rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-49907 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using dc->clk_mgr [WHY & HOW] dc->clk_mgr is null checked previously in the same function, indicating it might be null. Passing "dc" to "dc->hwss.apply_idle_power_op | ||
| CVE-2024-49906 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before try to access it [why & how] Change the order of the pipe_ctx->plane_state check to ensure that plane_state is not null before accessing it. | ||
| CVE-2024-49905 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) This commit adds a null check for the 'afb' variable in the amdgpu_dm_plane_handle_cursor_update function. Previously, 'afb | ||
| CVE-2024-49904 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cases. - list_for_each_entry_safe() | ||
| CVE-2024-49901 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs There are some cases, such as the one uncovered by Commit 46d4efcccc68 ("drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails") wh | ||
| CVE-2024-49899 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominators' default to 1 [WHAT & HOW] Variables used as denominators and maybe not assigned to other values, should not be 0. Change their default to 1 so they are never 0. This f | ||
| CVE-2024-49898 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null-initialized variables [WHAT & HOW] drr_timing and subvp_pipe are initialized to null and they are not always assigned new values. It is necessary to check for null before dereferenci | ||
| CVE-2024-49897 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check phantom_stream before it is used dcn32_enable_phantom_stream can return null, so returned value must be checked before used. This fixes 1 NULL_RETURNS issue reported by Coverity. | ||
| CVE-2024-49896 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream before comparing them [WHAT & HOW] amdgpu_dm can pass a null stream to dc_is_stream_unchanged. It is necessary to check for null before dereferencing them. This fixes 1 FORWARD_NU | ||
| CVE-2024-49895 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation This commit addresses a potential index out of bounds issue in the `cm3_helper_translate_curve_to_degamma_hw_format` functio | ||
| CVE-2024-49893 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream_status before it is used [WHAT & HOW] dc_state_get_stream_status can return null, and therefore null must be checked before stream_status is used. This fixes 1 NULL_RETURNS issue | ||
| CVE-2024-49891 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths When the HBA is undergoing a reset or is handling an errata event, NULL ptr dereference crashes may occur in routines such as lpfc_s | ||
| CVE-2024-49888 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a sdiv overflow issue Zac Ecob reported a problem where a bpf program may cause kernel crash due to the following error: Oops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI The failure is due to the | ||
| CVE-2024-49887 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't panic system for no free segment fault injection f2fs: fix to don't panic system for no free segment fault injection syzbot reports a f2fs bug as below: F2FS-fs (loop0): inject no free segm | ||
| CVE-2024-49886 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bounds". kasan report: [ 19.411889] ============================================= | ||
| CVE-2024-49885 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 ("mm/slub: extend redzone check to extra allocated kmalloc space than requested"), setting orig_size treats the wasted space (object_size - orig | ||
| CVE-2024-49881 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent() In ext4_find_extent(), if the path is not big enough, we free it and set *orig_path to NULL. But after reallocating and successfully initializing the path, we don't | ||
| CVE-2024-49880 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue in alloc_flex_gd() Wesley reported an issue: ================================================================== EXT4-fs (dm-5): resizing filesystem from 7168 to 786432 blocks ------- | ||
| CVE-2024-49879 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for alloc_ordered_workqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of alloc_ordered_workqueue. | ||
| CVE-2024-49878 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) related to CXL memory may look like something as follows. 490000000-50fffffff : CXL |
- CVE-2024-49907Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using dc->clk_mgr [WHY & HOW] dc->clk_mgr is null checked previously in the same function, indicating it might be null. Passing "dc" to "dc->hwss.apply_idle_power_op
- CVE-2024-49906Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before try to access it [why & how] Change the order of the pipe_ctx->plane_state check to ensure that plane_state is not null before accessing it.
- CVE-2024-49905Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) This commit adds a null check for the 'afb' variable in the amdgpu_dm_plane_handle_cursor_update function. Previously, 'afb
- CVE-2024-49904Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cases. - list_for_each_entry_safe()
- CVE-2024-49901Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs There are some cases, such as the one uncovered by Commit 46d4efcccc68 ("drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails") wh
- CVE-2024-49899Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominators' default to 1 [WHAT & HOW] Variables used as denominators and maybe not assigned to other values, should not be 0. Change their default to 1 so they are never 0. This f
- CVE-2024-49898Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null-initialized variables [WHAT & HOW] drr_timing and subvp_pipe are initialized to null and they are not always assigned new values. It is necessary to check for null before dereferenci
- CVE-2024-49897Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check phantom_stream before it is used dcn32_enable_phantom_stream can return null, so returned value must be checked before used. This fixes 1 NULL_RETURNS issue reported by Coverity.
- CVE-2024-49896Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream before comparing them [WHAT & HOW] amdgpu_dm can pass a null stream to dc_is_stream_unchanged. It is necessary to check for null before dereferencing them. This fixes 1 FORWARD_NU
- CVE-2024-49895Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation This commit addresses a potential index out of bounds issue in the `cm3_helper_translate_curve_to_degamma_hw_format` functio
- CVE-2024-49893Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream_status before it is used [WHAT & HOW] dc_state_get_stream_status can return null, and therefore null must be checked before stream_status is used. This fixes 1 NULL_RETURNS issue
- CVE-2024-49891Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths When the HBA is undergoing a reset or is handling an errata event, NULL ptr dereference crashes may occur in routines such as lpfc_s
- CVE-2024-49888Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a sdiv overflow issue Zac Ecob reported a problem where a bpf program may cause kernel crash due to the following error: Oops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI The failure is due to the
- CVE-2024-49887Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't panic system for no free segment fault injection f2fs: fix to don't panic system for no free segment fault injection syzbot reports a f2fs bug as below: F2FS-fs (loop0): inject no free segm
- CVE-2024-49886Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bounds". kasan report: [ 19.411889] =============================================
- CVE-2024-49885Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 ("mm/slub: extend redzone check to extra allocated kmalloc space than requested"), setting orig_size treats the wasted space (object_size - orig
- CVE-2024-49881Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent() In ext4_find_extent(), if the path is not big enough, we free it and set *orig_path to NULL. But after reallocating and successfully initializing the path, we don't
- CVE-2024-49880Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue in alloc_flex_gd() Wesley reported an issue: ================================================================== EXT4-fs (dm-5): resizing filesystem from 7168 to 786432 blocks -------
- CVE-2024-49879Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for alloc_ordered_workqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of alloc_ordered_workqueue.
- CVE-2024-49878Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) related to CXL memory may look like something as follows. 490000000-50fffffff : CXL
Page 52 of 72