rpm package
opensuse/kernel-source-longterm&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source-longterm&distro=openSUSE%20Tumbleweed
Vulnerabilities (694)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-50075 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: xhci: tegra: fix checked USB2 port number If USB virtualizatoin is enabled, USB2 ports are shared between all Virtual Functions. The USB2 port number owned by an USB2 root hub in a Virtual Function may be less | ||
| CVE-2024-50074 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blindly with snprintf(). However, since snprintf() returns the would-be-printed size, | ||
| CVE-2024-50073 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] Read of size 8 at addr ffff88815fe99c00 by task poc/3379 CPU: 0 | ||
| CVE-2024-50072 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below #GP in 32-bit mode when dosemu software was executing vm86() system call: general protection fault: 0000 [#1] PREEMPT SMP CPU | ||
| CVE-2024-50071 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() 'new_map' is allocated using devm_* which takes care of freeing the allocated data on device removal, call to .dt_free_map = pinconf_g | ||
| CVE-2024-50070 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: stm32: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code rev | ||
| CVE-2024-50069 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: apple: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code rev | ||
| CVE-2024-50068 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets() The sysfs_target->regions allocated in damon_sysfs_regions_alloc() is not freed in damon_sysfs_test_add_targets(), which cause the | ||
| CVE-2024-50067 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic context problem. Sometimes user-space strings, array | ||
| CVE-2024-50066 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/mremap: fix move_normal_pmd/retract_page_tables race In mremap(), move_page_tables() looks at the type of the PMD entry and the specified address range to figure out by which method the next chunk of page ta | ||
| CVE-2024-50058 | Med | 5.5 | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: serial: protect uart_port_dtr_rts() in uart_shutdown() too Commit af224ca2df29 (serial: core: Prevent unsafe uart port access, part 3) added few uport == NULL checks. It added one to uart_shutdown(), so the com | |
| CVE-2024-50046 | Med | 5.5 | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Acci | |
| CVE-2024-50045 | Med | 5.5 | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb Fix a kernel panic in the br_netfilter module when sending untagged traffic via a VxLAN device. This happens during the check for fragmentation in br_nf_ | |
| CVE-2024-50044 | Low | 3.3 | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl always attempt to lock it caus | |
| CVE-2024-50040 | Med | 5.5 | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb: Fix igb_down hung on surprise removal") changed igb_io_error_detected() to ignore non-fatal pcie errors in order to avoid hung ta | |
| CVE-2024-50039 | Med | 5.5 | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCA_STAB only for root qdisc Most qdiscs maintain their backlog using qdisc_pkt_len(skb) on the assumption it is invariant between the enqueue() and dequeue() handlers. Unfortunately syzbot c | |
| CVE-2024-50035 | Hig | 7.1 | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ppp: fix ppp_async_encode() illegal access syzbot reported an issue in ppp_async_encode() [1] In this case, pppoe_sendmsg() is called with a zero size. Then ppp_async_encode() is called with an empty skb. BUG | |
| CVE-2024-50033 | Hig | 7.1 | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets syzbot found that slhc_remember() was missing checks against malicious packets [1]. slhc_remember() only checked the size of the packet was at l | |
| CVE-2024-50065 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ntfs3: Change to non-blocking allocation in ntfs_d_hash d_hash is done while under "rcu-walk" and should not sleep. __get_name() allocates using GFP_KERNEL, having the possibility to sleep when under memory pre | ||
| CVE-2024-50064 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names We need to kfree() secondary algorithms names when reset zram device that had multi-streams, otherwise we leak memory. [senozhatsky@chromium.org: kfree(NULL) is legal] |
- CVE-2024-50075Oct 29, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: xhci: tegra: fix checked USB2 port number If USB virtualizatoin is enabled, USB2 ports are shared between all Virtual Functions. The USB2 port number owned by an USB2 root hub in a Virtual Function may be less
- CVE-2024-50074Oct 29, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blindly with snprintf(). However, since snprintf() returns the would-be-printed size,
- CVE-2024-50073Oct 29, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] Read of size 8 at addr ffff88815fe99c00 by task poc/3379 CPU: 0
- CVE-2024-50072Oct 29, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below #GP in 32-bit mode when dosemu software was executing vm86() system call: general protection fault: 0000 [#1] PREEMPT SMP CPU
- CVE-2024-50071Oct 29, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() 'new_map' is allocated using devm_* which takes care of freeing the allocated data on device removal, call to .dt_free_map = pinconf_g
- CVE-2024-50070Oct 29, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: stm32: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code rev
- CVE-2024-50069Oct 29, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: apple: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code rev
- CVE-2024-50068Oct 29, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets() The sysfs_target->regions allocated in damon_sysfs_regions_alloc() is not freed in damon_sysfs_test_add_targets(), which cause the
- CVE-2024-50067Oct 28, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic context problem. Sometimes user-space strings, array
- CVE-2024-50066Oct 23, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: mm/mremap: fix move_normal_pmd/retract_page_tables race In mremap(), move_page_tables() looks at the type of the PMD entry and the specified address range to figure out by which method the next chunk of page ta
- affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: serial: protect uart_port_dtr_rts() in uart_shutdown() too Commit af224ca2df29 (serial: core: Prevent unsafe uart port access, part 3) added few uport == NULL checks. It added one to uart_shutdown(), so the com
- affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Acci
- affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb Fix a kernel panic in the br_netfilter module when sending untagged traffic via a VxLAN device. This happens during the check for fragmentation in br_nf_
- affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl always attempt to lock it caus
- affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb: Fix igb_down hung on surprise removal") changed igb_io_error_detected() to ignore non-fatal pcie errors in order to avoid hung ta
- affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCA_STAB only for root qdisc Most qdiscs maintain their backlog using qdisc_pkt_len(skb) on the assumption it is invariant between the enqueue() and dequeue() handlers. Unfortunately syzbot c
- affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: ppp: fix ppp_async_encode() illegal access syzbot reported an issue in ppp_async_encode() [1] In this case, pppoe_sendmsg() is called with a zero size. Then ppp_async_encode() is called with an empty skb. BUG
- affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets syzbot found that slhc_remember() was missing checks against malicious packets [1]. slhc_remember() only checked the size of the packet was at l
- CVE-2024-50065Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: Change to non-blocking allocation in ntfs_d_hash d_hash is done while under "rcu-walk" and should not sleep. __get_name() allocates using GFP_KERNEL, having the possibility to sleep when under memory pre
- CVE-2024-50064Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names We need to kfree() secondary algorithms names when reset zram device that had multi-streams, otherwise we leak memory. [senozhatsky@chromium.org: kfree(NULL) is legal]
Page 20 of 35