rpm package

suse/kernel-64kb&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7

pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7

Vulnerabilities (2,262)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-41085		—	< 6.4.0-150700.53.6.1	6.4.0-150700.53.6.1	Jul 29, 2024	In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxl_nvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereferenc
CVE-2024-41005	Med	4.7	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by in
CVE-2024-39298		—	< 6.4.0-150700.53.11.1	6.4.0-150700.53.11.1	Jun 25, 2024	In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:
CVE-2024-38606		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	Jun 19, 2024	In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adf_send_admin_tl_start() enables the telemetry (TL) feature on a QAT device by sending the ICP_QAT_FW_TL_START message to the firmware. This trig
CVE-2024-36028		—	< 6.4.0-150700.53.11.1	6.4.0-150700.53.11.1	May 30, 2024	In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lock
CVE-2024-35910	Med	5.8	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	May 19, 2024	In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more o
CVE-2024-35840		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mp
CVE-2024-27415		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast)
CVE-2024-27018		—	< 6.4.0-150700.53.3.1	6.4.0-150700.53.3.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This pa
CVE-2024-27005		—	< 6.4.0-150700.53.31.1	6.4.0-150700.53.31.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access req_list while it's being manipulated The icc_lock mutex was split into separate icc_lock and icc_bw_lock mutexes in [1] to avoid lockdep splats. However, this didn't adequately prote
CVE-2024-26944		—	< 6.4.0-150700.53.28.1	6.4.0-150700.53.28.1	May 1, 2024	In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in do_zone_finish() Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info (device nullb1): scrub: finishe
CVE-2024-26831		—	< 6.4.0-150700.53.6.1	6.4.0-150700.53.6.1	Apr 17, 2024	In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req
CVE-2024-26762		—	< 6.4.0-150700.53.6.1	6.4.0-150700.53.6.1	Apr 3, 2024	In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to link reset to recover from
CVE-2024-26661		—	< 6.4.0-150700.53.16.1	6.4.0-150700.53.16.1	Apr 2, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg
CVE-2024-26584		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Feb 21, 2024	In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
CVE-2023-39197		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Jan 23, 2024	An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
CVE-2023-5633		—	< 6.4.0-150700.53.19.1	6.4.0-150700.53.19.1	Oct 23, 2023	The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unp
CVE-2023-42752		—	< 6.4.0-150700.53.28.1	6.4.0-150700.53.28.1	Oct 13, 2023	An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers.
CVE-2023-42753		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Sep 25, 2023	An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
CVE-2023-3772		—	< 6.4.0-150700.53.22.1	6.4.0-150700.53.22.1	Jul 25, 2023	A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s

CVE-2024-41085Jul 29, 2024
affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxl_nvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereferenc
CVE-2024-41005MedJul 12, 2024
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by in
CVE-2024-39298Jun 25, 2024
affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:
CVE-2024-38606Jun 19, 2024
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adf_send_admin_tl_start() enables the telemetry (TL) feature on a QAT device by sending the ICP_QAT_FW_TL_START message to the firmware. This trig
CVE-2024-36028May 30, 2024
affected < 6.4.0-150700.53.11.1fixed 6.4.0-150700.53.11.1
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lock
CVE-2024-35910MedMay 19, 2024
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more o
CVE-2024-35840May 17, 2024
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mp
CVE-2024-27415May 17, 2024
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast)
CVE-2024-27018May 1, 2024
affected < 6.4.0-150700.53.3.1fixed 6.4.0-150700.53.3.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This pa
CVE-2024-27005May 1, 2024
affected < 6.4.0-150700.53.31.1fixed 6.4.0-150700.53.31.1
In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access req_list while it's being manipulated The icc_lock mutex was split into separate icc_lock and icc_bw_lock mutexes in [1] to avoid lockdep splats. However, this didn't adequately prote
CVE-2024-26944May 1, 2024
affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in do_zone_finish() Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info (device nullb1): scrub: finishe
CVE-2024-26831Apr 17, 2024
affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req
CVE-2024-26762Apr 3, 2024
affected < 6.4.0-150700.53.6.1fixed 6.4.0-150700.53.6.1
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to link reset to recover from
CVE-2024-26661Apr 2, 2024
affected < 6.4.0-150700.53.16.1fixed 6.4.0-150700.53.16.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg
CVE-2024-26584Feb 21, 2024
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
CVE-2023-39197Jan 23, 2024
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
CVE-2023-5633Oct 23, 2023
affected < 6.4.0-150700.53.19.1fixed 6.4.0-150700.53.19.1
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unp
CVE-2023-42752Oct 13, 2023
affected < 6.4.0-150700.53.28.1fixed 6.4.0-150700.53.28.1
An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers.
CVE-2023-42753Sep 25, 2023
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
CVE-2023-3772Jul 25, 2023
affected < 6.4.0-150700.53.22.1fixed 6.4.0-150700.53.22.1
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s

Page 113 of 114