rpm package
opensuse/kernel-source&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
Vulnerabilities (1,435)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-47682 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bound | ||
| CVE-2024-47681 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he Fix the NULL pointer dereference in mt7996_mcu_sta_bfer_he routine adding an sta interface to the mt7996 driver. Found by code review. | ||
| CVE-2024-47680 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bde | ||
| CVE-2024-47679 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode (ie ino 261) with i | ||
| CVE-2024-47678 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_allow()) 2) Per destinatio | ||
| CVE-2024-47677 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_upcase_table allocates mor | ||
| CVE-2024-47676 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlb_fault(). This happens because vmf_anon_prepare() could drop the per-VMA lock and allow the current VMA to be freed before h | ||
| CVE-2024-47675 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's without calling bpf_uprobe_un | ||
| CVE-2024-47671 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Oct 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before filling fields. | ||
| CVE-2024-46869 | — | < 6.11.8-1.1 | 6.11.8-1.1 | Sep 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is used to store internal data. | ||
| CVE-2024-26865 | — | < 6.8.9-1.1 | 6.8.9-1.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). syzkaller reported a warning of netns tracker [0] followed by KASAN splat [1] and another ref tracker warning [1]. syzkaller could not find a repro | ||
| CVE-2024-26862 | — | < 6.8.9-1.1 | 6.8.9-1.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported: | ||
| CVE-2023-28746 | Med | 6.5 | < 6.8.1-1.1 | 6.8.1-1.1 | Mar 14, 2024 | Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2024-26605 | — | < 6.7.9-1.1 | 6.7.9-1.1 | Feb 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe controllers as reported by lockdep: ============== | ||
| CVE-2023-52461 | — | < 6.7.9-1.1 | 6.7.9-1.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix bounds limiting when given a malformed entity If we're given a malformed entity in drm_sched_entity_init()--shouldn't happen, but we verify--with out-of-bounds priority value, we set it to an all | ||
| CVE-2023-52459 | — | < 6.7.9-1.1 | 6.7.9-1.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is already called from the helper function in the line before. Having a second list_del() call results in either a warning (wi | ||
| CVE-2023-52457 | — | < 6.7.9-1.1 | 6.7.9-1.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback return | ||
| CVE-2023-52456 | — | < 6.7.9-1.1 | 6.7.9-1.1 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. When the TTY port is closed in th | ||
| CVE-2023-52429 | — | < 6.7.5-1.1 | 6.7.5-1.1 | Feb 12, 2024 | dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. | ||
| CVE-2023-6536 | — | < 6.7.4-1.1 | 6.7.4-1.1 | Feb 7, 2024 | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial |
- CVE-2024-47682Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bound
- CVE-2024-47681Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he Fix the NULL pointer dereference in mt7996_mcu_sta_bfer_he routine adding an sta interface to the mt7996 driver. Found by code review.
- CVE-2024-47680Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bde
- CVE-2024-47679Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode (ie ino 261) with i
- CVE-2024-47678Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_allow()) 2) Per destinatio
- CVE-2024-47677Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_upcase_table allocates mor
- CVE-2024-47676Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlb_fault(). This happens because vmf_anon_prepare() could drop the per-VMA lock and allow the current VMA to be freed before h
- CVE-2024-47675Oct 21, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's without calling bpf_uprobe_un
- CVE-2024-47671Oct 9, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before filling fields.
- CVE-2024-46869Sep 30, 2024affected < 6.11.8-1.1fixed 6.11.8-1.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is used to store internal data.
- CVE-2024-26865Apr 17, 2024affected < 6.8.9-1.1fixed 6.8.9-1.1
In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). syzkaller reported a warning of netns tracker [0] followed by KASAN splat [1] and another ref tracker warning [1]. syzkaller could not find a repro
- CVE-2024-26862Apr 17, 2024affected < 6.8.9-1.1fixed 6.8.9-1.1
In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported:
- affected < 6.8.1-1.1fixed 6.8.1-1.1
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2024-26605Feb 24, 2024affected < 6.7.9-1.1fixed 6.7.9-1.1
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe controllers as reported by lockdep: ==============
- CVE-2023-52461Feb 23, 2024affected < 6.7.9-1.1fixed 6.7.9-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix bounds limiting when given a malformed entity If we're given a malformed entity in drm_sched_entity_init()--shouldn't happen, but we verify--with out-of-bounds priority value, we set it to an all
- CVE-2023-52459Feb 23, 2024affected < 6.7.9-1.1fixed 6.7.9-1.1
In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is already called from the helper function in the line before. Having a second list_del() call results in either a warning (wi
- CVE-2023-52457Feb 23, 2024affected < 6.7.9-1.1fixed 6.7.9-1.1
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback return
- CVE-2023-52456Feb 23, 2024affected < 6.7.9-1.1fixed 6.7.9-1.1
In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. When the TTY port is closed in th
- CVE-2023-52429Feb 12, 2024affected < 6.7.5-1.1fixed 6.7.5-1.1
dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
- CVE-2023-6536Feb 7, 2024affected < 6.7.4-1.1fixed 6.7.4-1.1
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial
Page 58 of 72