VYPR

rpm package

opensuse/kernel-source-longterm&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source-longterm&distro=openSUSE%20Tumbleweed

Vulnerabilities (694)

  • CVE-2024-47728Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error For all non-tracing helpers which formerly had ARG_PTR_TO_{LONG,INT} as input arguments, zero the value for the case of an error as otherwise it coul

  • CVE-2024-47727Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handle_mmio() function checks if the #VE exception occurred in the kernel and rejects the operation if it did not. Ho

  • CVE-2024-47726Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs before block removal, otherwise, previous direct write IO may overwrite data in the block which may be reused by other inode.

  • CVE-2024-47724Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: use work queue to process beacon tx event Commit 3a415daa3e8b ("wifi: ath11k: add P2P IE in beacon template") from Feb 28, 2024 (linux-next), leads to the following Smatch static checker warning:

  • CVE-2024-47721Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading The handler of firmware C2H event RTW89_MAC_C2H_FUNC_READ_WOW_CAM isn't implemented, but driver expects n

  • CVE-2024-47720Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointer in the dcn30_set_output_transfer_func function. Pr

  • CVE-2024-47719Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN() overflows which corrupts the selected

  • CVE-2024-47717Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data With the latest Linux-6.11-rc3, the below NULL pointer crash is observed when SBI PMU snapshot is enabled for the guest and the guest is forcefu

  • CVE-2024-47716Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernels built with clang/LLD 17.0.6: BUG: unsupported FP instruction in kernel mode FP

  • CVE-2024-47715Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915_band_config() sets band_idx = 1 on the main phy for mt7986 with MT7975_ONE_ADIE or MT7976_ONE_ADIE. Commit 0335c034e726 ("wifi: mt76: fix race condition r

  • CVE-2024-47714Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: use hweight16 to get correct tx antenna The chainmask is u16 so using hweight8 cannot get correct tx_ant. Without this patch, the tx_ant of band 2 would be -1 and lead to the following issue

  • CVE-2024-47712Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param In the `wilc_parse_join_bss_param` function, the TSF field of the `ies` structure is accessed after the RCU read-side critical se

  • CVE-2024-47711Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't return OOB skb in manage_oob(). syzbot reported use-after-free in unix_stream_recv_urg(). [0] The scenario is 1. send(MSG_OOB) 2. recv(MSG_OOB) -> The consumed OOB remains in recv queu

  • CVE-2024-47708Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: netkit: Assign missing bpf_net_context During the introduction of struct bpf_net_context handling for XDP-redirect, the netkit driver has been missed, which also requires it because NETKIT_REDIRECT invokes skb_

  • CVE-2024-47703Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to file_alloc_security hook makes kernel panic. This happens because file system can not filter out the positive num

  • CVE-2024-47702Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fail verification for sign-extension of packet data/data_end/data_meta syzbot reported a kernel crash due to commit 1f1e864b6555 ("bpf: Handle sign-extenstin ctx member accesses"). The reason is due to s

  • CVE-2024-47700Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of the cluster ratio however this check is missed when trying to remount. This can le

  • CVE-2024-47695Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds In the function init_conns(), after the create_con() and create_cm() for loop if something fails. In the cleanup for loop after the destroy tag, we acce

  • CVE-2024-47694Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix UMR pd cleanup on error flow of driver init The cited commit moves the pd allocation from function mlx5r_umr_resource_cleanup() to a new function mlx5r_umr_cleanup(). So the fix in commit [1] is br

  • CVE-2024-47693Oct 21, 2024
    affected < 6.12.11-1.1fixed 6.12.11-1.1

    In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix ib_cache_setup_one error flow cleanup When ib_cache_update return an error, we exit ib_cache_setup_one instantly with no proper cleanup, even though before this we had already successfully done gid