rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5
Vulnerabilities (2,432)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26669 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the ' | ||
| CVE-2024-26668 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its be | ||
| CVE-2024-26667 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup The commit 8b45a26f2ba9 ("drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output") introduced a smatch warning about another co | ||
| CVE-2024-26665 | — | < 5.14.21-150500.33.63.1 | 5.14.21-150500.33.63.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of | ||
| CVE-2024-26664 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package. | ||
| CVE-2024-26663 | — | < 5.14.21-150500.33.63.1 | 5.14.21-150500.33.63.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: general protection fault, probably for non-canonical address 0xdffffc0000000010: | ||
| CVE-2024-26661 | — | < 5.14.21-150500.33.63.1 | 5.14.21-150500.33.63.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg | ||
| CVE-2024-26660 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'stream_enc_regs' array is an array of dcn10_stream_enc_registers structures. The array is initialized with four elements, correspon | ||
| CVE-2024-26656 | — | < 5.14.21-150500.33.51.1 | 5.14.21-150500.33.51.1 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo J | ||
| CVE-2024-26654 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the spu_dma_work could also arm the dreamcastcard->timer. When the snd_pcm_substream is | ||
| CVE-2023-52628 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Mar 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c | ||
| CVE-2024-26651 | Med | 5.5 | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Mar 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: sr9800: Add check for usbnet_get_endpoints Add check for usbnet_get_endpoints() and return the error if it fails in order to transfer the error. | |
| CVE-2024-26646 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during | ||
| CVE-2023-52627 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user spac | ||
| CVE-2023-52623 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: [ 57.202521] ============================= [ 57.202522] WARNING: suspic | ||
| CVE-2023-52622 | — | < 5.14.21-150500.33.60.1 | 5.14.21-150500.33.60.1 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_size, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir re | ||
| CVE-2023-52621 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These three bpf_map_{lookup,update,delete}_elem() helpers are also available for sleepable bpf program, so add the corresponding lock asserti | ||
| CVE-2024-26645 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about dup | ||
| CVE-2024-26644 | — | < 5.14.21-150500.33.60.1 | 5.14.21-150500.33.60.1 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction a | ||
| CVE-2024-26643 | Med | 5.5 | < 5.14.21-150500.33.57.1 | 5.14.21-150500.33.57.1 | Mar 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it |
- CVE-2024-26669Apr 2, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the '
- CVE-2024-26668Apr 2, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its be
- CVE-2024-26667Apr 2, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup The commit 8b45a26f2ba9 ("drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output") introduced a smatch warning about another co
- CVE-2024-26665Apr 2, 2024affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1
In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of
- CVE-2024-26664Apr 2, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package.
- CVE-2024-26663Apr 2, 2024affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1
In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: general protection fault, probably for non-canonical address 0xdffffc0000000010:
- CVE-2024-26661Apr 2, 2024affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg
- CVE-2024-26660Apr 2, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'stream_enc_regs' array is an array of dcn10_stream_enc_registers structures. The array is initialized with four elements, correspon
- CVE-2024-26656Apr 2, 2024affected < 5.14.21-150500.33.51.1fixed 5.14.21-150500.33.51.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpu_gem_userptr_ioctl to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo J
- CVE-2024-26654Apr 1, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the spu_dma_work could also arm the dreamcastcard->timer. When the snd_pcm_substream is
- CVE-2023-52628Mar 28, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to c
- affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: sr9800: Add check for usbnet_get_endpoints Add check for usbnet_get_endpoints() and return the error if it fails in order to transfer the error.
- CVE-2024-26646Mar 26, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during
- CVE-2023-52627Mar 26, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user spac
- CVE-2023-52623Mar 26, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: [ 57.202521] ============================= [ 57.202522] WARNING: suspic
- CVE-2023-52622Mar 26, 2024affected < 5.14.21-150500.33.60.1fixed 5.14.21-150500.33.60.1
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_size, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir re
- CVE-2023-52621Mar 26, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These three bpf_map_{lookup,update,delete}_elem() helpers are also available for sleepable bpf program, so add the corresponding lock asserti
- CVE-2024-26645Mar 26, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about dup
- CVE-2024-26644Mar 26, 2024affected < 5.14.21-150500.33.60.1fixed 5.14.21-150500.33.60.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction a
- affected < 5.14.21-150500.33.57.1fixed 5.14.21-150500.33.57.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it
Page 102 of 122