VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2024-47682Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bound

  • CVE-2024-47681Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he Fix the NULL pointer dereference in mt7996_mcu_sta_bfer_he routine adding an sta interface to the mt7996 driver. Found by code review.

  • CVE-2024-47680Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bde

  • CVE-2024-47679Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode (ie ino 261) with i

  • CVE-2024-47678Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_allow()) 2) Per destinatio

  • CVE-2024-47677Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_upcase_table allocates mor

  • CVE-2024-47676Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlb_fault(). This happens because vmf_anon_prepare() could drop the per-VMA lock and allow the current VMA to be freed before h

  • CVE-2024-47675Oct 21, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's without calling bpf_uprobe_un

  • CVE-2024-47671Oct 9, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before filling fields.

  • CVE-2024-46869Sep 30, 2024
    affected < 6.11.8-1.1fixed 6.11.8-1.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is used to store internal data.

  • CVE-2024-26865Apr 17, 2024
    affected < 6.8.9-1.1fixed 6.8.9-1.1

    In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). syzkaller reported a warning of netns tracker [0] followed by KASAN splat [1] and another ref tracker warning [1]. syzkaller could not find a repro

  • CVE-2024-26862Apr 17, 2024
    affected < 6.8.9-1.1fixed 6.8.9-1.1

    In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported:

  • CVE-2023-28746MedMar 14, 2024
    affected < 6.8.1-1.1fixed 6.8.1-1.1

    Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2024-26605Feb 24, 2024
    affected < 6.7.9-1.1fixed 6.7.9-1.1

    In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock when enabling ASPM during probe of Qualcomm PCIe controllers as reported by lockdep: ==============

  • CVE-2023-52461Feb 23, 2024
    affected < 6.7.9-1.1fixed 6.7.9-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix bounds limiting when given a malformed entity If we're given a malformed entity in drm_sched_entity_init()--shouldn't happen, but we verify--with out-of-bounds priority value, we set it to an all

  • CVE-2023-52459Feb 23, 2024
    affected < 6.7.9-1.1fixed 6.7.9-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is already called from the helper function in the line before. Having a second list_del() call results in either a warning (wi

  • CVE-2023-52457Feb 23, 2024
    affected < 6.7.9-1.1fixed 6.7.9-1.1

    In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback return

  • CVE-2023-52456Feb 23, 2024
    affected < 6.7.9-1.1fixed 6.7.9-1.1

    In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. When the TTY port is closed in th

  • CVE-2023-52429Feb 12, 2024
    affected < 6.7.5-1.1fixed 6.7.5-1.1

    dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.

  • CVE-2023-6536Feb 7, 2024
    affected < 6.7.4-1.1fixed 6.7.4-1.1

    A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial

Page 58 of 72