VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6

Vulnerabilities (4,170)

  • CVE-2024-56595Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree When the value of lp is 0 at the beginning of the for loop, it will become negative in the next assignment and we should bail out.

  • CVE-2024-56594Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: set the right AMDGPU sg segment limitation The driver needs to set the correct max_segment_size; otherwise debug_dma_map_sg() will complain about the over-mapping of the AMDGPU sg length as followin

  • CVE-2024-56593Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sd_sgentry_align' value applies (e.g. 512

  • CVE-2024-56592Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Call free_htab_elem() after htab_unlock_bucket() For htab of maps, when the map is removed from the htab, it may hold the last reference of the map. bpf_map_fd_put_ptr() will invoke bpf_map_free_id() to fr

  • CVE-2024-56590Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet This fixes not checking if skb really contains an ACL header otherwise the code may attempt to access some uninitilized/invalid memory past

  • CVE-2024-56589Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Add cond_resched() for no forced preemption model For no forced preemption model kernel, in the scenario where the expander is connected to 12 high performance SAS SSDs, the following call trace

  • CVE-2024-56588Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Create all dump files during debugfs initialization For the current debugfs of hisi_sas, after user triggers dump, the driver allocate memory space to save the register information and create de

  • CVE-2024-56587Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: leds: class: Protect brightness_show() with led_cdev->led_access mutex There is NULL pointer issue observed if from Process A where hid device being added which results in adding a led_cdev addition and later a

  • CVE-2024-56582Dec 27, 2024
    affected < 6.4.0-150600.23.33.1fixed 6.4.0-150600.23.33.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the following use-after free that sometimes is happening in our CI system when running fstests' btrfs/284 on a TCMU runner device:

  • CVE-2024-56579Dec 27, 2024
    affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2

    In the Linux kernel, the following vulnerability has been resolved: media: amphion: Set video drvdata before register video device The video drvdata should be set before the video device is registered, otherwise video_drvdata() may return NULL in the open() file ops, and led to

  • CVE-2024-56578Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Set video drvdata before register video device The video drvdata should be set before the video device is registered, otherwise video_drvdata() may return NULL in the open() file ops, and led t

  • CVE-2024-56577Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix null-ptr-deref during unload module The workqueue should be destroyed in mtk_jpeg_core.c since commit 09aea13ecf6f ("media: mtk-jpeg: refactor some variables"), otherwise the below calltrac

  • CVE-2024-56576Dec 27, 2024
    affected < 6.4.0-150600.23.33.1fixed 6.4.0-150600.23.33.1

    In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe() function, we should remove the polling timer that was alarmed earlier, otherwise the timer is called

  • CVE-2024-56575Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers be suspended before detach them The power suppliers are always requested to suspend asynchronously, dev_pm_domain_detach() requires the caller to ensure proper synchroniz

  • CVE-2024-56574Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: media: ts2020: fix null-ptr-deref in ts2020_probe() KASAN reported a null-ptr-deref issue when executing the following command: # echo ts2020 0x20 > /sys/bus/i2c/devices/i2c-0/new_device KASAN: null-ptr-

  • CVE-2024-56573Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdline_ptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation tha

  • CVE-2024-56572Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() The buffer in the loop should be released under the exception path, otherwise there may be a memory leak here. To mitigate

  • CVE-2024-56570Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function. This is important because such

  • CVE-2024-56569Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix regression with module command in stack_trace_filter When executing the following command: # echo "write*:mod:ext3" > /sys/kernel/tracing/stack_trace_filter The current mod command causes a nu

  • CVE-2024-56568Dec 27, 2024
    affected < 6.4.0-150600.23.38.1fixed 6.4.0-150600.23.38.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Defer probe of clients after smmu device bound Null pointer dereference occurs due to a race between smmu driver probe and client driver probe, when of_dma_configure() for client is called after

Page 108 of 209