rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-50154 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc | ||
| CVE-2024-50152 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. 1304 | kfree(ea); | ^~~~~ | ||
| CVE-2024-50147 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGE_PAGES. In additio | ||
| CVE-2024-50146 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5e_netdev_change_profile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not c | ||
| CVE-2024-50145 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx() build_skb() returns NULL in case of a memory allocation failure so handle it inside __octep_oq_process_rx() to avoid NULL pointer deref | ||
| CVE-2024-50143 | — | < 6.4.0-150600.23.33.1 | 6.4.0-150600.23.33.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch repro | ||
| CVE-2024-50141 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is f | ||
| CVE-2024-50140 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_mm_cid() may cause the following splat. [ 63.696416] BUG: sleeping function c | ||
| CVE-2024-50139 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 7, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host kernel. UBSAN: shift-out-of-bounds in arch/arm64/kvm/sys_regs.c:1988:14 shift expon | ||
| CVE-2024-50134 | Med | 5.5 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a "memcpy: detected field-spanning write | |
| CVE-2024-50131 | Hig | 7.8 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no | |
| CVE-2024-50127 | Hig | 7.8 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre | |
| CVE-2024-50121 | Hig | 7.8 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net In the normal case, when we excute `echo 0 > /proc/fs/nfsd/threads`, the function `nfs4_state_destroy_net` in `nfs4_state_shutdown_net` | |
| CVE-2024-50095 | Med | 5.5 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no. | |
| CVE-2024-50138 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Use raw_spinlock_t in ringbuf The function __bpf_ringbuf_reserve is invoked from a tracepoint, which disables preemption. Using spinlock_t in this context can lead to a "sleep in atomic" warning in the RT | ||
| CVE-2024-50136 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister notifier on eswitch init failure It otherwise remains registered and a subsequent attempt at eswitch enabling might trigger warnings of the sort: [ 682.589148] ------------[ cut here ]--- | ||
| CVE-2024-50135 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, therefore nvme_pci_update_nr_queues() should avoid racing against it, otherwise we cou | ||
| CVE-2024-50130 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read of size 8 at addr ffff8880106fe400 by task repro/72= bpf_nf_link_release+0xda/0x | ||
| CVE-2024-50128 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as | ||
| CVE-2024-50126 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm6 |
- CVE-2024-50154Nov 7, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tc
- CVE-2024-50152Nov 7, 2024affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. 1304 | kfree(ea); | ^~~~~
- CVE-2024-50147Nov 7, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGE_PAGES. In additio
- CVE-2024-50146Nov 7, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5e_netdev_change_profile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not c
- CVE-2024-50145Nov 7, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx() build_skb() returns NULL in case of a memory allocation failure so handle it inside __octep_oq_process_rx() to avoid NULL pointer deref
- CVE-2024-50143Nov 7, 2024affected < 6.4.0-150600.23.33.1fixed 6.4.0-150600.23.33.1
In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch repro
- CVE-2024-50141Nov 7, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is f
- CVE-2024-50140Nov 7, 2024affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_mm_cid() may cause the following splat. [ 63.696416] BUG: sleeping function c
- CVE-2024-50139Nov 7, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host kernel. UBSAN: shift-out-of-bounds in arch/arm64/kvm/sys_regs.c:1988:14 shift expon
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a "memcpy: detected field-spanning write
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->curre
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net In the normal case, when we excute `echo 0 > /proc/fs/nfsd/threads`, the function `nfs4_state_destroy_net` in `nfs4_state_shutdown_net`
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no.
- CVE-2024-50138Nov 5, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Use raw_spinlock_t in ringbuf The function __bpf_ringbuf_reserve is invoked from a tracepoint, which disables preemption. Using spinlock_t in this context can lead to a "sleep in atomic" warning in the RT
- CVE-2024-50136Nov 5, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister notifier on eswitch init failure It otherwise remains registered and a subsequent attempt at eswitch enabling might trigger warnings of the sort: [ 682.589148] ------------[ cut here ]---
- CVE-2024-50135Nov 5, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, therefore nvme_pci_update_nr_queues() should avoid racing against it, otherwise we cou
- CVE-2024-50130Nov 5, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read of size 8 at addr ffff8880106fe400 by task repro/72= bpf_nf_link_release+0xda/0x
- CVE-2024-50128Nov 5, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as
- CVE-2024-50126Nov 5, 2024affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm6
Page 122 of 209