rpm package
suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6
Vulnerabilities (4,170)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-42283 | Med | 5.5 | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. This can be observed e.g. with strace (e | |
| CVE-2024-42281 | Med | 5.5 | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() later when the skb is segmented as described in [1,2]. | |
| CVE-2024-42276 | Med | 5.5 | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition to avoid dereference. | |
| CVE-2024-42265 | Med | 5.5 | < 6.4.0-150600.23.25.1 | 6.4.0-150600.23.25.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec | |
| CVE-2024-42322 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression | ||
| CVE-2024-42320 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails. However, two callsites in dasd_copy_pair_store() do not check the result, potenti | ||
| CVE-2024-42319 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() When mtk-cmdq unbinds, a WARN_ON message with condition pm_runtime_get_sync() < 0 occurs. According to the call tracei bel | ||
| CVE-2024-42318 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on cred_transfer When a process' cred struct is replaced, this _almost_ always invokes the cred_prepare LSM hook; but in one special case (when KEYCTL_SESSION_TO_PAREN | ||
| CVE-2024-42316 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressure_calc_level() evict_folios() uses a second pass to reclaim folios that have gone through page writeback and become clean before it finishes the first pass, since folio_rot | ||
| CVE-2024-42315 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set. The problem is that the bh-array is all | ||
| CVE-2024-42314 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix extent map use-after-free when adding pages to compressed bio At add_ra_bio_pages() we are accessing the extent map to calculate 'add_size' after we dropped our reference on the extent map, resulting | ||
| CVE-2024-42313 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part | ||
| CVE-2024-42311 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ================================== | ||
| CVE-2024-42310 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on | ||
| CVE-2024-42309 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer deref | ||
| CVE-2024-42307 | — | < 6.4.0-150600.23.47.2 | 6.4.0-150600.23.47.2 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assume | ||
| CVE-2024-42303 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() devm_regmap_init_mmio() can fail, add a check and bail out in case of error. | ||
| CVE-2024-42301 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below i | ||
| CVE-2024-42298 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. | ||
| CVE-2024-42295 | — | < 6.4.0-150600.23.22.1 | 6.4.0-150600.23.22.1 | Aug 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfs_btnode_create_block() Syzbot reported that a buffer state inconsistency was detected in nilfs_btnode_create_block(), triggering a kernel bug. It is not appropriate to |
- affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. This can be observed e.g. with strace (e
- affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() later when the skb is segmented as described in [1,2].
- affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition to avoid dereference.
- affected < 6.4.0-150600.23.25.1fixed 6.4.0-150600.23.25.1
In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being spec
- CVE-2024-42322Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression
- CVE-2024-42320Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocation fails. However, two callsites in dasd_copy_pair_store() do not check the result, potenti
- CVE-2024-42319Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() When mtk-cmdq unbinds, a WARN_ON message with condition pm_runtime_get_sync() < 0 occurs. According to the call tracei bel
- CVE-2024-42318Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on cred_transfer When a process' cred struct is replaced, this _almost_ always invokes the cred_prepare LSM hook; but in one special case (when KEYCTL_SESSION_TO_PAREN
- CVE-2024-42316Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressure_calc_level() evict_folios() uses a second pass to reclaim folios that have gone through page writeback and become clean before it finishes the first pass, since folio_rot
- CVE-2024-42315Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set When accessing a file with more entries than ES_MAX_ENTRY_NUM, the bh-array is allocated in __exfat_get_entry_set. The problem is that the bh-array is all
- CVE-2024-42314Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix extent map use-after-free when adding pages to compressed bio At add_ra_bio_pages() we are accessing the extent map to calculate 'add_size' after we dropped our reference on the extent map, resulting
- CVE-2024-42313Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part
- CVE-2024-42311Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below: loop0: detected capacity change from 0 to 64 ==================================
- CVE-2024-42310Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on
- CVE-2024-42309Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer deref
- CVE-2024-42307Aug 17, 2024affected < 6.4.0-150600.23.47.2fixed 6.4.0-150600.23.47.2
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assume
- CVE-2024-42303Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() devm_regmap_init_mmio() can fail, add a check and bail out in case of error.
- CVE-2024-42301Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below i
- CVE-2024-42298Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value.
- CVE-2024-42295Aug 17, 2024affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfs_btnode_create_block() Syzbot reported that a buffer state inconsistency was detected in nilfs_btnode_create_block(), triggering a kernel bug. It is not appropriate to
Page 151 of 209