VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6

Vulnerabilities (4,170)

  • CVE-2024-27017May 1, 2024
    affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view

  • CVE-2024-27016May 1, 2024
    affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Validate it once before the flowtable lookup, then use a helper function to access p

  • CVE-2024-27015May 1, 2024
    affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mism

  • CVE-2024-27014May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end if

  • CVE-2024-27012May 1, 2024
    affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort path, nft_mapelem_activate() needs to restore refcounters to the original state. Currently, it uses the set->ops->walk() to iterate ov

  • CVE-2024-27011May 1, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abor

  • CVE-2024-27010May 1, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [.....

  • CVE-2024-27008May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or)

  • CVE-2024-27003May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree for clk_summary Similar to the previous commit, we should make sure that all devices are runtime resumed before printing the clk_summary through debugfs. Failure to do so

  • CVE-2024-27002May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Do a runtime PM get on controllers during probe mt8183-mfgcfg has a mutual dependency with genpd during the probing stage, which leads to a deadlock in the following call stack: CPU0: genpd_loc

  • CVE-2024-27001May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking implemented, some things can fall through the cracks. Depending on the hardware model, URBs can have either bulk or in

  • CVE-2024-27000May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the B

  • CVE-2024-26999May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: serial/pmac_zilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but it turns out that you get a crash anyway if you're

  • CVE-2024-26997May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow.

  • CVE-2024-26996May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, eth_stop() is called. At this piont, accidentally if usb t

  • CVE-2024-26995May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Correct the PDO counting in pd_set Off-by-one errors happen because nr_snk_pdo and nr_src_pdo are incorrectly added one. The index of the loop is equal to the number of PDOs to be updated when

  • CVE-2024-26994May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crash on very long word In case a console is set up really large and contains a really long word (> 256 characters), we have to stop before the length of the word buffer.

  • CVE-2024-26992May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS, as KVM's implementation is architecturally broken without an obvious/easy path forward, and because exposing adaptive

  • CVE-2024-26991May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes Fix KVM_SET_MEMORY_ATTRIBUTES to not overflow lpage_info array and trigger KASAN splat, as seen in the private_mem_conversions_test selftest

  • CVE-2024-26990May 1, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status Check kvm_mmu_page_ad_need_write_protect() when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU

Page 199 of 209