rpm package
suse/kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Vulnerabilities (1,350)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48805 | Hig | 7.8 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup ax88179_rx_fixup() contains several out-of-bounds accesses that can be triggered by a malicious (or defective) USB device, in particular: - The m | |
| CVE-2022-48802 | Med | 5.5 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/proc: task_mmu.c: don't read mapcount for migration entry The syzbot reported the below BUG: kernel BUG at include/linux/page-flags.h:785! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 4392 | |
| CVE-2022-48798 | Med | 5.5 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/cio: verify the driver availability for path_event call If no driver is attached to a device or the driver does not provide the path_event function, an FCES path-event on this device could end up in a kern | |
| CVE-2022-48792 | Hig | 7.8 | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task Currently a use-after-free may occur if a sas_task is aborted by the upper layer before we handle the I/O completion in mpi_ssp_completion() or mpi_ | |
| CVE-2022-48791 | Hig | 7.8 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a use-after-free may occur if a TMF sas_task is aborted before we handle the IO completion in mpi_ssp_completion(). The abort occurs due to ti | |
| CVE-2022-48790 | Hig | 7.0 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queue_rq, in .submit_async_event drivers may not check the ctrl readiness for AER submission. This may lead to a use-after-free condit | |
| CVE-2022-48789 | Hig | 7.8 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport error_recovery work While nvme_tcp_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in ord | |
| CVE-2022-48788 | Hig | 7.8 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in o | |
| CVE-2022-48787 | Hig | 7.8 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which the | |
| CVE-2022-48778 | Hig | 7.8 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped. | |
| CVE-2022-48775 | Med | 5.5 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 16, 2024 | In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, ko | |
| CVE-2023-52885 | Hig | 7.8 | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | Jul 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis | |
| CVE-2024-40956 | Hig | 7.8 | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through the list and deleting the entry in the iteration process. The descriptor is freed | |
| CVE-2024-40937 | Med | 5.5 | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags | |
| CVE-2024-40910 | Med | 5.5 | < 5.3.18-150300.59.174.1 | 5.3.18-150300.59.174.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25_release(), we call netdev_put() to decrease the refcount on the associated ax.25 device. However, the execution path for accep | |
| CVE-2024-39494 | Hig | 7.8 | < 5.3.18-150300.59.170.1 | 5.3.18-150300.59.170.1 | Jul 12, 2024 | In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its paren | |
| CVE-2023-52340 | Hig | 7.5 | < 5.3.18-150300.59.153.2 | 5.3.18-150300.59.153.2 | Jul 5, 2024 | The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket. | |
| CVE-2022-48771 | Hig | 7.8 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fence_rep object will lead to a stale entry in the file descriptor table as put_unused_fd() won't release it. This enables use | |
| CVE-2022-48768 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated by kstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better | |
| CVE-2022-48767 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ceph: properly put ceph_string reference after async create attempt The reference acquired by try_prep_async_create is currently leaked. Ensure we put it. |
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup ax88179_rx_fixup() contains several out-of-bounds accesses that can be triggered by a malicious (or defective) USB device, in particular: - The m
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: fs/proc: task_mmu.c: don't read mapcount for migration entry The syzbot reported the below BUG: kernel BUG at include/linux/page-flags.h:785! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 4392
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: s390/cio: verify the driver availability for path_event call If no driver is attached to a device or the driver does not provide the path_event function, an FCES path-event on this device could end up in a kern
- affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task Currently a use-after-free may occur if a sas_task is aborted by the upper layer before we handle the I/O completion in mpi_ssp_completion() or mpi_
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a use-after-free may occur if a TMF sas_task is aborted before we handle the IO completion in mpi_ssp_completion(). The abort occurs due to ti
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queue_rq, in .submit_async_event drivers may not check the ctrl readiness for AER submission. This may lead to a use-after-free condit
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport error_recovery work While nvme_tcp_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in ord
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queue state before preparing the AER command and scheduling io_work, in o
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of the firmware files failed to parse), we end up unbinding by calling device_release_driver(), which calls remove(), which the
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must be dropped.
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this function returns an error, ko
- affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed lis
- affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Use list_for_each_entry_safe() to allow iterating through the list and deleting the entry in the iteration process. The descriptor is freed
- affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). This can result in a subsequent call to napi_get_frags
- affected < 5.3.18-150300.59.174.1fixed 5.3.18-150300.59.174.1
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix refcount imbalance on inbound connections When releasing a socket in ax25_release(), we call netdev_put() to decrease the refcount on the associated ax.25 device. However, the execution path for accep
- affected < 5.3.18-150300.59.170.1fixed 5.3.18-150300.59.170.1
In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it (->d_lock on dentry, ->d_lock on its paren
- affected < 5.3.18-150300.59.153.2fixed 5.3.18-150300.59.153.2
The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fence_rep object will lead to a stale entry in the file descriptor table as put_unused_fd() won't release it. This enables use
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated by kstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: ceph: properly put ceph_string reference after async create attempt The reference acquired by try_prep_async_create is currently leaked. Ensure we put it.
Page 31 of 68