VYPR

rpm package

opensuse/kernel-source-longterm&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source-longterm&distro=openSUSE%20Tumbleweed

Vulnerabilities (694)

  • CVE-2024-50117Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ``` ? show_regs (arch/x86/kernel/dumpst

  • CVE-2024-50116Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of buffer delay flag Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in

  • CVE-2024-50115Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforc

  • CVE-2024-50114Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvm_put_kvm+0x300/

  • CVE-2024-50113Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: firewire: core: fix invalid port index for parent device In a commit 24b7f8e5cd65 ("firewire: core: use helper functions for self ID sequence"), the enumeration over self ID sequence was refactored with some he

  • CVE-2024-50112Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESS_MASKING in most cases Linear Address Masking (LAM) has a weakness related to transient execution as described in the SLAM paper[1]. Unless Linear Address Space Separation (LASS) is enab

  • CVE-2024-50111Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled context such as user mode, in this case do_ale() may call get_user() which may cause

  • CVE-2024-50110Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x598/0x2a30 _copy_to_iter+0x598/0x2a30 __skb_datagram

  • CVE-2024-50109Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10_size() In raid10_run() if raid10_set_queue_limits() succeed, the return value is set to zero, and if following procedures failed raid10_run() will return zero while

  • CVE-2024-50108Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too Stuart Hayhurst has found that both at bootup and fullscreen VA-API video is leading to black screens for around 1 second and kernel WARNING [1] traces w

  • CVE-2024-50107Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounmap() address range checks") introduces a WARN when adrress ranges of iounmap are

  • CVE-2024-50106Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a client sending free_stateid operation. Laundromat thread finds that delegation has exp

  • CVE-2024-50105Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc Commit 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream alloc to soundcards") moved the allocation of Soundwire stream runtime from the Qua

  • CVE-2024-50104Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sdm845: add missing soundwire runtime stream alloc During the migration of Soundwire runtime stream allocation from the Qualcomm Soundwire controller to SoC's soundcard drivers the sdm845 soundcard

  • CVE-2024-50103Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() A devm_kzalloc() in asoc_qcom_lpass_cpu_platform_probe() could possibly return NULL pointer. NULL Pointer Dereference may be triggerred w

  • CVE-2024-50102Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether

  • CVE-2024-50101Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices Previously, the domain_context_clear() function incorrectly called pci_for_each_dma_alias() to set up context entries for non-PCI devices.

  • CVE-2024-50100Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: USB: gadget: dummy-hcd: Fix "task hung" problem The syzbot fuzzer has been encountering "task hung" problems ever since the dummy-hcd driver was changed to use hrtimers instead of regular timers. It turns out

  • CVE-2024-50099Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR (literal) uprobe support The simulate_ldr_literal() and simulate_ldrsw_literal() functions are unsafe to use for uprobes. Both functions were originally written for use with kpr

  • CVE-2024-50098Nov 5, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of booting. SDEV_QUIESCE was set for all LU's scsi_devices by UFS shutdown, and at

Page 18 of 35