rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-50039 | Med | 5.5 | < 6.4.0-150600.23.33.1 | 6.4.0-150600.23.33.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCA_STAB only for root qdisc Most qdiscs maintain their backlog using qdisc_pkt_len(skb) on the assumption it is invariant between the enqueue() and dequeue() handlers. Unfortunately syzbot c | |
| CVE-2024-50035 | Hig | 7.1 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ppp: fix ppp_async_encode() illegal access syzbot reported an issue in ppp_async_encode() [1] In this case, pppoe_sendmsg() is called with a zero size. Then ppp_async_encode() is called with an empty skb. BUG | |
| CVE-2024-50033 | Hig | 7.1 | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets syzbot found that slhc_remember() was missing checks against malicious packets [1]. slhc_remember() only checked the size of the packet was at l | |
| CVE-2024-50064 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names We need to kfree() secondary algorithms names when reset zram device that had multi-streams, otherwise we leak memory. [senozhatsky@chromium.org: kfree(NULL) is legal] | ||
| CVE-2024-50063 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tail call between progs attached to different hooks bpf progs can be attached to kernel functions, and the attached functions can take different parameters or return different return values. If pro | ||
| CVE-2024-50062 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path establishment, RTRS client initiates and completes con_num of connections. After establishing all its connections, the information | ||
| CVE-2024-50061 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition In the cdns_i3c_master_probe function, &master->hj_work is bound with cdns_i3c_master_hj. And cdns_i3c_master_ | ||
| CVE-2024-50060 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: io_uring: check if we need to reschedule during overflow flush In terms of normal application usage, this list will always be empty. And if an application does overflow a bit, it'll have a few entries. However, | ||
| CVE-2024-50059 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition In the switchtec_ntb_add function, it can call switchtec_ntb_init_sndev function, then &sndev->check_link_st | ||
| CVE-2024-50056 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c Fix potential dereferencing of ERR_PTR() in find_format_by_pix() and uvc_v4l2_enum_format(). Fix the following smatch errors: drivers/usb/gadget/functio | ||
| CVE-2024-50055 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the | ||
| CVE-2024-50049 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before dereferencing se [WHAT & HOW] se is null checked previously in the same function, indicating it might be null; therefore, it must be checked when used again. This fix | ||
| CVE-2024-50048 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param { uint8_t type; struct tiocl_selection t | ||
| CVE-2024-50047 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt | ||
| CVE-2024-50042 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice echo 0 > /sys/bus/pci/devices/$PF | ||
| CVE-2024-50041 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash This patch addresses a macvlan leak issue in the i40e driver caused by concurrent access to vsi->mac_filter_hash. The leak occurs when multiple | ||
| CVE-2024-50038 | — | < 6.4.0-150600.23.50.1 | 6.4.0-150600.23.50.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780 [..] ebt_do_tab | ||
| CVE-2024-50036 | — | < 6.4.0-150600.23.42.2 | 6.4.0-150600.23.42.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: do not delay dst_entries_add() in dst_release() dst_entries_add() uses per-cpu data that might be freed at netns dismantle from ip6_route_net_exit() calling dst_entries_destroy() Before ip6_route_net_exit | ||
| CVE-2024-50031 | — | < 6.4.0-150600.23.30.1 | 6.4.0-150600.23.30.1 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running `kmscube` with one or more performance monitors enabled via `GALLIUM_HUD`, the following kernel panic can occur: [ 55.008324] Unable to ha | ||
| CVE-2024-50029 | — | < 6.4.0-150600.23.42.2 | 6.4.0-150600.23.42.2 | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync This checks if the ACL connection remains valid as it could be destroyed while hci_enhanced_setup_sync is pending on cmd_sync leading to the following tra |
- affected < 6.4.0-150600.23.33.1fixed 6.4.0-150600.23.33.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCA_STAB only for root qdisc Most qdiscs maintain their backlog using qdisc_pkt_len(skb) on the assumption it is invariant between the enqueue() and dequeue() handlers. Unfortunately syzbot c
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: ppp: fix ppp_async_encode() illegal access syzbot reported an issue in ppp_async_encode() [1] In this case, pppoe_sendmsg() is called with a zero size. Then ppp_async_encode() is called with an empty skb. BUG
- affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets syzbot found that slhc_remember() was missing checks against malicious packets [1]. slhc_remember() only checked the size of the packet was at l
- CVE-2024-50064Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names We need to kfree() secondary algorithms names when reset zram device that had multi-streams, otherwise we leak memory. [senozhatsky@chromium.org: kfree(NULL) is legal]
- CVE-2024-50063Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tail call between progs attached to different hooks bpf progs can be attached to kernel functions, and the attached functions can take different parameters or return different return values. If pro
- CVE-2024-50062Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path establishment, RTRS client initiates and completes con_num of connections. After establishing all its connections, the information
- CVE-2024-50061Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition In the cdns_i3c_master_probe function, &master->hj_work is bound with cdns_i3c_master_hj. And cdns_i3c_master_
- CVE-2024-50060Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: io_uring: check if we need to reschedule during overflow flush In terms of normal application usage, this list will always be empty. And if an application does overflow a bit, it'll have a few entries. However,
- CVE-2024-50059Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition In the switchtec_ntb_add function, it can call switchtec_ntb_init_sndev function, then &sndev->check_link_st
- CVE-2024-50056Oct 21, 2024affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c Fix potential dereferencing of ERR_PTR() in find_format_by_pix() and uvc_v4l2_enum_format(). Fix the following smatch errors: drivers/usb/gadget/functio
- CVE-2024-50055Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the
- CVE-2024-50049Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before dereferencing se [WHAT & HOW] se is null checked previously in the same function, indicating it might be null; therefore, it must be checked when used again. This fix
- CVE-2024-50048Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param { uint8_t type; struct tiocl_selection t
- CVE-2024-50047Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt
- CVE-2024-50042Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice echo 0 > /sys/bus/pci/devices/$PF
- CVE-2024-50041Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash This patch addresses a macvlan leak issue in the i40e driver caused by concurrent access to vsi->mac_filter_hash. The leak occurs when multiple
- CVE-2024-50038Oct 21, 2024affected < 6.4.0-150600.23.50.1fixed 6.4.0-150600.23.50.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780 [..] ebt_do_tab
- CVE-2024-50036Oct 21, 2024affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2
In the Linux kernel, the following vulnerability has been resolved: net: do not delay dst_entries_add() in dst_release() dst_entries_add() uses per-cpu data that might be freed at netns dismantle from ip6_route_net_exit() calling dst_entries_destroy() Before ip6_route_net_exit
- CVE-2024-50031Oct 21, 2024affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running `kmscube` with one or more performance monitors enabled via `GALLIUM_HUD`, the following kernel panic can occur: [ 55.008324] Unable to ha
- CVE-2024-50029Oct 21, 2024affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync This checks if the ACL connection remains valid as it could be destroyed while hci_enhanced_setup_sync is pending on cmd_sync leading to the following tra
Page 125 of 209