VYPR

rpm package

suse/kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP6

pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6

Vulnerabilities (4,170)

  • CVE-2024-26759Apr 3, 2024
    affected < 6.4.0-150600.23.25.1fixed 6.4.0-150600.23.25.1

    In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0)

  • CVE-2024-26758Apr 3, 2024
    affected < 6.4.0-150600.23.14.2fixed 6.4.0-150600.23.14.2

    In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might cause sync_thread can't

  • CVE-2024-26742Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disable_managed_interrupts Correct blk-mq registration issue with module parameter disable_managed_interrupts enabled. When we turn off the default PCI_IRQ_AFFINITY flag, the driver needs t

  • CVE-2024-26741Apr 3, 2024
    affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1

    In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). syzkaller reported a warning [0] in inet_csk_destroy_sock() with no repro. WARN_ON(inet_sk(sk)->inet_num && !inet_csk(sk)->ics

  • CVE-2024-26740Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the backlog for nested calls to mirred ingress") hangs our testing VMs every 10 or so run

  • CVE-2024-26739Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcod

  • CVE-2024-26737Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel The following race is possible between bpf_timer_cancel_and_free and bpf_timer_cancel. It will lead a UAF on the timer->timer. bpf_timer_c

  • CVE-2024-26735Apr 3, 2024
    affected < 6.4.0-150600.23.22.1fixed 6.4.0-150600.23.22.1

    In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered before registering the generic netlink family.

  • CVE-2024-26734Apr 3, 2024
    affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1

    In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlink_init() The pernet operations structure for the subsystem must be registered before registering the generic netlink family. Make an unregister in

  • CVE-2024-26733Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpr

  • CVE-2024-26731Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() syzbot reported the following NULL pointer dereference issue [1]: BUG: kernel NULL pointer dereference, address: 0000000000000000

  • CVE-2023-52641Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() It is preferable to exit through the out: label because internal debugging functions are located there.

  • CVE-2023-52640Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea.

  • CVE-2024-26726Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache. assertion failed: block_start

  • CVE-2024-26714Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (like the UFS controller) loses its connection to the rest of the SoC, resulting in a hang of

  • CVE-2024-26708Apr 3, 2024
    affected < 6.4.0-150600.23.42.2fixed 6.4.0-150600.23.42.2

    In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. In my first attempt to close such race, I missed the fact that the subflow status can change a

  • CVE-2024-26704Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocat

  • CVE-2024-26703Apr 3, 2024
    affected < 6.4.0-150600.23.30.1fixed 6.4.0-150600.23.30.1

    In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimer_init to timerlat_fd open() Currently, the timerlat's hrtimer is initialized at the first read of timerlat_fd, and destroyed at close(). It works, but it causes an error if the use

  • CVE-2024-26692Apr 3, 2024
    affected < 6.4.0-150600.23.7.3fixed 6.4.0-150600.23.7.3

    In the Linux kernel, the following vulnerability has been resolved: smb: Fix regression in writes when non-standard maximum write size negotiated The conversion to netfs in the 6.3 kernel caused a regression when maximum write size is set by the server to an unexpected value wh

  • CVE-2024-26691Apr 3, 2024
    affected < 6.4.0-150600.23.17.1fixed 6.4.0-150600.23.17.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. The rule is violated by the pkvm_create_hyp_vm() which acquires the kvm->lock while alr

Page 205 of 209