rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-43883 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver carries stale pointers to references that can still be used. Make sure that does not happen. This strictly speak | ||
| CVE-2024-43882 | Hig | 7.0 | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer | |
| CVE-2024-43879 | Med | 5.5 | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in cfg80211_calculate_bitrate_he(), leading to below warning: kernel: | |
| CVE-2024-43871 | Med | 5.5 | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_rele | |
| CVE-2024-43881 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: change DMA direction while mapping reinjected packets For fragmented packets, ath12k reassembles each fragment as a normal packet and then reinjects it into HW ring. In this case, the DMA directio | ||
| CVE-2024-43880 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM (A-TCAM) or in the ordinary circuit TCAM (C-TCAM). The former can contain more ACLs (i.e | ||
| CVE-2024-43877 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: pci: ivtv: Add check for DMA map result In case DMA fails, 'dma->SG_length' is 0. This value is later used to access 'dma->SGarray[dma->SG_length - 1]', which will cause out of bounds access. Add check | ||
| CVE-2024-43876 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is | ||
| CVE-2024-43875 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpci_scan_bus() Smatch complains about inconsistent NULL checking in vpci_scan_bus(): drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpci_scan_bus() error: we | ||
| CVE-2024-43874 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked Fix a null pointer dereference induced by DEBUG_TEST_DRIVER_REMOVE. Return from __sev_snp_shutdown_locked() if the psp_device or the sev_d | ||
| CVE-2024-43873 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never set, it will be read un | ||
| CVE-2024-43872 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Han | ||
| CVE-2024-43870 | — | < 6.4.0-150600.23.25.1 | 6.4.0-150600.23.25.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via task_work. However failures while adding an event's callback | ||
| CVE-2024-43869 | — | < 6.4.0-150600.23.53.1 | 6.4.0-150600.23.53.1 | Aug 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially | ||
| CVE-2024-43867 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in | ||
| CVE-2024-43866 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health W | ||
| CVE-2024-43864 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix CT entry update leaks of modify header context The cited commit allocates a new modify header to replace the old one when updating CT entry. But if failed to allocate a new one, eg. exceed the ma | ||
| CVE-2024-43863 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll->fence wait-> | ||
| CVE-2024-43861 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive. | ||
| CVE-2024-43858 | Hig | 7.8 | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree |
- CVE-2024-43883Aug 23, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver carries stale pointers to references that can still be used. Make sure that does not happen. This strictly speak
- affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer
- affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in cfg80211_calculate_bitrate_he(), leading to below warning: kernel:
- affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_rele
- CVE-2024-43881Aug 21, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: change DMA direction while mapping reinjected packets For fragmented packets, ath12k reassembles each fragment as a normal packet and then reinjects it into HW ring. In this case, the DMA directio
- CVE-2024-43880Aug 21, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM (A-TCAM) or in the ordinary circuit TCAM (C-TCAM). The former can contain more ACLs (i.e
- CVE-2024-43877Aug 21, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: media: pci: ivtv: Add check for DMA map result In case DMA fails, 'dma->SG_length' is 0. This value is later used to access 'dma->SGarray[dma->SG_length - 1]', which will cause out of bounds access. Add check
- CVE-2024-43876Aug 21, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is
- CVE-2024-43875Aug 21, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpci_scan_bus() Smatch complains about inconsistent NULL checking in vpci_scan_bus(): drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpci_scan_bus() error: we
- CVE-2024-43874Aug 21, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked Fix a null pointer dereference induced by DEBUG_TEST_DRIVER_REMOVE. Return from __sev_snp_shutdown_locked() if the psp_device or the sev_d
- CVE-2024-43873Aug 21, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never set, it will be read un
- CVE-2024-43872Aug 21, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Han
- CVE-2024-43870Aug 21, 2024affected < 6.4.0-150600.23.25.1fixed 6.4.0-150600.23.25.1
In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via task_work. However failures while adding an event's callback
- CVE-2024-43869Aug 21, 2024affected < 6.4.0-150600.23.53.1fixed 6.4.0-150600.23.53.1
In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially
- CVE-2024-43867Aug 20, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in
- CVE-2024-43866Aug 20, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health W
- CVE-2024-43864Aug 20, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix CT entry update leaks of modify header context The cited commit allocates a new modify header to replace the old one when updating CT entry. But if failed to allocate a new one, eg. exceed the ma
- CVE-2024-43863Aug 20, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll->fence wait->
- CVE-2024-43861Aug 20, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.
- affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree
Page 148 of 209