VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2024-50022Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: device-dax: correct pgoff align in dax_set_mapping() pgoff should be aligned using ALIGN_DOWN() instead of ALIGN(). Otherwise, vmf->address not aligned to fault_size will be aligned to the next alignment, that

  • CVE-2024-50021Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() This patch addresses a reference count handling issue in the ice_dpll_init_rclk_pins() function. The function calls ice_dpll_get_pins(), which

  • CVE-2024-50020Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() This patch addresses an issue with improper reference count handling in the ice_sriov_set_msix_vec_count() function. First, the function

  • CVE-2024-50019Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASK_P

  • CVE-2024-50015MedOct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The dax_iomap_rw() does two things in each iteration: map written blocks and copy user data to blocks. If the process is killed by use

  • CVE-2024-50012MedOct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parse_perf_domain function, if the call to of_parse_phandle_with_args returns an error, then the reference to the CPU device node that was acquired at the

  • CVE-2024-50010MedOct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: exec: don't WARN for racy path_noexec check Both i_mode and noexec checks wrapped in WARN_ON stem from an artifact of the previous implementation. They used to legitimately check for the condition, but that got

  • CVE-2024-50008MedOct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexible-array member in `struct host_cmd_ds_802_11_scan_ext`. With this, fix the foll

  • CVE-2024-50007HigOct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This pa

  • CVE-2024-50006MedOct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate() Fuzzing reports a possible deadlock in jbd2_log_wait_commit. This issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require synchronous updates

  • CVE-2024-50017Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: x86/mm/ident_map: Use gbpages only where full GB page should be mapped. When ident_pud_init() uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the

  • CVE-2024-50014Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with fast-commit feature enabled: INFO: trying to

  • CVE-2024-50013Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry, 'bh' will not be released and reassigned, which will cause a memory leak.

  • CVE-2024-50011Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_machine_select(). So an e

  • CVE-2024-50009Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return in case of error. Found by Linux Verification Center (linuxtesti

  • CVE-2024-50005Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: mac802154: Fix potential RCU dereference issue in mac802154_scan_worker In the `mac802154_scan_worker` function, the `scan_req->type` field was accessed after the RCU read-side critical section was unlocked. Ac

  • CVE-2024-50004Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 [WHY & HOW] Mismatch in DCN35 DML2 cause bw validation failed to acquire unexpected DPP pipe to cause grey screen and system h

  • CVE-2024-50003Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix system hang while resume with TBT monitor [Why] Connected with a Thunderbolt monitor and do the suspend and the system may hang while resume. The TBT monitor HPD will be triggered during t

  • CVE-2024-50001MedOct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This cou

  • CVE-2024-49997HigOct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skb_put_padto()

Page 46 of 72