VYPR

rpm package

suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7

pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7

Vulnerabilities (2,269)

  • CVE-2024-46713Sep 13, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order comment th

  • CVE-2024-44963Sep 4, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON() when freeing tree block after error When freeing a tree block, at btrfs_free_tree_block(), if we fail to create a delayed reference we don't deal with the error and just do a BUG_ON(). Th

  • CVE-2024-43869Aug 21, 2024
    affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

    In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially

  • CVE-2024-43820Aug 17, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume rm-raid devices will occasionally trigger the following warning when being resumed after a table load because DM_RECOVERY_RUNNING is set: WARNING:

  • CVE-2024-42134Jul 30, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Check if is_avq is NULL [bug] In the virtio_pci_common.c function vp_del_vqs, vp_dev->is_avq is involved to determine whether it is admin virtqueue, but this function vp_dev->is_avq may be empty. F

  • CVE-2024-42103Jul 30, 2024
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying in btrfs_reclaim_bgs_work and adding to the unused list. Since the block

  • CVE-2023-52888Jul 30, 2024
    affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

    In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Only free buffer VA that is not NULL In the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly called only when the buffer to free exists, there are some instances that didn'

  • CVE-2024-41085Jul 29, 2024
    affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

    In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxl_nvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereferenc

  • CVE-2024-41005MedJul 12, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by in

  • CVE-2024-39298Jun 25, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:

  • CVE-2024-38606Jun 19, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adf_send_admin_tl_start() enables the telemetry (TL) feature on a QAT device by sending the ICP_QAT_FW_TL_START message to the firmware. This trig

  • CVE-2024-36028May 30, 2024
    affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1

    In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lock

  • CVE-2024-35910MedMay 19, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more o

  • CVE-2024-35840May 17, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mp

  • CVE-2024-27415May 17, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast)

  • CVE-2024-27018May 1, 2024
    affected < 6.4.0-150700.20.3.1fixed 6.4.0-150700.20.3.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This pa

  • CVE-2024-27005May 1, 2024
    affected < 6.4.0-150700.20.27.1fixed 6.4.0-150700.20.27.1

    In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access req_list while it's being manipulated The icc_lock mutex was split into separate icc_lock and icc_bw_lock mutexes in [1] to avoid lockdep splats. However, this didn't adequately prote

  • CVE-2024-26944May 1, 2024
    affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in do_zone_finish() Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info (device nullb1): scrub: finishe

  • CVE-2024-26831Apr 17, 2024
    affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

    In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req

  • CVE-2024-26762Apr 3, 2024
    affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1

    In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to link reset to recover from

Page 113 of 114