rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-56774 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The reproducer is using rescue=ibadroots, and the extent tree root is corrupted thus the | ||
| CVE-2024-56770 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Jan 8, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of | ||
| CVE-2024-56769 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read b | ||
| CVE-2024-56767 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the | ||
| CVE-2024-56766 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double f | ||
| CVE-2024-56765 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close() callback in vas_vm_ops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the past | ||
| CVE-2024-56763 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it. | ||
| CVE-2024-56760 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platform which does not provide PCI/MSI support: WARNING: CPU: 1 PID: 1 at drivers/pc | ||
| CVE-2024-56759 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled | ||
| CVE-2024-56758 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Jan 6, 2025 | In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocate_one_folio() When we call btrfs_read_folio() to bring a folio uptodate, we unlock the folio. The result of that is that a different thread can modify the mappi | ||
| CVE-2024-56727 | Med | 5.5 | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). | |
| CVE-2024-56756 | — | < 6.4.0-150600.23.33.1 | 6.4.0-150600.23.33.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but __nvme_alloc_host_mem could break out of the l | ||
| CVE-2024-56755 | — | < 6.4.0-150600.23.33.1 | 6.4.0-150600.23.33.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situa | ||
| CVE-2024-56754 | — | < 6.4.0-150600.23.33.1 | 6.4.0-150600.23.33.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caam_qi_shutdown() The type of the last parameter given to devm_add_action_or_reset() is "struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to "struct | ||
| CVE-2024-56752 | — | < 6.4.0-150600.23.33.1 | 6.4.0-150600.23.33.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() When the call to gf100_grctx_generate() fails, unlock gr->fecs.mutex before returning the error. Fixes smatch warning: drivers/gpu/drm/nouveau/n | ||
| CVE-2024-56751 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup at device removal time in the pmtu.sh self-test: unregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6 ref_ | ||
| CVE-2024-56748 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This i | ||
| CVE-2024-56747 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This | ||
| CVE-2024-56746 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent | ||
| CVE-2024-56745 | — | < 6.4.0-150600.23.38.1 | 6.4.0-150600.23.38.1 | Dec 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reset_method_store() memory leak In reset_method_store(), a string is allocated via kstrndup() and assigned to the local "options". options is then used in with strsep() to find spaces: while ((name |
- CVE-2024-56774Jan 8, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The reproducer is using rescue=ibadroots, and the extent tree root is corrupted thus the
- CVE-2024-56770Jan 8, 2025affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of
- CVE-2024-56769Jan 6, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read b
- CVE-2024-56767Jan 6, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the
- CVE-2024-56766Jan 6, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double f
- CVE-2024-56765Jan 6, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close() callback in vas_vm_ops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the past
- CVE-2024-56763Jan 6, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it.
- CVE-2024-56760Jan 6, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platform which does not provide PCI/MSI support: WARNING: CPU: 1 PID: 1 at drivers/pc
- CVE-2024-56759Jan 6, 2025affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled
- CVE-2024-56758Jan 6, 2025affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocate_one_folio() When we call btrfs_read_folio() to bring a folio uptodate, we unlock the folio. The result of that is that a different thread can modify the mappi
- affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp().
- CVE-2024-56756Dec 29, 2024affected < 6.4.0-150600.23.33.1fixed 6.4.0-150600.23.33.1
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but __nvme_alloc_host_mem could break out of the l
- CVE-2024-56755Dec 29, 2024affected < 6.4.0-150600.23.33.1fixed 6.4.0-150600.23.33.1
In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situa
- CVE-2024-56754Dec 29, 2024affected < 6.4.0-150600.23.33.1fixed 6.4.0-150600.23.33.1
In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caam_qi_shutdown() The type of the last parameter given to devm_add_action_or_reset() is "struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to "struct
- CVE-2024-56752Dec 29, 2024affected < 6.4.0-150600.23.33.1fixed 6.4.0-150600.23.33.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() When the call to gf100_grctx_generate() fails, unlock gr->fecs.mutex before returning the error. Fixes smatch warning: drivers/gpu/drm/nouveau/n
- CVE-2024-56751Dec 29, 2024affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup at device removal time in the pmtu.sh self-test: unregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6 ref_
- CVE-2024-56748Dec 29, 2024affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This i
- CVE-2024-56747Dec 29, 2024affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This
- CVE-2024-56746Dec 29, 2024affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent
- CVE-2024-56745Dec 29, 2024affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reset_method_store() memory leak In reset_method_store(), a string is allocated via kstrndup() and assigned to the local "options". options is then used in with strsep() to find spaces: while ((name
Page 102 of 209