VYPR

rpm package

opensuse/kernel-source-longterm&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source-longterm&distro=openSUSE%20Tumbleweed

Vulnerabilities (694)

  • CVE-2024-49887Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't panic system for no free segment fault injection f2fs: fix to don't panic system for no free segment fault injection syzbot reports a f2fs bug as below: F2FS-fs (loop0): inject no free segm

  • CVE-2024-49886Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bounds". kasan report: [ 19.411889] =============================================

  • CVE-2024-49885Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 ("mm/slub: extend redzone check to extra allocated kmalloc space than requested"), setting orig_size treats the wasted space (object_size - orig

  • CVE-2024-49881Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent() In ext4_find_extent(), if the path is not big enough, we free it and set *orig_path to NULL. But after reallocating and successfully initializing the path, we don't

  • CVE-2024-49880Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue in alloc_flex_gd() Wesley reported an issue: ================================================================== EXT4-fs (dm-5): resizing filesystem from 7168 to 786432 blocks -------

  • CVE-2024-49879Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for alloc_ordered_workqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of alloc_ordered_workqueue.

  • CVE-2024-49878Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) related to CXL memory may look like something as follows. 490000000-50fffffff : CXL

  • CVE-2024-49877Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate When doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger NULL pointer dereference in the following ocfs2_set_buffer_uptodate() if b

  • CVE-2024-49876Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix UAF around queue destruction We currently do stuff like queuing the final destruction step on a random system wq, which will outlive the driver instance. With bad timing we can teardown the driver w

  • CVE-2024-49875Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to nfserr_io to avoid warning Ext4 will throw -EBADMSG through ext4_readdir when a checksum error occurs, resulting in the following WARNING. Fix it by mapping EBADMSG to nfserr_io. nfsd

  • CVE-2024-49874Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition In the svc_i3c_master_probe function, &master->hj_work is bound with svc_i3c_master_hj_work, &master->ibi_work i

  • CVE-2024-49873Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: mm/filemap: fix filemap_get_folios_contig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfd_pin_folios with hugetlb pages and THP. The hugetlb bugs only bite wh

  • CVE-2024-49872Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix memfd_pin_folios alloc race panic If memfd_pin_folios tries to create a hugetlb page, but someone else already did, then folio gets the value -EEXIST here: folio = memfd_alloc_folio(memfd,

  • CVE-2024-49871Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: Input: adp5589-keys - fix NULL pointer dereference We register a devm action to call adp5589_clear_config() and then pass the i2c client as argument so that we can call i2c_get_clientdata() in order to get our

  • CVE-2024-49870Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefiles_open_file() A dentry leak may be caused when a lookup cookie and a cull are concurrent: P1 | P2 -----------------------------------

  • CVE-2024-49869Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: send: fix buffer overflow detection when copying path to cache entry Starting with commit c0247d289e73 ("btrfs: send: annotate struct name_cache_entry with __counted_by()") we annotated the variable leng

  • CVE-2024-49868Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion [BUG] Syzbot reported a NULL pointer dereference with the following crash: FAULT_INJECTION: forcing a failure. start_transactio

  • CVE-2024-49867Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at close_ctree(), we have the following steps in this order: 1) Park the cleaner kthread - this doesn't destroy the k

  • CVE-2024-49866Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Fix a race during cpuhp processing There is another found exception that the "timerlat/1" thread was scheduled on CPU0, and lead to timer corruption finally: ``` ODEBUG: init active (active s

  • CVE-2024-49865Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xa_alloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Mo

Page 29 of 35