rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-50235 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network | ||
| CVE-2024-50234 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlegacy: Clear stale interrupts before resuming device iwl4965 fails upon resume from hibernation on my laptop. The reason seems to be a stale interrupt which isn't being cleared out before interrupts ar | ||
| CVE-2024-50233 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_ca | ||
| CVE-2024-50232 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() In the ad7124_write_raw() function, parameter val can potentially be zero. This may lead to a division by zero when DIV_ROUND_CLOSEST() is call | ||
| CVE-2024-50231 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() modprobe iio-test-gts and rmmod it, then the following memory leak occurs: unreferenced object 0xffffff80c810be00 (size 64): comm "kun | ||
| CVE-2024-50230 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which | ||
| CVE-2024-50229 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that page_symlink(), called by nilfs_symlink(), triggers memory reclamation involving the filesystem layer, which can result in circula | ||
| CVE-2024-50225 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix error propagation of split bios The purpose of btrfs_bbio_propagate_error() shall be propagating an error of split bio to its original btrfs_bio, and tell the error to the upper layer. However, it's | ||
| CVE-2024-50224 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix crash when not using GPIO chip select Add check for the return value of spi_get_csgpiod() to avoid passing a NULL pointer to gpiod_direction_output(), preventing a crash when GPIO chip se | ||
| CVE-2024-50223 | — | < 6.4.0-150600.23.53.1 | 6.4.0-150600.23.53.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: sched/numa: Fix the potential null pointer dereference in task_numa_work() When running stress-ng-vm-segv test, we found a null pointer dereference error in task_numa_work(). Here is the backtrace: [323676.0 | ||
| CVE-2024-50221 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangogh_tables_init() is not large enough for the memset done in smu_cmn_init_soft_gpu_metrics(). | ||
| CVE-2024-50218 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow Syzbot reported a kernel BUG in ocfs2_truncate_inline. There are two reasons for this: first, the parameter value passed is greater than ocfs2_max_inline | ||
| CVE-2024-50216 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfs_filestream_pick_ag When the main loop in xfs_filestream_pick_ag fails to find a suitable AG it tries to just pick the online AG. But the loop for that uses args->pag as | ||
| CVE-2024-50215 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup() for the same controller. So it's better to nullify it after release on error pat | ||
| CVE-2024-50210 | Med | 5.5 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the clockid's fd, and get the clk->rwsem read lock, so the error path should release the | |
| CVE-2024-50205 | Med | 5.5 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check be | |
| CVE-2024-50188 | Med | 5.5 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit number (10). | |
| CVE-2024-50211 | — | < 6.4.0-150600.23.33.1 | 6.4.0-150600.23.33.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now detect errors and bail out ea | ||
| CVE-2024-50209 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Add a check for memory allocation __alloc_pbl() can return error when memory allocation fails. Driver is not checking the status on one of the instances. | ||
| CVE-2024-50208 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. There will be a single PDE page address (co |
- CVE-2024-50235Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network
- CVE-2024-50234Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlegacy: Clear stale interrupts before resuming device iwl4965 fails upon resume from hibernation on my laptop. The reason seems to be a stale interrupt which isn't being cleared out before interrupts ar
- CVE-2024-50233Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_ca
- CVE-2024-50232Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() In the ad7124_write_raw() function, parameter val can potentially be zero. This may lead to a division by zero when DIV_ROUND_CLOSEST() is call
- CVE-2024-50231Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() modprobe iio-test-gts and rmmod it, then the following memory leak occurs: unreferenced object 0xffffff80c810be00 (size 64): comm "kun
- CVE-2024-50230Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which
- CVE-2024-50229Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that page_symlink(), called by nilfs_symlink(), triggers memory reclamation involving the filesystem layer, which can result in circula
- CVE-2024-50225Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix error propagation of split bios The purpose of btrfs_bbio_propagate_error() shall be propagating an error of split bio to its original btrfs_bio, and tell the error to the upper layer. However, it's
- CVE-2024-50224Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix crash when not using GPIO chip select Add check for the return value of spi_get_csgpiod() to avoid passing a NULL pointer to gpiod_direction_output(), preventing a crash when GPIO chip se
- CVE-2024-50223Nov 9, 2024affected < 6.4.0-150600.23.53.1fixed 6.4.0-150600.23.53.1
In the Linux kernel, the following vulnerability has been resolved: sched/numa: Fix the potential null pointer dereference in task_numa_work() When running stress-ng-vm-segv test, we found a null pointer dereference error in task_numa_work(). Here is the backtrace: [323676.0
- CVE-2024-50221Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangogh_tables_init() is not large enough for the memset done in smu_cmn_init_soft_gpu_metrics().
- CVE-2024-50218Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow Syzbot reported a kernel BUG in ocfs2_truncate_inline. There are two reasons for this: first, the parameter value passed is greater than ocfs2_max_inline
- CVE-2024-50216Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfs_filestream_pick_ag When the main loop in xfs_filestream_pick_ag fails to find a suitable AG it tries to just pick the online AG. But the loop for that uses args->pag as
- CVE-2024-50215Nov 9, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup() for the same controller. So it's better to nullify it after release on error pat
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the clockid's fd, and get the clk->rwsem read lock, so the error path should release the
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check be
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit number (10).
- CVE-2024-50211Nov 8, 2024affected < 6.4.0-150600.23.33.1fixed 6.4.0-150600.23.33.1
In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now detect errors and bail out ea
- CVE-2024-50209Nov 8, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Add a check for memory allocation __alloc_pbl() can return error when memory allocation fails. Driver is not checking the status on one of the instances.
- CVE-2024-50208Nov 8, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. There will be a single PDE page address (co
Page 119 of 209