VYPR

rpm package

suse/kernel-coco_debug&distro=SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6

pkg:rpm/suse/kernel-coco_debug&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6

Vulnerabilities (2,052)

  • CVE-2024-35840May 17, 2024
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mp

  • CVE-2024-35839May 17, 2024
    affected < 6.4.0-15061.12.coco15sp6.1fixed 6.4.0-15061.12.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nf_bridge_info An skb can be added to a neigh->arp_queue while waiting for an arp reply. Where original skb's skb->dev can be different to neigh's neigh->de

  • CVE-2024-35826May 17, 2024
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: block: Fix page refcounts for unaligned buffers in __bio_release_pages() Fix an incorrect number of pages being released for buffers that do not start at the beginning of a page.

  • CVE-2024-27415May 17, 2024
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast)

  • CVE-2024-27407May 17, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr()

  • CVE-2024-27397HigMay 14, 2024
    affected < 6.4.0-15061.12.coco15sp6.1fixed 6.4.0-15061.12.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate

  • CVE-2024-27043May 1, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio

  • CVE-2024-27026May 1, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix missing reserved tailroom Use rbi->len instead of rcd->len for non-dataring packet. Found issue: XDP_WARN: xdp_update_frame_from_buff(line:278): Driver BUG: missing reserved tailroom WARNING:

  • CVE-2024-27018May 1, 2024
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This pa

  • CVE-2024-27017May 1, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view

  • CVE-2024-26953May 1, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from page_pool When the skb is reorganized during esp_output (!esp->inline), the pages coming from the original skb fragments are supposed to be released back to the system t

  • CVE-2024-26943May 1, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: handle kcalloc() allocation failure The kcalloc() in nouveau_dmem_evict_chunk() will return null if the physical memory has run out. As a result, if we dereference src_pfns, dst_pfns or dma_addrs,

  • CVE-2024-26924Apr 24, 2024
    affected < 6.4.0-15061.12.coco15sp6.1fixed 6.4.0-15061.12.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: add_elem("00000000") timeout 100 ms ... ad

  • CVE-2024-26873Apr 17, 2024
    affected < 6.4.0-15061.21.coco15sp6.1fixed 6.4.0-15061.21.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same time, a hung task may be

  • CVE-2024-26864Apr 17, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: tcp: Fix refcnt handling in __inet_hash_connect(). syzbot reported a warning in sk_nulls_del_node_init_rcu(). The commit 66b60b0c8c4a ("dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalbli

  • CVE-2024-26831Apr 17, 2024
    affected < 6.4.0-15061.28.coco15sp6.1fixed 6.4.0-15061.28.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == 0000000000000000 req

  • CVE-2024-26810MedApr 5, 2024
    affected < 6.4.0-15061.18.coco15sp6.1fixed 6.4.0-15061.18.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core in

  • CVE-2024-26804Apr 4, 2024
    affected < 6.4.0-15061.6.coco15sp6.1fixed 6.4.0-15061.6.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr

  • CVE-2024-26782Apr 4, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inet_opt' for the new socket has the same value as the origin

  • CVE-2024-26767Apr 3, 2024
    affected < 6.4.0-15061.9.coco15sp6.1fixed 6.4.0-15061.9.coco15sp6.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check

Page 102 of 103