VYPR

rpm package

opensuse/kernel-source-longterm&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source-longterm&distro=openSUSE%20Tumbleweed

Vulnerabilities (694)

  • CVE-2024-49937Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: 0 PID: 63 at cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]" caused by the chan

  • CVE-2024-49936Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvif_flush_hash() During the list_for_each_entry_rcu iteration call of xenvif_flush_hash, kfree_rcu does not exist inside the rcu read critical section, so if kfree_rcu is call

  • CVE-2024-49935Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is called within exit_round_robin(), because when executing clear_bit(nr, addr) with nr set to 0xffffffff

  • CVE-2024-49934Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name It's observed that a crash occurs during hot-remove a memory device, in which user is accessing the hugetlb. See calltrace as following: --

  • CVE-2024-49933Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: blk_iocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the ioc_forgive_debts() function: UBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38 shift exponent 80 is

  • CVE-2024-49932Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesystem is backed by a RAID stripe tree we can get ENOENT (e.g. due to preallocated

  • CVE-2024-49931Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix array out-of-bound access in SoC stats Currently, the ath12k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath12k_dp_rx_process() functi

  • CVE-2024-49929Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvsta pointer is not NULL. It retrieves this pointer using iwl_mvm_sta_from_mac80211, which is der

  • CVE-2024-49928Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid reading out of bounds when loading TX power FW elements Because the loop-expression will do one more time before getting false from cond-expression, the original code copied one more entry si

  • CVE-2024-49927Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irq_pin_list (-1,0,20) Kernel panic - not syncing: IO-AP

  • CVE-2024-49926Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb() For kernels built with CONFIG_FORCE_NR_CPUS=y, the nr_cpu_ids is defined as NR_CPUS instead of the number of possible cpus, this

  • CVE-2024-49923Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags [WHAT & HOW] "dcn20_validate_apply_pipe_split_flags" dereferences merge, and thus it cannot be a null pointer. Let's pass a valid pointer

  • CVE-2024-49922Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using them [WHAT & HOW] These pointers are null checked previously in the same function, indicating they might be null as reported by Coverity. As a result, they need

  • CVE-2024-49921Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before used [WHAT & HOW] Poniters, such as dc->clk_mgr, are null checked previously in the same function, so Coverity warns "implies that "dc->clk_mgr" might be null". As a

  • CVE-2024-49920Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before multiple uses [WHAT & HOW] Poniters, such as stream_enc and dc->bw_vbios, are null checked previously in the same function, so Coverity warns "implies that stream_enc

  • CVE-2024-49919Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer This commit addresses a potential null pointer dereference issue in the `dcn201_acquire_free_pipe_for_layer` function. The iss

  • CVE-2024-49918Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer This commit addresses a potential null pointer dereference issue in the `dcn32_acquire_idle_pipe_for_head_pipe_in_

  • CVE-2024-49917Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw This commit addresses a potential null pointer dereference issue in the `dcn30_init_hw` function. The issue could occur when `dc->

  • CVE-2024-49916Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw This commit addresses a potential null pointer dereference issue in the `dcn401_init_hw` function. The issue could occur when `dc

  • CVE-2024-49915Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw This commit addresses a potential null pointer dereference issue in the `dcn32_init_hw` function. The issue could occur when `dc->clk_mgr` is null.

Page 27 of 35