VYPR

rpm package

opensuse/kernel-zfcpdump&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.5

Vulnerabilities (1,895)

  • CVE-2024-26675Apr 2, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K syzbot triggered a warning [1] in __alloc_pages(): WARN_ON_ONCE_GFP(order > MAX_PAGE_ORDER, gfp) Willem fixed a similar issue in commit c0a2a1b0d631 ("ppp: limit MRU to 64K") Adop

  • CVE-2023-52636Apr 2, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while reading the message footer from the socket. Later, when the socket is ready for another read, the messenger invokes a

  • CVE-2024-26673Apr 2, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTO_{IPV4,IPV6,INET}. - Disallow layer 4 protocol with no ports, since destination port is a

  • CVE-2024-26671Apr 2, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_

  • CVE-2023-52635Apr 2, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from

  • CVE-2023-52632Apr 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circular locking dependency detected 6.5.0-kfd-yangp #2289 Not tainted ----------------

  • CVE-2024-26670Apr 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD Currently the ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround isn't quite right, as it is supposed to be applied after the last explicit memory acc

  • CVE-2024-26669Apr 2, 2024
    affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

    In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the '

  • CVE-2024-26668Apr 2, 2024
    affected < 5.14.21-150500.55.80.2fixed 5.14.21-150500.55.80.2

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its be

  • CVE-2024-26667Apr 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup The commit 8b45a26f2ba9 ("drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output") introduced a smatch warning about another co

  • CVE-2024-26665Apr 2, 2024
    affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

    In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of

  • CVE-2024-26664Apr 2, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package.

  • CVE-2024-26663Apr 2, 2024
    affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

    In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: general protection fault, probably for non-canonical address 0xdffffc0000000010:

  • CVE-2024-26661Apr 2, 2024
    affected < 5.14.21-150500.55.73.1fixed 5.14.21-150500.55.73.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg

  • CVE-2024-26660Apr 2, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'stream_enc_regs' array is an array of dcn10_stream_enc_registers structures. The array is initialized with four elements, correspon

  • CVE-2024-26656Apr 2, 2024
    affected < 5.14.21-150500.55.62.2fixed 5.14.21-150500.55.62.2

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo J

  • CVE-2024-26654Apr 1, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the spu_dma_work could also arm the dreamcastcard->timer. When the snd_pcm_substream is

  • CVE-2023-52628Mar 28, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c

  • CVE-2024-26651MedMar 27, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: sr9800: Add check for usbnet_get_endpoints Add check for usbnet_get_endpoints() and return the error if it fails in order to transfer the error.

  • CVE-2024-26646Mar 26, 2024
    affected < 5.14.21-150500.55.59.1fixed 5.14.21-150500.55.59.1

    In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during

Page 75 of 95