remove LEDs to ensure correct ordering") correctly fixed a problem with using devm_ but missed removing the LED ent
Page 45 of 72