VYPR

rpm package

suse/kernel-coco&distro=SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6

pkg:rpm/suse/kernel-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6

Vulnerabilities (2,052)

  • CVE-2024-46761Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel crash when we try to hot-unplug/disable the PCIe switch/bridge from the PHB. The

  • CVE-2024-46760Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: usb: schedule rx work after everything is set up Right now it's possible to hit NULL pointer dereference in rtw_rx_fill_rx_status on hw object and/or its fields because initialization routine can s

  • CVE-2024-46755Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_get_priv_by_id() returns the priv pointer corresponding to the bss_num and bss_type, but without checking if the priv is actually cur

  • CVE-2024-46754Sep 18, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_test_run() without without entering input_action_end_bpf() first. Martin KaFai Lau

  • CVE-2024-46753Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfs_dec_ref() properly In walk_up_proc() we BUG_ON(ret) from btrfs_dec_ref(). This is incorrect, we have proper error handling here, return the error.

  • CVE-2024-46752Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BUG_ON() with error handling at update_ref_for_cow() Instead of a BUG_ON() just return an error, log an error message and abort the transaction in case we find an extent buffer belonging to the r

  • CVE-2024-46751Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Instead of doing a BUG_ON() handle the error by returning -EUCLEAN, aborting the transaction and logging an error message.

  • CVE-2024-46749Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() This adds a check before freeing the rx->skb in flush and close functions to handle the kernel crash seen while removing driver after FW d

  • CVE-2024-46747Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup report_fixup for the Cougar 500k Gaming Keyboard was not verifying that the report descriptor size was correct before accessing it

  • CVE-2024-46741Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix double free of 'buf' in error path smatch warning: drivers/misc/fastrpc.c:1926 fastrpc_req_mmap() error: double free of 'buf' In fastrpc_req_mmap() error path, the fastrpc buffer is freed in

  • CVE-2024-46739Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind For primary VM Bus channels, primary_channel pointer is always NULL. This pointer is valid only for the secondary channels. Also, rescind ca

  • CVE-2024-46738Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() When removing a resource from vmci_resource_table in vmci_resource_remove(), the search is performed using the resource handle by compar

  • CVE-2024-46737Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmet_tcp_alloc_cmds() the kernel crashes in nvmet_tcp_release_queue_work() because of a NULL pointer dereference.

  • CVE-2024-46736Sep 18, 2024
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_rename_path() If smb2_set_path_attr() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() again as the reference of @cfile

  • CVE-2024-46735Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() When two UBLK_CMD_START_USER_RECOVERY commands are submitted, the first one sets 'ubq->ubq_daemon' to NULL, and the second one triggers WARN

  • CVE-2024-46734Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we hav

  • CVE-2024-46733Sep 18, 2024
    affected < 6.4.0-15061.32.coco15sp6.1fixed 6.4.0-15061.32.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve leaks in cow_file_range In the buffered write path, the dirty page owns the qgroup reserve until it creates an ordered_extent. Therefore, any errors that occur before the ordered_exte

  • CVE-2024-46732Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign linear_pitch_alignment even for VM [Description] Assign linear_pitch_alignment so we don't cause a divide by 0 error in VM environments

  • CVE-2024-46731Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mc_data[] when i = 0.

  • CVE-2024-46730Sep 18, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tg_inst won't be -1 [WHY & HOW] tg_inst will be a negative if timing_generator_count equals 0, which should be checked before used. This fixes 2 OVERRUN issues reported by C

Page 93 of 103