VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6

Vulnerabilities (4,170)

  • CVE-2024-43883Aug 23, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver carries stale pointers to references that can still be used. Make sure that does not happen. This strictly speak

  • CVE-2024-43882HigAug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is done against the file's metadata at that moment, and on success, a file pointer

  • CVE-2024-43879MedAug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in cfg80211_calculate_bitrate_he(), leading to below warning: kernel:

  • CVE-2024-43871MedAug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_rele

  • CVE-2024-43881Aug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: change DMA direction while mapping reinjected packets For fragmented packets, ath12k reassembles each fragment as a normal packet and then reinjects it into HW ring. In this case, the DMA directio

  • CVE-2024-43880Aug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_erp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM (A-TCAM) or in the ordinary circuit TCAM (C-TCAM). The former can contain more ACLs (i.e

  • CVE-2024-43877Aug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: media: pci: ivtv: Add check for DMA map result In case DMA fails, 'dma->SG_length' is 0. This value is later used to access 'dma->SGarray[dma->SG_length - 1]', which will cause out of bounds access. Add check

  • CVE-2024-43876Aug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is

  • CVE-2024-43875Aug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Clean up error handling in vpci_scan_bus() Smatch complains about inconsistent NULL checking in vpci_scan_bus(): drivers/pci/endpoint/functions/pci-epf-vntb.c:1024 vpci_scan_bus() error: we

  • CVE-2024-43874Aug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked Fix a null pointer dereference induced by DEBUG_TEST_DRIVER_REMOVE. Return from __sev_snp_shutdown_locked() if the psp_device or the sev_d

  • CVE-2024-43873Aug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: 1. seqpacket_allow is not initialized when socket is created. Thus if features are never set, it will be read un

  • CVE-2024-43872Aug 21, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Han

  • CVE-2024-43870Aug 21, 2024
    affected < 6.4.0-150600.23.25.1fixed 6.4.0-150600.23.25.1

    In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via task_work. However failures while adding an event's callback

  • CVE-2024-43869Aug 21, 2024
    affected < 6.4.0-150600.23.53.1fixed 6.4.0-150600.23.53.1

    In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially

  • CVE-2024-43867Aug 20, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in

  • CVE-2024-43866Aug 20, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health W

  • CVE-2024-43864Aug 20, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix CT entry update leaks of modify header context The cited commit allocates a new modify header to replace the old one when updating CT entry. But if failed to allocate a new one, eg. exceed the ma

  • CVE-2024-43863Aug 20, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll->fence wait->

  • CVE-2024-43861Aug 20, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive.

  • CVE-2024-43858HigAug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree

Page 148 of 209