rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP5
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5
Vulnerabilities (2,432)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26814 | — | < 5.14.21-150500.33.63.1 | 5.14.21-150500.33.63.1 | Apr 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The | ||
| CVE-2024-26813 | — | < 5.14.21-150500.33.63.1 | 5.14.21-150500.33.63.1 | Apr 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SET_IRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allo | ||
| CVE-2024-26808 | — | < 5.14.21-150500.33.66.1 | 5.14.21-150500.33.66.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic | ||
| CVE-2024-26787 | Med | 5.5 | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fix DMA API overlapping mappings warning Turning on CONFIG_DMA_API_DEBUG_SG results in the following warning: DMA-API: mmci-pl18x 48220000.mmc: cacheline tracking EEXIST, overlapping mappings | |
| CVE-2024-26807 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously c | ||
| CVE-2024-26805 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported the following uninit-value access issue [1]: netlink_to_full_skb() creates a new `skb` and puts the `skb->data` passed as a 1st ar | ||
| CVE-2024-26804 | — | < 5.14.21-150500.33.69.1 | 5.14.21-150500.33.69.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr | ||
| CVE-2024-26802 | — | < 5.14.21-150500.33.63.1 | 5.14.21-150500.33.63.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function destroy_workqueue() does | ||
| CVE-2024-26801 | — | < 5.14.21-150500.33.57.1 | 5.14.21-150500.33.57.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism would free the hci_dev an | ||
| CVE-2024-26800 | — | < 5.14.21-150500.33.63.1 | 5.14.21-150500.33.63.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns -EBUSY, tls_do_decryption will wait until all async decryptions have completed. | ||
| CVE-2024-26798 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcon_do_set_font() Commit a5a923038d70 (fbdev: fbcon: Properly revert changes when vc_resize() failed) started restoring old font data upon failure (of vc_resize()). | ||
| CVE-2024-26793 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The gtp_link_ops operations structure for the subsystem must be registered after registering the gtp_net_ops pernet operations structure. Syzkaller h | ||
| CVE-2024-26792 | — | < 5.14.21-150500.33.51.1 | 5.14.21-150500.33.51.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case there's an error committing the transaction. The second | ||
| CVE-2024-26791 | — | < 5.14.21-150500.33.51.1 | 5.14.21-150500.33.51.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bou | ||
| CVE-2024-26790 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip (ls1028a) errata: The SoC may hang on 16 byte unaligned read transactions by QDMA. Unaligned read transactions initiated by QDMA m | ||
| CVE-2024-26788 | — | < 5.14.21-150500.33.57.1 | 5.14.21-150500.33.57.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: init irq after reg initialization Initialize the qDMA irqs after the registers are configured so that interrupts that may have been pending from a primary kernel don't get processed by the | ||
| CVE-2024-26783 | — | < 5.14.21-150500.33.51.1 | 5.14.21-150500.33.51.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the followi | ||
| CVE-2024-26782 | — | < 5.14.21-150500.33.75.1 | 5.14.21-150500.33.75.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin | ||
| CVE-2024-26745 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV When kdump kernel tries to copy dump data over SR-IOV, LPAR panics due to NULL pointer exception: Kernel attempted to read user pag | ||
| CVE-2024-26779 | — | < 5.14.21-150500.33.48.1 | 5.14.21-150500.33.48.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix race condition on enabling fast-xmit fast-xmit must only be enabled after the sta has been uploaded to the driver, otherwise it could end up passing the not-yet-uploaded sta via drv_tx calls |
- CVE-2024-26814Apr 5, 2024affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1
In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The
- CVE-2024-26813Apr 5, 2024affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1
In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SET_IRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allo
- CVE-2024-26808Apr 4, 2024affected < 5.14.21-150500.33.66.1fixed 5.14.21-150500.33.66.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic
- affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fix DMA API overlapping mappings warning Turning on CONFIG_DMA_API_DEBUG_SG results in the following warning: DMA-API: mmci-pl18x 48220000.mmc: cacheline tracking EEXIST, overlapping mappings
- CVE-2024-26807Apr 4, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously c
- CVE-2024-26805Apr 4, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported the following uninit-value access issue [1]: netlink_to_full_skb() creates a new `skb` and puts the `skb->data` passed as a 1st ar
- CVE-2024-26804Apr 4, 2024affected < 5.14.21-150500.33.69.1fixed 5.14.21-150500.33.69.1
In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr
- CVE-2024-26802Apr 4, 2024affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1
In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function destroy_workqueue() does
- CVE-2024-26801Apr 4, 2024affected < 5.14.21-150500.33.57.1fixed 5.14.21-150500.33.57.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism would free the hci_dev an
- CVE-2024-26800Apr 4, 2024affected < 5.14.21-150500.33.63.1fixed 5.14.21-150500.33.63.1
In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns -EBUSY, tls_do_decryption will wait until all async decryptions have completed.
- CVE-2024-26798Apr 4, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcon_do_set_font() Commit a5a923038d70 (fbdev: fbcon: Properly revert changes when vc_resize() failed) started restoring old font data upon failure (of vc_resize()).
- CVE-2024-26793Apr 4, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The gtp_link_ops operations structure for the subsystem must be registered after registering the gtp_net_ops pernet operations structure. Syzkaller h
- CVE-2024-26792Apr 4, 2024affected < 5.14.21-150500.33.51.1fixed 5.14.21-150500.33.51.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of anonymous device after snapshot creation failure When creating a snapshot we may do a double free of an anonymous device in case there's an error committing the transaction. The second
- CVE-2024-26791Apr 4, 2024affected < 5.14.21-150500.33.51.1fixed 5.14.21-150500.33.51.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bou
- CVE-2024-26790Apr 4, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip (ls1028a) errata: The SoC may hang on 16 byte unaligned read transactions by QDMA. Unaligned read transactions initiated by QDMA m
- CVE-2024-26788Apr 4, 2024affected < 5.14.21-150500.33.57.1fixed 5.14.21-150500.33.57.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: init irq after reg initialization Initialize the qDMA irqs after the registers are configured so that interrupts that may have been pending from a primary kernel don't get processed by the
- CVE-2024-26783Apr 4, 2024affected < 5.14.21-150500.33.51.1fixed 5.14.21-150500.33.51.1
In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the followi
- CVE-2024-26782Apr 4, 2024affected < 5.14.21-150500.33.75.1fixed 5.14.21-150500.33.75.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin
- CVE-2024-26745Apr 4, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV When kdump kernel tries to copy dump data over SR-IOV, LPAR panics due to NULL pointer exception: Kernel attempted to read user pag
- CVE-2024-26779Apr 3, 2024affected < 5.14.21-150500.33.48.1fixed 5.14.21-150500.33.48.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix race condition on enabling fast-xmit fast-xmit must only be enabled after the sta has been uploaded to the driver, otherwise it could end up passing the not-yet-uploaded sta via drv_tx calls
Page 98 of 122