rpm package
opensuse/kernel-source-longterm&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kernel-source-longterm&distro=openSUSE%20Tumbleweed
Vulnerabilities (694)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-47691 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread() syzbot reports a f2fs bug as below: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_report+0xe8/0x5 | ||
| CVE-2024-47690 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x5 | ||
| CVE-2024-47689 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error() syzbot reports a f2fs bug as below: ------------[ cut here ]------------ WARNING: CPU: 1 PID: 58 at kernel/rcu/sync.c:177 rcu_sync_dtor+0xcd/0x1 | ||
| CVE-2024-47688 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in module_add_driver() Inject fault while probing of-fpga-region, if kasprintf() fails in module_add_driver(), the second sysfs_remove_link() in exit path will cause | ||
| CVE-2024-47687 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in ml | ||
| CVE-2024-47686 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() The psc->div[] array has psc->num_div elements. These values come from when we call clk_hw_register_div(). It's adc_divisors and ARRAY_SIZE(adc_diviso | ||
| CVE-2024-47683 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link [why] Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 | ||
| CVE-2024-47682 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bound | ||
| CVE-2024-47681 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he Fix the NULL pointer dereference in mt7996_mcu_sta_bfer_he routine adding an sta interface to the mt7996 driver. Found by code review. | ||
| CVE-2024-47680 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bde | ||
| CVE-2024-47679 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode (ie ino 261) with i | ||
| CVE-2024-47678 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_allow()) 2) Per destinatio | ||
| CVE-2024-47677 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_upcase_table allocates mor | ||
| CVE-2024-47676 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlb_fault(). This happens because vmf_anon_prepare() could drop the per-VMA lock and allow the current VMA to be freed before h | ||
| CVE-2024-47675 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's without calling bpf_uprobe_un | ||
| CVE-2024-47671 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Oct 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before filling fields. | ||
| CVE-2024-46869 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Sep 30, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is used to store internal data. | ||
| CVE-2024-26865 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). syzkaller reported a warning of netns tracker [0] followed by KASAN splat [1] and another ref tracker warning [1]. syzkaller could not find a repro | ||
| CVE-2024-26862 | — | < 6.12.11-1.1 | 6.12.11-1.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported: | ||
| CVE-2023-28746 | Med | 6.5 | < 6.12.11-1.1 | 6.12.11-1.1 | Mar 14, 2024 | Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
- CVE-2024-47691Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread() syzbot reports a f2fs bug as below: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_report+0xe8/0x5
- CVE-2024-47690Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x5
- CVE-2024-47689Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error() syzbot reports a f2fs bug as below: ------------[ cut here ]------------ WARNING: CPU: 1 PID: 58 at kernel/rcu/sync.c:177 rcu_sync_dtor+0xcd/0x1
- CVE-2024-47688Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in module_add_driver() Inject fault while probing of-fpga-region, if kasprintf() fails in module_add_driver(), the second sysfs_remove_link() in exit path will cause
- CVE-2024-47687Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in ml
- CVE-2024-47686Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() The psc->div[] array has psc->num_div elements. These values come from when we call clk_hw_register_div(). It's adc_divisors and ARRAY_SIZE(adc_diviso
- CVE-2024-47683Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link [why] Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0
- CVE-2024-47682Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bound
- CVE-2024-47681Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he Fix the NULL pointer dereference in mt7996_mcu_sta_bfer_he routine adding an sta interface to the mt7996 driver. Found by code review.
- CVE-2024-47680Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bde
- CVE-2024-47679Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode (ie ino 261) with i
- CVE-2024-47678Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_allow()) 2) Per destinatio
- CVE-2024-47677Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_upcase_table allocates mor
- CVE-2024-47676Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlb_fault(). This happens because vmf_anon_prepare() could drop the per-VMA lock and allow the current VMA to be freed before h
- CVE-2024-47675Oct 21, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's without calling bpf_uprobe_un
- CVE-2024-47671Oct 9, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before filling fields.
- CVE-2024-46869Sep 30, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is used to store internal data.
- CVE-2024-26865Apr 17, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). syzkaller reported a warning of netns tracker [0] followed by KASAN splat [1] and another ref tracker warning [1]. syzkaller could not find a repro
- CVE-2024-26862Apr 17, 2024affected < 6.12.11-1.1fixed 6.12.11-1.1
In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported:
- affected < 6.12.11-1.1fixed 6.12.11-1.1
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Page 34 of 35