suse/kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

Vulnerabilities (2,318)

• CVE-2024-53125Dec 4, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: bpf: sync_linked_regs() must preserve subreg_def Range propagation must not affect subreg_def marks, otherwise the following example is rewritten by verifier incorrectly when BPF_F_TEST_RND_HI32 flag is set:

• CVE-2024-53124MedDec 2, 2024
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules

• CVE-2024-53122Dec 2, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing rec

• CVE-2024-53121Dec 2, 2024
  affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and

• CVE-2024-53120Dec 2, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add() callback returns error, zone_rule->attr is used uninitiated. Fix it to use attr which h

• CVE-2024-53119Dec 2, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix accept_queue memory leak As the final stages of socket destruction may be delayed, it is possible that virtio_transport_recv_listen() will be called after the accept_queue has been flushed, bu

• CVE-2024-53114Dec 2, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is reported to be a cause of a rando

• CVE-2024-53113Dec 2, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof We triggered a NULL pointer dereference for ac.preferred_zoneref->zone in alloc_pages_bulk_noprof() when the task is migrated between cpusets. When c

• CVE-2024-53112Dec 2, 2024
  affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1

  In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_tra

• CVE-2024-53104KEVDec 2, 2024
  affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1

  In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

• CVE-2024-53103Dec 2, 2024
  affected < 5.14.21-150500.55.94.1fixed 5.14.21-150500.55.94.1

  In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This i

• CVE-2024-53101MedNov 25, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initiali

• CVE-2024-8805Nov 22, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific

• CVE-2024-53095Nov 21, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. [0] The workload runs on Kubernetes, and some pods mount CIFS s

• CVE-2024-53093Nov 21, 2024
  affected < 5.14.21-150500.55.121.2fixed 5.14.21-150500.55.121.2

  In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work context. If a path error occurs here, the IO will wait until a path becomes availa

• CVE-2024-53090Nov 21, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst holding the ->notify_lock, but it tries to take a ref on the afs_call struct in

• CVE-2024-53057HigNov 19, 2024
  affected < 5.14.21-150500.55.116.1fixed 5.14.21-150500.55.116.1

  In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create

• CVE-2024-53072Nov 19, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amd_pmc module as: amd_pmc enable_stb=1 ...can result in the following messages in the kernel ring buffer: amd_pmc AMDI0009:00: SMU

• CVE-2024-53064Nov 19, 2024
  affected < 5.14.21-150500.55.91.1fixed 5.14.21-150500.55.91.1

  In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to comp

• CVE-2024-53063Nov 19, 2024
  affected < 5.14.21-150500.55.100.1fixed 5.14.21-150500.55.100.1

  In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_