rpm package
suse/kernel-azure&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP7
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7
Vulnerabilities (2,372)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26944 | — | < 6.4.0-150700.20.24.1 | 6.4.0-150700.20.24.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in do_zone_finish() Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info (device nullb1): scrub: finishe | ||
| CVE-2024-26831 | — | < 6.4.0-150700.20.6.1 | 6.4.0-150700.20.6.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req | ||
| CVE-2024-26762 | — | < 6.4.0-150700.20.6.1 | 6.4.0-150700.20.6.1 | Apr 3, 2024 | In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to link reset to recover from | ||
| CVE-2024-26661 | — | < 6.4.0-150700.20.15.2 | 6.4.0-150700.20.15.2 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg | ||
| CVE-2024-26584 | — | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Feb 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES | ||
| CVE-2023-39197 | Med | 4.0 | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Jan 23, 2024 | An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. | |
| CVE-2023-5633 | Hig | 7.8 | < 6.4.0-150700.20.15.2 | 6.4.0-150700.20.15.2 | Oct 23, 2023 | The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unp | |
| CVE-2023-42752 | Med | 5.5 | < 6.4.0-150700.20.24.1 | 6.4.0-150700.20.24.1 | Oct 13, 2023 | An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers. | |
| CVE-2023-42753 | Hig | 7.0 | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Sep 25, 2023 | An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss | |
| CVE-2023-3772 | Med | 5.5 | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Jul 25, 2023 | A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s | |
| CVE-2023-31248 | Hig | 7.8 | < 6.4.0-150700.20.18.1 | 6.4.0-150700.20.18.1 | Jul 5, 2023 | Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace | |
| CVE-2019-11135 | Med | 6.5 | < 6.4.0-150700.20.11.1 | 6.4.0-150700.20.11.1 | Nov 14, 2019 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. |
- CVE-2024-26944May 1, 2024affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after-free in do_zone_finish() Shinichiro reported the following use-after-free triggered by the device replace operation in fstests btrfs/070. BTRFS info (device nullb1): scrub: finishe
- CVE-2024-26831Apr 17, 2024affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req
- CVE-2024-26762Apr 3, 2024affected < 6.4.0-150700.20.6.1fixed 6.4.0-150700.20.6.1
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to link reset to recover from
- CVE-2024-26661Apr 2, 2024affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg
- CVE-2024-26584Feb 21, 2024affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRES
- affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.
- affected < 6.4.0-150700.20.15.2fixed 6.4.0-150700.20.15.2
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unp
- affected < 6.4.0-150700.20.24.1fixed 6.4.0-150700.20.24.1
An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers.
- affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This iss
- affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of s
- affected < 6.4.0-150700.20.18.1fixed 6.4.0-150700.20.18.1
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
- affected < 6.4.0-150700.20.11.1fixed 6.4.0-150700.20.11.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
Page 119 of 119