VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6

Vulnerabilities (4,170)

  • CVE-2024-42283MedAug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. This can be observed e.g. with strace (e

  • CVE-2024-42281MedAug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() later when the skb is segmented as described in [1,2].

  • CVE-2024-42276MedAug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition to avoid dereference.

  • CVE-2024-42265MedAug 17, 2024
    affected < 6.4.0-150600.23.25.1fixed 6.4.0-150600.23.25.1

    In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec

  • CVE-2024-42322Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression

  • CVE-2024-42320Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails. However, two callsites in dasd_copy_pair_store() do not check the result, potenti

  • CVE-2024-42319Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() When mtk-cmdq unbinds, a WARN_ON message with condition pm_runtime_get_sync() < 0 occurs. According to the call tracei bel

  • CVE-2024-42318Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on cred_transfer When a process' cred struct is replaced, this _almost_ always invokes the cred_prepare LSM hook; but in one special case (when KEYCTL_SESSION_TO_PAREN

  • CVE-2024-42316Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressure_calc_level() evict_folios() uses a second pass to reclaim folios that have gone through page writeback and become clean before it finishes the first pass, since folio_rot

  • CVE-2024-42315Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set. The problem is that the bh-array is all

  • CVE-2024-42314Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix extent map use-after-free when adding pages to compressed bio At add_ra_bio_pages() we are accessing the extent map to calculate 'add_size' after we dropped our reference on the extent map, resulting

  • CVE-2024-42313Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part

  • CVE-2024-42311Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ==================================

  • CVE-2024-42310Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on

  • CVE-2024-42309Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer deref

  • CVE-2024-42307Aug 17, 2024
    affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assume

  • CVE-2024-42303Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() devm_regmap_init_mmio() can fail, add a check and bail out in case of error.

  • CVE-2024-42301Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below i

  • CVE-2024-42298Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value.

  • CVE-2024-42295Aug 17, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfs_btnode_create_block() Syzbot reported that a buffer state inconsistency was detected in nilfs_btnode_create_block(), triggering a kernel bug. It is not appropriate to

Page 151 of 209