rpm package
suse/kernel-default&distro=SUSE Linux Enterprise Live Patching 12 SP5
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
Vulnerabilities (3,305)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-27043 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio | ||
| CVE-2023-52650 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for of_find_device_by_node Add check for the return value of of_find_device_by_node() and return the error if it fails in order to avoid NULL pointer dereference. | ||
| CVE-2024-27020 | Hig | 7.0 | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions li | |
| CVE-2024-27013 | Med | 5.5 | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. Whe | |
| CVE-2024-26993 | Med | 5.5 | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfs_break_active_protection() The sysfs_break_active_protection() routine has an obvious reference leak in its error path. If the call to kernfs_find_and_get() fails then kn | |
| CVE-2024-26982 | Hig | 7.1 | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fill_meta_index(). That out of bounds access is ultimately caused because the inode has an in | |
| CVE-2024-26974 | Hig | 7.0 | < 4.12.14-122.269.1 | 4.12.14-122.269.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery During the PCI AER system's error recovery process, the kernel driver may encounter a race condition with freeing the reset_data structure's memory. If t | |
| CVE-2024-26973 | Med | 5.5 | < 4.12.14-122.222.1 | 4.12.14-122.222.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must | |
| CVE-2024-26958 | Hig | 7.8 | < 4.12.14-122.219.1 | 4.12.14-122.219.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at | |
| CVE-2024-26935 | Med | 5.5 | < 4.12.14-122.293.1 | 4.12.14-122.293.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a | |
| CVE-2024-26934 | Hig | 7.8 | < 4.12.14-122.219.1 | 4.12.14-122.219.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interface_authorized_store() function is the only one which acquires a device l | |
| CVE-2024-27019 | — | < 4.12.14-122.225.1 | 4.12.14-122.225.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in _ | ||
| CVE-2024-27014 | — | < 4.12.14-122.216.1 | 4.12.14-122.216.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end if | ||
| CVE-2024-27011 | — | < 4.12.14-122.228.1 | 4.12.14-122.228.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abor | ||
| CVE-2024-27010 | — | < 4.12.14-122.261.1 | 4.12.14-122.261.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [..... | ||
| CVE-2024-27008 | — | < 4.12.14-122.219.1 | 4.12.14-122.219.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or) | ||
| CVE-2024-26996 | — | < 4.12.14-122.219.1 | 4.12.14-122.219.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, eth_stop() is called. At this piont, accidentally if usb t | ||
| CVE-2024-26984 | — | < 4.12.14-122.219.1 | 4.12.14-122.219.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, ad | ||
| CVE-2024-26976 | — | < 4.12.14-122.244.1 | 4.12.14-122.244.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed | ||
| CVE-2024-26957 | — | < 4.12.14-122.219.1 | 4.12.14-122.219.1 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcrypt_card. The |
- CVE-2024-27043May 1, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio
- CVE-2023-52650May 1, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for of_find_device_by_node Add check for the return value of of_find_device_by_node() and return the error if it fails in order to avoid NULL pointer dereference.
- affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions li
- affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. Whe
- affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfs_break_active_protection() The sysfs_break_active_protection() routine has an obvious reference leak in its error path. If the call to kernfs_find_and_get() fails then kn
- affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fill_meta_index(). That out of bounds access is ultimately caused because the inode has an in
- affected < 4.12.14-122.269.1fixed 4.12.14-122.269.1
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery During the PCI AER system's error recovery process, the kernel driver may encounter a race condition with freeing the reset_data structure's memory. If t
- affected < 4.12.14-122.222.1fixed 4.12.14-122.222.1
In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must
- affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1
In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at
- affected < 4.12.14-122.293.1fixed 4.12.14-122.293.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a
- affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interface_authorized_store() function is the only one which acquires a device l
- CVE-2024-27019May 1, 2024affected < 4.12.14-122.225.1fixed 4.12.14-122.225.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in _
- CVE-2024-27014May 1, 2024affected < 4.12.14-122.216.1fixed 4.12.14-122.216.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end if
- CVE-2024-27011May 1, 2024affected < 4.12.14-122.228.1fixed 4.12.14-122.228.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abor
- CVE-2024-27010May 1, 2024affected < 4.12.14-122.261.1fixed 4.12.14-122.261.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [.....
- CVE-2024-27008May 1, 2024affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1
In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or)
- CVE-2024-26996May 1, 2024affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, eth_stop() is called. At this piont, accidentally if usb t
- CVE-2024-26984May 1, 2024affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1
In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, ad
- CVE-2024-26976May 1, 2024affected < 4.12.14-122.244.1fixed 4.12.14-122.244.1
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed
- CVE-2024-26957May 1, 2024affected < 4.12.14-122.219.1fixed 4.12.14-122.219.1
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcrypt_card. The
Page 120 of 166